Magnus Almgren

Musa Furkan Keskin, Muralikrishnan Srinivasan, Onur Gunlu et al.

Integrated sensing and communication (ISAC) will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify unique ISAC-induced security challenges and opportunities in three interrelated domains: cyber-physical (where manipulation of sensors and actuators can mislead perception and control), physical-layer (where over-the-air signals are vulnerable to spoofing and jamming) and protocol (where complex cryptographic protocols cannot detect lower-layer attacks). Building on these insights, we put forward a multi-domain security vision for 6G transportation and propose an integrated security framework that unifies protection across domains by leveraging existing ISAC measurements for lightweight cross-checks.

Shiliang Zhang, Anton Hagermalm, Sanjin Slavnic et al.

Differential privacy (DP) defines privacy protection by promising quantified indistinguishability between individuals that consent to share their privacy-sensitive information and the ones that do not. DP aims to deliver this promise by including well-crafted elements of random noise in the published data and thus there is an inherent trade-off between the degree of privacy protection and the ability to utilize the protected data. Currently, several open-source tools were proposed for DP provision. To the best of our knowledge, there is no comprehensive study for comparing these open-source tools with respect to their ability to balance DP's inherent trade-off as well as the use of system resources. This work proposes an open-source evaluation framework for privacy protection solutions and offers evaluation for OpenDP Smartnoise, Google DP, PyTorch Opacus, Tensorflow Privacy, and Diffprivlib. In addition to studying their ability to balance the above trade-off, we consider discrete and continuous attributes by quantifying their performance under different data sizes. Our results reveal several patterns that developers should have in mind when selecting tools under different application needs and criteria. This evaluation survey can be the basis for an improved selection of open-source DP tools and quicker adaptation of DP.

Nasser Nowdehi, Wissam Aoudi, Magnus Almgren et al.

Nowadays, vehicles have complex in-vehicle networks (IVNs) with millions of lines of code controlling almost every function in the vehicle including safety-critical functions. It has recently been shown that IVNs are becoming increasingly vulnerable to cyber-attacks capable of taking control of vehicles, thereby threatening the safety of the passengers. Several countermeasures have been proposed in the literature in response to the arising threats, however, hurdle requirements imposed by the industry is hindering their adoption in practice. In particular, detecting attacks on IVNs is challenged by strict resource constraints and utterly complex communication patterns that vary even for vehicles of the same model. In addition, existing solutions suffer from two main drawbacks. First, they depend on the underlying vehicle configuration, and second, they are incapable of detecting certain attacks of a stealthy nature. In this paper, we propose CASAD, a CAN-Aware Stealthy-Attack Detection mechanism that does not abide by the strict specifications predefined for every vehicle model and addresses key real-world deployability challenges. Our fast, lightweight, and system-agnostic approach learns the normal behavior of IVN dynamics from historical data and detects deviations by continuously monitoring IVN traffic. We demonstrate the effectiveness of CASAD by conducting various experiments on a CAN bus prototype, a 2018 Volvo XC60, and publicly available data from two real vehicles. Our approach is experimentally shown to be effective against different attack scenarios, including the prompt detection of stealthy attacks, and has considerable potential applicability to real vehicles.