Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming
Type
ArticleKAUST Department
Electrical Engineering ProgramComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division
Distributed Sensing Systems Laboratory (DSS)
Date
2013-10-04Online Publication Date
2013-10-04Print Publication Date
2013-10Permanent link to this record
http://hdl.handle.net/10754/562948
Metadata
Show full item recordAbstract
Traffic sensing systems rely more and more on user generated (insecure) data, which can pose a security risk whenever the data is used for traffic flow control. In this article, we propose a new formulation for detecting malicious data injection in traffic flow monitoring systems by using the underlying traffic flow model. The state of traffic is modeled by the Lighthill- Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data generated by multiple sensors of different types, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for a specific decision variable. We use this fact to pose the problem of detecting spoofing cyber attacks in probe-based traffic flow information systems as mixed integer linear feasibility problem. The resulting framework can be used to detect spoofing attacks in real time, or to evaluate the worst-case effects of an attack offliine. A numerical implementation is performed on a cyber attack scenario involving experimental data from the Mobile Century experiment and the Mobile Millennium system currently operational in Northern California. © American Institute of Mathematical Sciences.Journal
Networks and Heterogeneous Mediaae974a485f413a2113503eed53cd6c53
10.3934/nhm.2013.8.783