PRADA: Proactive Risk Assessment and Mitigation of Misinformed Demand Attacks on Navigational Route Recommendations

TL;DR

This paper introduces PRADA, a game-theoretic framework for proactively assessing and mitigating risks of demand manipulation attacks on navigational recommendation systems in intelligent transportation, highlighting vulnerabilities and mitigation strategies.

Contribution

It presents a novel Stackelberg game model for risk assessment of demand attacks and proposes a trust mechanism to reduce attack impacts in NRS.

Findings

High risk of route manipulation by intelligent attackers.

Trust mechanisms can effectively mitigate demand attack impacts.

Locally targeted attacks may sometimes improve overall traffic conditions.

Abstract

Leveraging recent advances in wireless communication, IoT, and AI, intelligent transportation systems (ITS) played an important role in reducing traffic congestion and enhancing user experience. Within ITS, navigational recommendation systems (NRS) are essential for helping users simplify route choices in urban environments. However, NRS are vulnerable to information-based attacks that can manipulate both the NRS and users to achieve the objectives of the malicious entities. This study aims to assess the risks of misinformed demand attacks, where attackers use techniques like Sybil-based attacks to manipulate the demands of certain origins and destinations considered by the NRS. We propose a game-theoretic framework for proactive risk assessment of demand attacks (PRADA) and treat the interaction between attackers and the NRS as a Stackelberg game. The attacker is the leader who conveys misinformed demands, while the NRS is the follower responding to the provided information. Specifically, we consider the case of local-targeted attacks, in which the attacker aims to make the NRS recommend the authentic users towards a specific road that favors certain groups. Our analysis unveils the equivalence between users' incentive compatibility and Wardrop equilibrium recommendations and shows that the NRS and its users are at high risk when encountering intelligent attackers who can significantly alter user routes by strategically fabricating non-existent demands. To mitigate these risks, we introduce a trust mechanism that leverages users' confidence in the integrity of the NRS, and show that it can effectively reduce the impact of misinformed demand attacks. Numerical experiments are used to corroborate the results and demonstrate a Resilience Paradox, where locally targeted attacks can sometimes benefit the overall traffic conditions.