Browsing by Author "Hudson, Jonathan"

Now showing 1 - 3 of 3
  • Thumbnail Image
    ItemOpen Access
    Contextual Anomaly Detection in Controller Area Networks
    (2022-03) Balaji, Prashanth; Ghaderi, Majid; Hudson, Jonathan; Henry, Ryan
    The Controller Area Network (CAN) has been an established standard for in-vehicular networks for over two decades. The low implementation cost of CAN together with its simple design has allowed automotive manufacturers to incorporate it at scale with ease. The onboard CAN bus facilitates real-time data exchange between Electronic Control Units (ECU) that are responsible for maintaining critical functions such as lane-keep assist, collision assist and engine control during the operation of the vehicle. Though proven to be reliable and efficient, security was never a part of CAN's design. Hence ECUs are highly susceptible to a wide range of attacks that could eventually prove fatal to passengers and all road users. Additionally, the increased connectivity in Connected and Autonomous Vehicles (CAV) has further widened the threat landscape for malicious actors to leverage. Attackers typically target specific vehicle subsytems by injecting malicious exploits into the bus and thus anomaly detection in the CAN has been actively studied in recent years. While existing detection systems are capable of identifying deviations in the behavior of an individual control unit, they are ineffective against attacks that target multiple subsystems while still adhering to the norms of the system. Such stealthy attacks are more subjective to evade the purview of an anomaly detection system that does not collectively evaluate all data points to determine the overall state of the system. In this thesis, we primarily focus on detecting these attacks by identifying contextual anomalies in CAN bus data. To this end, we employ machine learning algorithms to capture the spatio-temporal correlations among sensor readings in the CAN bus at both frame and signal levels. Neural networks are typically capable of learning intrinsic patterns in the given data without the need to comprehend its meaning and thus this use case provides an ideal ground for their application. We present NeuroCAN, a deep learning-based detection model that employs Long Short-Term Memory (LSTM) and Linear Embeddings to derive contextual inferences from other ECUs in real-time. We train and evaluate our approach on two real-world CAN bus datasets and compare its performance against other existing approaches in the literature. Following which we assess the capacity of our model to identify stealthy attacks in an open-source signal dataset that serves as a benchmark for CAN bus anomaly detection systems. The results indicate that our system is capable of achieving over 95% detection accuracy and performs significantly better than other state of the art approaches. We further incorporate multitask learning to effectively reduce the large resource overhead that arises over managing multiple trained models during detection. We also study the importance of additional sensor context and the need for a collective approach in the detection process and present our findings.
  • Thumbnail Image
    ItemOpen Access
    Deadline-aware Bulk Transfer Scheduling in Best-effort SD-WANs
    (2021-04-16) Hosseini Bidi, Seyed Arshia; Ghaderi, Majid; Hudson, Jonathan; Fupojuwo, Abraham
    Wide area networks (WANs) that connect geo-distributed datacenters enable online applications to provide a diversity of services to their users in various locations throughout the world. Inter-datacenter (inter-DC) traffic constitutes a significant portion of today’s world-wide traffic while utilizing dedicated lines that are in different networks than the Internet, making it a very expensive communication. Consequently, inter-DC network providers are keen to minimize their expenses while guaranteeing the quality of service to their customers. As a result, scheduling available resources is of paramount importance to increase the efficacy of these networks for both their providers and customers. In this regard, software-defined wide area networks (SD-WAN) seem to be a promising solution to mitigate legacy WAN’s restrictions such as lack of a global view. While conventional multi-protocol label switching (MPLS) tunnelling has proven to be a practical approach to guarantee performance, its significant service price can be a drawback. Utilizing Internet best-effort paths is a cheap and viable alternative. However, to utilize these paths, we have to take their capacity fluctuations into account to avoid over-allocation. In this thesis, we first characterize and estimate the fluctuations in short and long periods using statistical analysis and machine learning. Next, we take the estimated capacities into account and consider the problem of scheduling bulk transfer requests over best-effort SD-WANs to maximize the gained profit from successful transmissions. Furthermore, we propose an approximate algorithm with a significant computational advantage over our exact algorithm with an approximation ratio that only depends on the number of overlapping requests with the same profit to bandwidth ratio. Finally, we provide a thorough mathematical analysis of the approximate algorithm, as well as simulation and experimental results to evaluate our proposed algorithm’s performance. The results show that our algorithm can improve the inter-DC provider’s profit by an average of 60% while reducing ISP service costs by an average of 15%.
  • Thumbnail Image
    ItemOpen Access
    Testing Self-Organizing Emergent Systems by Learning of Event Sequences
    (2009-12-02T17:56:29Z) Hudson, Jonathan; Denzinger, Joerg; Kasinger, Holger; Bauer, Bernhard
    We present an approach to test self-organizing emergent systems for unwanted behavior with respect to inefficiencies in task fulfillment based on evolutionary learning of event sequences. By using the differences in produced solution quality versus optimal quality to guide the evolutionary search and by using in addition to standard evolutionary operators targeted ones reflecting knowledge about the tested system, the usual evolutionary learning effects can take place, leading to event sequences that are solved badly by the tested systems. In our experimental evaluation of 2 variants of a self-organizing emergent system for dynamic pickup-and-delivery problems, a system using our learning testing approach created clear evidence that the basic variant of the tested system has problems regarding the efficiency of the solutions it produces and that the efficiency improved version leads even in an extremely negative setting for it to only about double the quality costs