Dünyada dijital teknolojinin hızla gelişmesiyle birlikte, akıllı şehirler ve akıllı şebekelerde olduğu gibi akıllı ulaşım araçlarında da gelişmeler yaşanmıştır. Akıllı sistemlerin akıllı araçlara entegrasyonun ardından otonom araçların yaygınlaşmasıyla siber güvenliğin önemi daha da artmıştır. Konforlu, güvenilir ve zamandan tasarruf edilebilecek yolculuk ve taşımacılık için otonom araçların güvenlik zafiyetleri araştırılmıştır. Yapılan siber saldırıların 3 çeşit amacı vardır: sistemi kontrol eden yöneticiyi devre dışı bırakarak sistemin kontrolünü ele geçirmek, sistem çalışmasında gecikmelere neden olacak yoğunlukta çalışmasını sağlamak ve sistemin tamamen çökmesine neden olmak. Bu çalışmada kontrolün kullanıcıdan saldırgana nasıl geçebileceğini göstermek amacıyla 10 çeşit saldırı incelenmiştir. Bu saldırılar, GPS yanıltma, ara bellek taşması, istismar açıklık saldırıları, araya girme saldırısı, kötülcül yazılım saldırısı, hizmet kesintisi saldırısı, vekil sunucu saldırısı, sibil saldırısı, OBD Saldırısı ve ARP yanıltma saldırısıdır. Saldırıların yapılacağı mimaride temel otonom sistemler için gereksinim olan konum sensörleri, araç alt sistem denetleyicileri, kablosuz bağlantı araçları ve görüş sensörleri üzerinden yapılan saldırılar incelenmiştir. Ayrıca otonom araçların sistem mimarisi, siber saldırı yöntemleri, siber saldırı önlemleri ve son 5 yılda yapılmış akademik çalışmalar incelenerek analiz edilmiştir. Otonom araçlarda saldırıların sensör bilgilerinin toplandığı, araçların yönetildiği işlemciye yapıldığı tespit edilmektedir. Kablosuz bağlantıların otonom araç yönetiminde kullanıcıların isteği üzerine kullanılması beraberinde çokça açıklığı da getirmiştir. İşlemcide kullanılabilir açıklıkları azaltmak için, işlemcinin yapması gereken görevlerin azaltılarak, yapılması gereken çalışmanın diğer sensörler tarafından yapılması istenmektedir. Sistemin sahip olduğu tek işlemciye doğrudan erişimi kapatarak sistem açıklıklarının azaltılması yönünde çalışmalar yapılmaktadır. Akademisyenler ve otonom araç üreticileri araç mimarisini yöneten yazılım ve korunma yöntemleri üzerinde geliştirme çalışmalarına devam ettikleri görülmektedir. Bu çalışmada, kullanıcıların güvenlik işlemlerini kolaylaştıracak çalışmalar, bazı araçlar ve tedbirler incelenmiştir. Uzmanlar tarafından kullanılarak sistem IP’si hakkında bilgi sahibi olunabilecek, yetkisiz veya yabancı sistemleri tespit edebilecek olan NMAP, Maltego ve Metasploit araçları da incelenmiştir. Yaptığımız çalışmalar tamamıyla etik kurallar çerçevesinde yapılmıştır.
With the rapid development of digital technology in the world, the developments have also occurred in smart transport and smart cities, as well as in smart networks. After the integration of smart systems into smart vehicles, the importance of cyber security has increased with the spread of autonomous vehicles. The safety weaknesses of autonomous vehicles for comfortable, reliable and time-saving travel and transport have been studied. The cyber attacks have three kinds of objectives: to take control of the system by disable the system control manager, to ensure that it works in intensity that will cause delays in the system operation, and to cause the system to collapse completely. In this study, 10 types of attacks have been studied to show how control can pass from user to attacker. These attacks are GPS fraud, interchange memory, exploitation open attacks, interference attacks, malicious software attacks, service interruption attacks, assistant server attacks, cyber attacks, OBD attacks and ARP fraud attacks. In the architecture in which the attacks will be carried out, the attacks are studied through the position sensors, the vehicle sub-system controllers, wireless connectivity tools and vision sensors that are required for the basic autonomous systems. It has also been analyzed by studying the system architecture of autonomous vehicles, cyber-attack methods, cyber-attack measures and academic studies carried out in the last 5 years. In autonomous vehicles, it is detected that the data of the sensors of the attacks is collected, the processor where the vehicles are managed is done. The use of wireless connections in autonomous vehicle management on request by users has also brought a lot of clarity. To reduce the openness available in the processor, by reducing the tasks that the processor has to do, the work that has to be done is required to be done by other sensors. The system has a single processor that is closed to the direct access to the system, and the work is done to reduce the openness of the system. It seems that academics and autonomous vehicle manufacturers are continuing to develop on software and protection methods that manage the vehicle architecture. In this study, studies, some tools and measures that will facilitate users’ security processes have been examined. The NMAP, Maltego and Metasploit tools, which could be used by experts to be informed about the system IP, unautorized or foreign systems could be detected, have also been studied. The work we do is done in the full framework of ethical rules.
With the rapid development of digital technology in the world, there have been developments in smart vehicles as well as in smart cities and smart grids. After the integration of smart systems with smart vehicles, the importance of cyber security is increasing with the spread of autonomous vehicles. In this study, security vulnerabilities of autonomous vehicles were investigated, especially for comfortable, reliable, and time-saving travel and transportation. The cyberattacks carried out in the researches have 3 purposes. These are to take control of the system by disabling the administrator who controls the system, to make the system work intensively, to cause delays in the system operation, and cause the system to crash completely. In this study, 10 attack types are analyzed to show how control can pass from the user to the attacker. These are GPS spoofing, buffer overflow, exploit vulnerability attacks, Man-in-the-Middle attack, malware attack, DDoS attack, Proxy/Socks attack, Sybil attack, OBD attack, and ARP spoofing attack. The attacks made through position sensors, vehicle subsystem controllers, wireless connection devices, and image sensors, which are required for basic autonomous systems in the attack architecture, are examined. In addition, the system architecture of autonomous vehicles, cyberattack methods, cyber attack measures, and academic studies in the last 5 years have been examined and analyzed. It has been shown that attacks are made on the processor in which the sensor information is collected and the vehicles are managed in autonomous vehicles. The use of wireless connections at the request of users in autonomous vehicle management has brought a lot of clarity. To reduce the available openings in the processor, the tasks that need to be done by the processor are reduced and the work is required to be done by other sensors. It is tried to reduce system vulnerabilities by closing direct access to a single processor owned by the system. It has been observed that academics and autonomous vehicle manufacturers continue to work on the software and protection methods that manage the vehicle architecture. Studies, some tools, and measures that will facilitate the security processes of users have been examined. NMAP, Maltego, and Metasploit tools that can be used by experts to gain knowledge of system IP and detect unauthorized or foreign systems were also examined. Our work has been carried out completely within the framework of ethical rules.
Alan : Fen Bilimleri ve Matematik; Mühendislik
Dergi Türü : Uluslararası
Benzer Makaleler | Yazar | # |
---|
Makale | Yazar | # |
---|