Privacy Impact Assessment of Cyber Attacks on Connected and Autonomous Vehicles

被引:4
作者
Panda, Sakshyam [1 ]
Panaousis, Emmanouil [1 ]
Loukas, George [1 ]
Kentrotis, Konstantinos [2 ]
机构
[1] Univ Greenwich, London, England
[2] Exus, Athens, Greece
来源
18TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY & SECURITY, ARES 2023 | 2023年
关键词
Privacy risk assessment; Cyber threats; Connected and autonomous vehicles; DECISION-SUPPORT; NETWORK; SCHEME; SECURITY; INTERNET; TRUST;
D O I
10.1145/3600160.3605073
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Connected and autonomous vehicles (CAVs) are vulnerable to secu-rity gaps that can result in serious consequences, including cyber-physical and privacy risks. For example, an attacker can reconstruct a vehicle's location trajectory by knowing the speed and steering wheel position of the vehicle. Such inferences not only lead to safety issues but also significantly threaten privacy. This paper assesses the privacy impacts of cyber threats on vehicular networks. We augment the Privacy Risk Assessment Methodology (PRAM), pro-posed by the National Institute of Standards and Technology, with cyber threats, with cyber threats, which are, in practice, mapped to PRAM impact metrics. We demonstrate the practical application of the enhanced PRAM methodology through a use case that high-lights attacks leading to privacy risks in CAVs. The consideration of cyber attacks for privacy risk assessment addresses a major gap in current practices, which is to integrate privacy risk into cyber risk management.
引用
收藏
页数:20
相关论文
共 59 条
[1]   Supporting Privacy Impact Assessment by Model-Based Privacy Analysis [J].
Ahmadian, Amir Shayan ;
Strueber, Daniel ;
Riediger, Volker ;
Juerjens, Jan .
33RD ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, 2018, :1467-1474
[2]  
[Anonymous], 2018, Data Protection Act 2018,
[3]  
[Anonymous], 2017, ISO/IEC 29134:2017
[4]  
[Anonymous], 2017, Technical Report Tech. Rep. NIST IR 8062, DOI [DOI 10.6028/NIST.IR.8062, 10.6028/NIST.IR.8062]
[5]   Secure VANETs: Trusted Communication Scheme between Vehicles and Infrastructure Based on Fog Computing [J].
Arif, Muhammad ;
Wang, Guojun ;
Balas, Valentina Emilia .
STUDIES IN INFORMATICS AND CONTROL, 2018, 27 (02) :235-246
[6]  
Atefi S, 2022, Arxiv, DOI arXiv:2211.13345
[7]   Comprehensive survey on security services in vehicular ad-hoc networks [J].
Azees, Maria ;
Vijayakumar, Pandi ;
Deborah, Lazarus Jegatha .
IET INTELLIGENT TRANSPORT SYSTEMS, 2016, 10 (06) :379-388
[8]   Privacy Impact Assessment: Comparing Methodologies with a Focus on Practicality [J].
Bisztray, Tamas ;
Gruschka, Nils .
SECURE IT SYSTEMS, NORDSEC 2019, 2019, 11875 :3-19
[9]   Honeypot Type Selection Games for Smart Grid Networks [J].
Boumkheld, Nadia ;
Panda, Sakshyam ;
Rass, Stefan ;
Panaousis, Emmanouil .
DECISION AND GAME THEORY FOR SECURITY, 2019, 11836 :85-96
[10]  
Calif. Legis, 2018, California consumer privacy act (ccpa)