Blog Post

Cybersecurity challenges of self-driving cars: How can machine learning help?

  • Samaneh Mahdavifar
  • published date: 2020-05-18 23:40:49

Introduction

 

It is 2020 and unlike predictions and announcements, self-driving cars (autonomous vehicles) are not still on the road. Despite many struggles of leading automakers, such as Tesla and Waymo, self-driving cars are not yet deemed to be perfect and safe. Some collisions that occurred over the past few years have made the consumers worried and raised concerns about the safety of this technology. Deloitte consulting firm acknowledged in its 2019 report that “Consumers’ perception about the safety of self-driving vehicles hasn’t improved over the last year”. Thus, the numerous efforts done by the manufacturers have ended up with partially-autonomous vehicles where the driver can take control of the car at any time.

Almost all self-driving cars take in a wide range of sensory information from their surroundings and process the inputs using complex algorithms. A software then interprets the information and sends instructions to the vehicle’s actuators to steer the vehicle, follow traffic rules, and identify obstacles. Some examples of the techniques employed in self-driving cars include LIDAR, GPS, computer vision, odometry, sonar, etc.

Cybersecurity issues

When it comes to autonomous vehicles, a chief concern is the cybersecurity issues that hinder the full-fledged adoption of self-driving cars. A research conducted by Upstream indicates a 300% increase in automotive cyber incidents in Q1 2019. In recent research by Michigan State University, a popular criminal justice theory was applied to smart vehicles, and a set of recommendations were provided to minimize the potential cyber risks and improve safety.

In 2015, Charlie Miller and Chris Valasek showed how to remotely hack and sabotage a Jeep Cherokee on the highway using an internet connection. This was done through a cellular connection to the Jeep’s entertainment system that lets hackers send commands to its dashboard functions. They have also conducted experiments on other types of vehicles (e.g. Toyota Prius, Ford Escape) with a wired or over-the-internet access and demonstrated that a hacker can physically control some aspects of a car and disable/activate a set of functions like steering, braking, windshield wipers, and transmission.

https://youtu.be/MK0SrxBC1xs

Charlie and Chris exploited vulnerabilities of a few features controlled by the on-board chips of standard cars, e.g., Jeep’s cruise control to accelerate or Toyota’s collision avoidance system to apply brakes. Imagine how catastrophic the result would be if a fully-autonomous car is hacked where all functions are controlled by a computer.

Malicious commands can infiltrate modern cars through technologies like the USB port, Bluetooth, and even keyless entry remote or they could come from another vehicle through vehicle-to-vehicle (V2V) communications. V2V communication is a new feature introduced in today’s vehicles that allow vehicles to communicate with each other on data about weather information, traffic flow, road conditions, or route direction.

The researchers at the University of Michigan have been recently working on adapting existing threat models (National Highway Traffic Safety Administration (NHTSA) and the European Commission’s E-safety Vehicle Intrusion Protected Applications (EVITA)) to identify potential threats to automated applications and assess the level of risk associated to them. They believe that the automotive industry should move forward to develop standard risk assessment approaches to expedite manufacturing scalable security solutions for self-driving cars.

How can machine learning help?

Machine learning algorithms have played an essential role in solving various problems arising in manufacturing self-driving cars to date; so why not be employed for the security aspects of self-driving cars?

To start off with designing any machine learning model in any application, we need to collect and store the required data. Automotive data are often continuously produced, captured, and sent to a cloud for rapid storage/retrieval, analysis, and decision-making. This large volume of user logs can then be used by anomaly detection techniques for identifying malicious activities. Finally, based on the type of exploit, the attack could be prevented or mitigated by alerting the driver.

A malicious activity could be an unusual communication behavior, malware infiltration, or abnormal commands like a change to parking mode while driving with high speed on a highway.

There is a wide variety of unsupervised machine learning techniques for anomaly detection such as density-based, clustering-based, support vector machine-based, that could be applied to accurately detect anomalies and differentiate a “malicious exploit from normal driving behavior”.

By analyzing incoming data from other vehicles or third parties through an internet connection in a real-time fashion, the vehicle can stop any potential attack or alert the driver in milliseconds.

It is worth mentioning that the vehicle’s communication system deals with a limited range of input data, unlike the standard computer network that accepts a variety of user inputs. So the behavior of a vehicular network is more predictable compared with a standard computer network.

Conclusion

Regardless of the efforts that have paved the way toward more secure autonomous cars, designing an intrusion-detection system for vehicles is still at an infancy stage.

One of the technologies that the industries can take advantage of is cloud computing to transmit, store, and retrieve automotive data. Since we are dealing with embedded computers with limited computational capabilities, cloud computing can take care of analysis and correlation leading to accurate and efficient machine learning models. Furthermore, by combining cloud computing with 5G technology as the underlying infrastructure, more intelligent models like deep learning techniques could be leveraged for detecting incoming threats and reacting appropriately in real-time.

Researchers are optimistic about the future of self-driving cars and are looking into multiple factors (e.g. car design, data collection, surroundings) to increase the prediction accuracy of machine learning algorithms and making autonomous vehicles more secure for us.

#self-driving cars #autonomous vehicles #cybersecurity #safety #malicious exploit #V2V communications #machine learning #automotive data #anomaly detection #CyberDailyReport