Biblio

Intelligent Transportation Systems (ITS) play a vital role in the development of smart cities. They enable various road safety and efficiency applications such as optimized traffic management, collision avoidance, and pollution control through the collection and evaluation of traffic data from Road Side Units (RSUs) and connected vehicles in real time. However, these systems are highly vulnerable to data corruption attacks which can seriously influence their decision-making abilities. Traditional attack detection schemes do not account for attackers' sophisticated and evolving strategies and ignore the ITS's constraints on security resources. In this paper, we devise a security game model that allows the defense mechanism deployed in the ITS to optimize the distribution of available resources for attack detection while considering mixed attack strategies, according to which the attacker targets multiple RSUs in a distributed fashion. In our security game, the utility of the ITS is quantified in terms of detection rate, attack damage, and the relevance of the information transmitted by the RSUs. The proposed approach will enable the ITS to mitigate the impact of attacks and increase its resiliency. The results show that our approach reduces the attack impact by at least 20% compared to the one that fairly allocates security resources to RSUs indifferently to attackers' strategies.

The borderless, dynamic, high dimensional and virtual natures of cyberspace have brought unprecedented hard situation for defenders. To fight uncertain challenges in versatile cyberspace, a security framework based on the cloud computing platform that facilitates containerization technology to create a security capability pool to generate and distribute security payload according to system needs. Composed by four subsystems of the security decision center, the image and container library, the decision rule base and the security event database, this framework distills structured knowledge from aggregated security events and then deliver security load to the managed network or terminal nodes directed by the decision center. By introducing such unified and standardized top-level security framework that is decomposable, combinable and configurable in a service-oriented manner, it could offer flexibility and effectiveness in reconstructing security resource allocation and usage to reach higher efficiency.