Cyber Attacks via Consumer Electronics: Studying the Threat of Covert Malware in Smart and Autonomous Vehicles

In Industry 5.0, man and machine work alongside each other in production, but smart and autonomous vehicles are examples that show this notion is now being extended to the end consumers. In 2015, a Jeep was remotely hacked through its head unit. This incident drew the public attention to vehicles security and showed how entertainment/infotainment consumer electronics can be used to intrude vehicles. In this paper, we study a novel covert attack that can be launched by malwares spreading through Intelligent Transportation Systems, e.g., via consumer electronics. This malware infects a vehicle module, like the Adaptive Cruise Controller (ACC), and manipulates its setting in a way that is not noticeable to human observers, but gives rise to accidents statistics. We show how this is done and analyze the effect mathematically. We also propose a new Intrusion Detection System (IDS) whose architecture is non-disruptive and can be readily adopted by car manufacturers. We evaluate our proposal with real-world datasets. We demonstrate how a malware/attacker can engineer the crash statistics by manipulating the safe distance value in cruise control scenarios. Then, we put an anomaly-based IDS for ACC modules into test and show how it can effectively detect such covert attacks.