Artificial Intelligence and Cybersecurity: Building an Automotive Cybersecurity Framework Using Machine Learning Algorithms

Abstract

Automotive technology has continued to advance in many aspects. As an outcome of such advancements, autonomous vehicles are closer to commercialization and have brought to life a complex automotive technology ecosystem [1]. Like every other technology, these developments bring benefits but also introduce a variety of risks. One of these risks in the automotive space is cybersecurity threats. In the case of cars, these security challenges can produce devastating results and tremendous costs, including loss of life. Therefore, conducting a clear analysis, assessment and detection of threats solves some of the cybersecurity challenges in the automotive ecosystem. This dissertation does just that, by building a three-step framework to analyze, assess,and detect threats using machine learning algorithms. First, it does an analysis of the connected vehicle threats while leveraging the STRIDE framework [2]. Second, it presents an innovative, Fuzzy based threat assessment model (FTAM). FTAM leverages threat characterizations from established threat assessment models while focusing on improving its assessment capabilities by using Fuzzy logic. Through this methodology, FTAM can improve the efficiency and accuracy of the threat assessment process by using Fuzzy logic to determine the “degree” of the threat over other existing methods. This differs from the current threat assessment models which use subjective assessment processes based on table look-ups or scoring. Thirdly, this dissertation proposes an intrusion detection system (IDS) to detect malicious threats while taking in consideration results from the previous assessment stage. This IDS uses the dataset provided from Wyoming Connected Vehicle Deployment program [3] and consists of a two-stage intrusion detection system based on supervised and unsupervised machine learning algorithms. The first stage uses unsupervised learning to detect whether there is an attack present and the second stage classifies these attacks in a supervised learning fashion. The second stage also addresses data bias and eliminates the number of false positives. The simulation of this approach results in an IDS able to detect and classify attacks at a 99.965% accuracy and lowers the false positives rate to 0%.