Phantom Car Attack Detection via Passive Opportunistic RF Localization

Abstract

A novel opportunistic approach of passive RF localization is presented for detecting “phantom car” attacks, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">i.e</i> ., vehicles intentionally reporting false position/velocity information to surrounding vehicles and communication networks. Current state-of-the-art approaches for vehicle localization mostly rely on either: (i) self-reported position/velocity updates obtained via navigation technologies such as GPS, or (ii) cooperative communication approaches involving multiple vehicles exchanging situational awareness information with each other. In both cases, these approaches assume that all vehicles involved truthfully share their actual location information, which might not be the case if malicious users are present within the traffic flow. The proposed approach does not make this assumption. Rather, it extracts location information of vehicles operating on the road without the need to cooperate with them. Multiple sensors surrounding these vehicles are opportunistically and passively measured for their RF emission characteristics ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">e.g</i> ., received signal strength, time difference of arrival) based on using on-board widely available wireless signals ( <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">e.g</i> ., 5G, Bluetooth, WiFi). These RF emissions are not intentionally designed to be used in localization applications. Their characteristics are processed via data fusion and bounded via vehicle dynamics behavioral models before being compared against reported positions within the vehicular communications network. This paper presents the phantom car attack model used in this work to compromise conventional vehicle localization techniques, as well as the framework and its respective sub-components implementing the proposed detection approach. To evaluate the feasibility of the proposed approach, a custom-built Python-based computer simulation platform is described that accurately models the vehicular environment and its associated RF emissions characteristics. Finally, a simple hardware field experiment evaluating the performance of the proposed approach incorporating RF localization, data fusion, and vehicle behavioral dynamics modules illustrates the viability of identifying phantom car attacks within a non-cooperative framework.