Predicting Congestion Attack of Variable Spoofing Frequency for Reliable Traffic Signal System

Abstract

AbstractAs a key component of next-generation transportation systems, the intelligent traffic signal system is designed to perform dynamic and optimal signal control. The USDOT (U.S. Department of Transportation) has sponsored a kind of such system - I-SIG based on Controlled Optimization of Phases (COP). Unfortunately, it has been revealed that a serious congestion attack can be caused just by one vehicle’s data spoofing. However, the existing methods focus on detecting the congestion attack and have a certain disadvantage of delay even facing periodic attacks. Thus, how to timely detect and even predict the congestion attack has become a key issue. Considering that a practical and effective congestion attack is usually continuous and periodic, we propose a novel approach for congestion attack prediction. Firstly, we set up a spoofing attack environment and collect traffic flows of variable spoofing frequencies. Among congestion attack-caused flows, we define and extract 30 important features and implement ensemble learning to build correlations between traffic flow features and abnormal congestion and attack frequency. Through supervised learning of historical data, we can recognize the current attack frequency and further realize the prediction of the subsequent congestion attack. We also report on necessary and experienced tricks for performance improvement. Extensive experiments and analyses have been conducted to demonstrate the prediction capability of our proposed approach.KeywordsCongestion attackPredictionSupervised learningSecurity analysisTraffic signal system