Riposte: A Collaborative Cyber Attack Response Framework for the Automo tive Systems

Abstract

Context: Today, sophisticated technologies and brilliant solutions, that were con sidered impossible before, are all around us. Many of these advancements in tech nologies were possible thanks to the introduction of the Internet. This wide con nectivity between different devices and the ability to communicate no matter the distance have boosted the possibilities to levels unseen before. The automotive domain has got its own share of advancements from the Internet, providing more services and functionalities. However, this wide connectivity and openness to the Internet raise cyber security concerns. These services that depend on online con nectivity can serve as entry points for hackers to perform attacks on different assets of the vehicle. Some of these attacks could be considered minor, but some could be considered severe and potentially threaten human lives. Problem: That being said, choosing the right and most suitable response technique for an ongoing cyber attack could be challenging, especially when there are many response techniques to choose from. Objective: Thus, this study aims to provide a solution in order to help identify and evaluate different cyber attack response techniques for a specific cyber attack in real-time. Approach: To achieve this goal, the study will follow the design science research methodology by performing three iterations. The first iteration would focus on find ing out and discussing the available state-of-the-art cyber attack response techniques from the literature. The second iteration would discuss and propose a solution to help evaluate suitable response techniques in real-time. Finally, the third iteration would focus on evaluating the proposed solution from the safety aspect. Results: The results for this study were a taxonomy of state-of-the-art cyber attack response techniques regarding the software asset and their descriptions, a collabora tive framework that evaluates different suitable response techniques when an attack is in progress, and an evaluation of safety by conducting a qualitative study with different experts through a questionnaire. Conclusion: In conclusion, the proposed framework was deemed slightly unsafe based on the perception of participants. That being said, the participants provided some insight on how to improve the overall safety of the framework in order to make it safer for deployment.