Data Poisoning Attacks in Transportation and Infrastructure-Enabled Defense Methods

Abstract

Transportation has been and will continue to be under rapid transformations. One transformation is that the transportation system is increasingly driven by massive datasets, including vehicular data (e.g., from GPS, camera and LiDAR) and infrastructure-generated data (e.g., from loop detectors and travel time sensors). However, the growing reliance on data poses potential cybersecurity issues to the transportation system, among which the so-called “data poisoning” attacks by adversaries are becoming increasingly critical. Data poisoning attacks aim to compromise a system’s performance by adding malicious noises, perturbations, or deviations to the dataset used by the system. Extensive studies have demonstrated the vulnerability of vehicular data to data poisoning attacks, while research on the infrastructure side is sparse. To narrow the gap, this dissertation develops a generic data poisoning attack model for traffic state estimation and prediction (TSEP) applications that primally rely on infrastructure-generated data. By studying the properties of the proposed attack model such as its Lipschitz conditions, the dissertation identifies the vulnerability of TSEP models, generating insights on proactive defense solutions.This dissertation then develops defense solutions using secure data from transportation infrastructure, a recent parallel development for supporting various functionalities of advanced vehicle technologies, especially Connected and Automated Vehicles (CAVs). By securing the data collection and transmission processes, secure data from the infrastructure can help defend against data poisoning attacks. However, such potentials have not been well explored in the literature. This dissertation aims to fill this gap by developing “infrastructure-enabled” solutions to defend against both attacks on vehicular data and attacks on TSEP models. The results show that enabled by the secure infrastructure data, a simple detection method (i.e., an Isolation Forest model) can effectively defend against various types of stealthy GPS spoofing (a high threat to vehicular data of advanced driving systems) and data attacks on queue length estimation models (a common TSEP application).