Detection and Mitigation of Attacks on Transportation Networks as a Multi-Stage Security Game

TL;DR

This paper models cyber-attacks on smart traffic networks as a multi-stage security game, proposing heuristic defense strategies and an anomaly detector to protect transportation systems from malicious disruptions.

Contribution

It introduces a game-theoretic framework for attack detection and mitigation on traffic signals, along with heuristic algorithms and a Gaussian-process anomaly detector.

Findings

Heuristic algorithms effectively approximate optimal defense strategies.

The Gaussian-process detector successfully identifies ongoing attacks.

Numerical experiments demonstrate the approach's potential in real traffic scenarios.

Abstract

In recent years, state-of-the-art traffic-control devices have evolved from standalone hardware to networked smart devices. Smart traffic control enables operators to decrease traffic congestion and environmental impact by acquiring real-time traffic data and changing traffic signals from fixed to adaptive schedules. However, these capabilities have inadvertently exposed traffic control to a wide range of cyber-attacks, which adversaries can easily mount through wireless networks or even through the Internet. Indeed, recent studies have found that a large number of traffic signals that are deployed in practice suffer from exploitable vulnerabilities, which adversaries may use to take control of the devices. Thanks to the hardware-based failsafes that most devices employ, adversaries cannot cause traffic accidents directly by setting compromised signals to dangerous configurations. Nonetheless, an adversary could cause disastrous traffic congestion by changing the schedule of compromised traffic signals, thereby effectively crippling the transportation network. To provide theoretical foundations for the protection of transportation networks from these attacks, we introduce a game-theoretic model of launching, detecting, and mitigating attacks that tamper with traffic-signal schedules. We show that finding optimal strategies is a computationally challenging problem, and we propose efficient heuristic algorithms for finding near optimal strategies. We also introduce a Gaussian-process based anomaly detector, which can alert operators to ongoing attacks. Finally, we evaluate our algorithms and the proposed detector using numerical experiments based on the SUMO traffic simulator.