Advancing security in IoT-driven critical infrastructure: a focus on smart transportation system.

Abstract

As new technological platforms such as the Internet of Things (IoT), blockchain, Artificial Intelligence (AI) and Machine Learning (ML) are gradually emerging and being integrated into critical infrastructures which are subjected to digital attacks. i.e., the critical systems are vulnerable to new cybersecurity threatsand thus requires corresponding security approach to challenge the threats.It is therefore imperative to identify the various types of possible cyber-attacks on the systems and develop a security framework to manage the associated security risks. IoT-based critical infrastructure systemslike smart healthcare, smart transportation and smart manufacturing are prone to attacks such as Denial of Service (DoS) attacks, brute-force attacks, Man-in-the-Middle attacks (MiTM), Stuxnet computer virus etc. This paper focuses on a detailed study of the smart transportation system and its security issues; various threat vectors used by the attackers are examinedalongsidecorresponding countermeasures. Additionally,an in-depth analysis on how an identified malicious attack on smart transportationcould be achieved was carried out by using an open-source vehicular network tool called Vehicle in Network Simulation (Veins). A detailed evaluation of the impact of MiTM attack was then carried out based on the evaluation metrics. Results from the simulation results indicate that attacks on the built STSthesis vehicular network have a higher influence on the network. Also, although the STSthesis was a basic network that was run with considerable node, limited time and injected malicious node, the impact of the MiTM attack was still visible. Furthermore, implementing the elliptic-curve Diffie-Hellman (ECDH) with the Advanced Encryption Standard (AES) in the early stage of design and implementation will prevent the MiTM attacks from intercepting messages between legitimate nodes.