文章基本信息

标题：eUF: A framework for detecting over-the-air malicious updates in autonomous vehicles
本地全文：下载
作者：Anam Qureshi ; Murk Marvi ; Jawwad Ahmed Shamsi 等
期刊名称：Journal of King Saud University @?C Computer and Information Sciences
印刷版ISSN：1319-1578
出版年度：2022
卷号：34
期号：8
页码：5456-5467
语种：English
出版社：Elsevier
摘要：Software updates are highly significant in autonomous vehicles. These updates are utilized to provide enhanced features and updated security mechanisms. In order to ensure scalability and smooth roll-out Over-the-air (OTA) mechanism is a preferred option to propagate a software update. However, this approach is vulnerable to security attacks because of existence of wireless communication channel between the vehicle and the manufacturer. In that, an attacker can replace the legitimate software with a malicious software with an intent to get control over the vehicle. In this work, we are motivated to address this problem. We develop an enhanced uptane framework for detection of malicious OTA software updates in autonomous vehicles. For enhancing security, we incorporate convolutional neural network (CNN) in the uptane framework. The proposed framework is able to distinguish between malicious and benign software executables with high accuracy. For training and testing, we create two datasets by collecting executables of Windows and Linux operating system. We encourage the use of transfer learning by exploiting the developed CNN models in order to detect malicious executable designed for autonomous vehicles. We also benchmark the CNN models against state-of-the art models. Our work is highly beneficial for the community in providing a secure mechanism for software updates.