面向智能汽车的信息安全漏洞评分模型

doi:10.11959/j.issn.2096-109x.2021096

Abstract

Abstract:

More and more electronic devices are integrated into the modern vehicles with the development of intelligent vehicles.There are various design flaws and vulnerabilities hidden in a large number of hardware, firmware and software.Therefore, the vulnerabilities of intelligent vehicles have become the most important factor affecting the vehicle safety.The safety of vehicles is seriously affected by the disclosure of a large number of vulnerabilities, and the wide application of smart cars is also restricted.Vulnerability management is an effective method to reduce the risk of vulnerabilities and improve vehicle security.And vulnerability scoring is one the important step in vulnerability management procedure.However, current method have no capability assessing automotive vulnerabilities reasonably.In order to handle this problem, a vulnerability scoring model for intelligent vehicles was proposed, which was based on CVSS.The attack vector and attack complexity were optimized, and property security, privacy security, functional safety and life safety were added to characterize the possible impact of the vulnerabilities according to the characteristics of intelligent vehicles.With the machine learning method, the parameters in CVSS scoring formula were optimized to describe the characteristics of intelligent vehicle vulnerabilities and adapt to the adjusted and new added weights.It is found in case study and statistics that the diversity and distribution of the model are better than CVSS, which means the model can better score different vulnerabilities.And then AHP is used to evaluate the vulnerability of the whole vehicle based on the vulnerability score of the model, a score is given representing the risk level of whole vehicle.The proposed model can be used to evaluate the severity of information security vulnerabilities in intelligent vehicles and assess the security risks of the entire vehicle or part of the system reasonably, which can provide an evidence for fixing the vulnerabilities or reinforcing the entire vehicle.

Key words: intelligent vehicle, CVSS, vulnerability scoring system, risk assessment, nonlinear regression, AHP

CLC Number:

TP393

Haiyang YU, Xiuzhen CHEN, Jin MA, Zhihong ZHOU, Shuning HOU. Information security vulnerability scoring model for intelligent vehicles[J]. Chinese Journal of Network and Information Security, 2022, 8(1): 167-179.

Figures/Tables 21

References 19

[1]	田野 . 11部门联合发布《智能汽车创新发展战略》[J]. 智能网联汽车, 2020(2): 6-7.
	TIAN Y . 11 departments jointly released intelligent vehicle innovation and development strategy[J]. Intelligent Connected Vehicles, 2020(2): 6-7.
[2]	ZHAO F , HUANG H Q , JIN H ,et al. A hybrid ranking approach to estimate vulnerability for dynamic attacks[J]. Computers ＆ Mathematics with Applications, 2011,62(12): 4308-4321.
[3]	KERAMATI M , . New vulnerability scoring system for dynamic security evaluation[C]// Proceedings of 2016 8th International Symposium on Telecommunications (IST). 2016: 746-751.
[4]	李舟, 唐聪, 胡建斌 ,等. 面向SaaS云平台的安全漏洞评分方法研究[J]. 通信学报, 2016,37(8): 157-166.
	LI Z , TANG C , HU J B ,et al. Vulnerabilities scoring approach for cloud SaaS[J]. Journal on Communications, 2016,37(8): 157-166.
[5]	LIU Q X , ZHANG Y Q . VRSS:a new system for rating and scoring vulnerabilities[J]. Computer Communications, 2011,34(3): 264-273.
[6]	SPANOS G , SIOZIOU A , ANGELIS L . WIVSS:a new methodology for scoring information systems vulnerabilities[C]// Proceedings of the 17th Panhellenic Conference on Informatics. 2013: 83-90.
[7]	UR-REHMAN A , GONDAL I , KAMRUZZUMAN J ,et al. Vulnerability modelling for hybrid IT systems[C]// Proceedings of 2019 IEEE International Conference on Industrial Technology. 2019: 1186-1191.
[8]	UR-REHMAN A , GONDAL I , KAMRUZZAMAN J ,et al. Vulnerability modelling for hybrid industrial control system networks[J]. Journal of Grid Computing, 2020,18(4): 863-878.
[9]	BOZORGI M , SAUL L K , SAVAGE S ,et al. Beyond heuristics:learning to classify vulnerabilities and predict exploits[C]// Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining. 2010: 105-114.
[10]	ISO 26262. Road vehicles-functional safety[S]. 2011.
[11]	EVITA. E-safety vehicle intrusion protected applications[S]. 2011.
[12]	LE V H , DEN-HARTOG J , ZANNONE N . Security and privacy for innovative automotive applications:a survey[J]. Computer Communications, 2018,132: 17-41.
[13]	郭亚军 . 综合评价理论与方法[M]. 北京: 科学出版社, 2002.
	GUO Y J . Theory and method of comprehensive evaluation[M]. Beijing: Science Press, 2002.
[14]	刘琼 . 基于层次分析法的风险评估系统的研究与设计[D]. 西安:西安电子科技大学, 2009.
	LIU Q . Study and design of the risk assessment system based on analytic hierarchy process[D]. Xi'an:Xidian University, 2009.
[15]	ZHANG Y J , DENG X Y , WEI D J ,et al. Assessment of E-commerce security using AHP and evidential reasoning[J]. Expert Systems with Applications, 2012,39(3): 3611-3623.
[16]	陈秀真, 吴越, 李建华 . 车载信息系统的安全测评体系及方法[J]. 信息安全学报, 2017,2(2): 15-23.
	CHEN X Z , WU Y , LI J H . System and approach of security testing and evaluation for invehicle information systems[J]. Journal of Cyber Security, 2017,2(2): 15-23.
[17]	WANG R Y , GAO L , SUN Q ,et al. An improved CVSS-based vulnerability scoring mechanism[C]// Proceedings of 2011 Third International Conference on Multimedia Information Networking and Security. 2011: 352-355.
[18]	MELL P , SCARFONE K . Improving the common vulnerability scoring system[J]. IET Information Security, 2007,1(3): 119.
[19]	谢丽霞, 徐伟华 . 改进漏洞基础评分指标权重分配方法[J]. 计算机应用, 2017,37(6): 1630-1635.
	XIE L X , XU W H . Improved weight distribution method of vulnerability basic scoring index[J]. Journal of Computer Applications, 2017,37(6): 1630-1635.

Metrics

Recommended 0

No Suggested Reading articles found!

攻击复杂度等级	攻击复杂度分级说明
极高	攻击难度极大或要求苛刻的攻击，需要达成突破防护措施、试验获得目标环境中竞态条件等多种条件后才有可能成功，几乎很难成功
高	需要满足一定条件才可以达成攻击，且限制条件较为严格，如搭建目标环境、中间人攻击、准备特定脚本或工具等条件中的一条或多条
中	需要满足一定条件才可以达成攻击，但限制条件较为简单，如获取目标环境信息等
低	不需要满足特定条件，攻击能够重复获得可预期的成果

等级	机密性	完整性	可用性
无	不会对机密性造成危害	不会对完整性造成危害	不会对可用性造成危害
低	通过漏洞会获得某些受限信息的访问，但攻击者无法控制获取的信息，或者获取信息的数量或种类受到限制，不会对部件造成直接的严重的影响	通过漏洞可以修改数据，但是攻击者无法控制修改的结果，或者修改的数量有限，不会对部件造成直接的严重的影响	漏洞会造成性能降低或资源可用性暂时中断，但是即使重复利用该漏洞，攻击者也不能完全使该服务不可用。要么资源始终部分可用，要么部分时间完全可用，不会对部件造成直接的严重后果
高	完全丧失机密性，受影响部件中的所有资源都泄露给攻击者，或者只泄露部分受限信息，但是所公开的信息会对部件机密性有直接的严重的后果	完全丧失完整性，攻击者能够修改部件任何文件，或者只能修改部分文件，但会对部件造成直接的严重的后果	攻击者能够使受影响组件拒绝服务，导致可用性完全丧失

等级	生命安全	财产安全	功能安全	隐私安全
无	不会对生命安全造成危害	不会对财产安全造成危害	不会对功能安全造成危害	不会对隐私安全造成危害
低	漏洞会对关键部件、关键系统造成影响，或者影响安全装置正常工作，对生命安全有间接影响，但是不会对生命安全造成直接的严重的影响	漏洞会导致间接、相对较小财产损失，不会对财产安全造成直接的严重的影响	漏洞会使部分功能受损或者暂时不可用，但是不会对车辆关键功能造成直接的严重的影响	通过漏洞会获得某些隐私信息的访问，但攻击者无法控制获取的信息，或者获取信息的数量或种类受到限制，不会对隐私安全造成直接的严重的影响
高	漏洞对关键部件或关键系统造成严重影响，对安全装置有严重危害，或对生命安全造成直接的严重的影响	漏洞会导致重大财产损失，对财产安全造成直接的严重的影响	漏洞会使功能不可用，或者关键功能受损并对车辆关键功能造成直接的严重的影响	通过漏洞会获得全部隐私信息，或者获得部分隐私，但是泄露的隐私信息对隐私安全有直接的严重的后果

指标名称	指标分级	可能取值
攻击向量	[N,R_v,A,L_v,L,P_v,P]	[0.85,0.77,0.62,0.62,0.55,0.44,0.2]
攻击复杂度	[L,M_v,H,H_v]	[0.77,0.44,0.44,0.2]
权限要求	[N,L,H]	[0.85,0.62(0.68),0.27(0.5)]
用户交互	[N,R]	[0.85,0.62]
影响范围	[U,C]	[U,C]
机密性	[H,L,N]	[0.56,0.22,0]
完整性	[H,L,N]	[0.56,0.22,0]
可用性	[H,L,N]	[0.56,0.22,0]
生命安全	[H,L,N]	[0.97,0.44,0]
财产安全	[H,L,N]	[0.56,0.22,0]
隐私安全	[H,L,N]	[0.56,0.22,0]
功能安全	[H,L,N]	[0.56,0.22,0]

参数	数值
损失值	0.298 290
严重等级准确率	0.831 050 22
w	7.077 953
	7.524 998 7
	3.233 344 67
	7.561 943 5
b	0.198 000 04

Information security vulnerability scoring model for intelligent vehicles

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 21

References 19

Related Articles 6

Metrics

Recommended 0

CVE漏洞编号	漏洞描述	漏洞影响后果
CVE-2016-2354	蓝牙不用 PIN 码就可以配对，远端未授权攻击者可以发送任意CAN消息	影响车辆刹车和驾驶功能
CVE-2017-14937	消息处理函数存在权限提升漏洞，攻击者可以注入恶意命令	安全气囊在正常状态下爆开，引发事故
CVE-2017-9647	TCU模块中代码对未知输入处理不当，可能造成内存损坏	自动变速箱异常，影响驾驶功能
CVE-2018-18071	人车交互App应用存在弱密码验证漏洞，可被中间人攻击	车主信息遭到泄露，远程控制车辆
CVE-2018-18203	车载信息娱乐系统中未签名文件系统映像可以通过有效性检查，更新机制可能使攻击者重写其固件	攻击者作为根用户执行恶意代码或安装恶意软件
CVE-2018-9318	车载信息娱乐系统对未知输入处理不当，攻击者可通过代码注入提升权限	引起信息泄露和恶意报文注入
CVE-2019-12797	蓝牙 PIN 模块存在固定管理员凭证，远端未授权攻击者可以绕过身份认证	蓝牙信息泄露，可向OBD发送任意命令
CVE-2019-13582	Wi-Fi模块对未知输入处理不当，可能造成内存损坏	Wi-Fi模块被植入恶意代码或受到拒绝服务攻击
CVE-2019-9493	人车交互 App 应用存在固定管理员凭证，远端未授权攻击者可以发送命令查询数据	车辆位置信息被盗取，获得对车辆的物理访问
CVE-2019-9977	车载信息娱乐系统对未知输入处理不当，攻击者可通过代码注入提升权限	车载信息娱乐系统被控制，功能出现异常并可能在CAN总线中发包

漏洞名称	攻击向量	攻击复杂度	权限要求	用户交互	影响范围
CVE-2016-2354	0.62	0.77	0.27	0.85	C
CVE-2017-14937	0.62	0.44	0.62	0.85	U
CVE-2017-9647	0.44	0.77	0.62	0.85	C
CVE-2018-18071	0.85	0.77	0.27	0.85	U
CVE-2018-18203	0.44	0.44	0.27	0.85	U
CVE-2018-9318	0.62	0.77	0.27	0.85	U
CVE-2019-12797	0.85	0.77	0.27	0.85	C
CVE-2019-13582	0.85	0.77	0.27	0.85	U
CVE-2019-9493	0.85	0.77	0.27	0.85	U
CVE-2019-9977	0.85	0.77	0.27	0.62	C

漏洞编号	CVSS	CVSS_IOT	VSMIV
CVE-2016-2354	8.8	7.9	9.7
CVE-2017-14937	4.7	6.9	7.0
CVE-2017-9647	6.6	8.5	7.7
CVE-2018-18071	7.5	4.9	8.9
CVE-2018-18203	6.4	6.3	7.2
CVE-2018-9318	9.8	7.2	9.2
CVE-2019-12797	9.8	8.3	10.0
CVE-2019-13582	9.8	7.2	9.5
CVE-2019-9493	9.8	7.2	9.9
CVE-2019-9977	8.8	7.9	9.7

漏洞	评分
CVE-2020-29440	8.4
CVE-2020-29439	6.9
CVE-2020-29438	7.6
CVE-2019-13582	9.5
CVE-2019-13581	8.8

准则层	指标层	脆弱性得分	指标综合权重
攻击面	物理访问	8.4	0.201 049 27
	近距离访问	9.5	0.100 472 68
	远距离访问	0	0.029 695 03
系统安全	权限提升	9.5	0.063 118 5
	命令执行	9.5	0.100 084 31
	行为控制	8.4	0.386 003 52
数据安全	数据保密性	9.5	0.064 447 19
	数据完整性	9.5	0.035 545 17
	数据可用性	9.5	0.019 584 36

[1]	Lijun ZU, Yalin CAO, Xiaohua MEN, Zhihui LYU, Jiawei YE, Hongyi LI, Liang ZHANG. Adaptive selection method of desensitization algorithm based on privacy risk assessment [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 49-59.
[2]	Wenfu LIU, Jianmin PANG, Xin ZHOU, Nan LI, Feng YUE. Research on network risk assessment based on attack graph of expected benefits-rate [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 87-97.
[3]	Jian LI, Tinglu DONG, Jie LI. Research on IoT security situation awareness method based on evidence theory [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 39-47.
[4]	Fan CHAO, Zhi YANG, Xuehui DU, Bing HAN. Classified risk assessment method of Android application based on multi-factor clustering selection [J]. Chinese Journal of Network and Information Security, 2021, 7(2): 161-173.
[5]	Biao WANG,Xingyang LIU,Ka XU,Wangyang LIU,Kenan WANG,Yuqing XIA. Research on national security risk assessment model of open government data [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 80-87.
[6]	Yuyang ZHOU, Guang CHENG, Chunsheng GUO. Risk assessment method for network attack surface based on Bayesian attack graph [J]. Chinese Journal of Network and Information Security, 2018, 4(6): 11-22.

漏洞名称	机密性	完整性	可用性	生命安全	财产安全	隐私安全	功能安全
CVE-2016-2354	0.56	0.56	0.56	0.97	0.56	0.56	0.56
CVE-2017-14937	0.56	0	0	0.97	0.44	0	0.44
CVE-2017-9647	0.56	0.56	0.56	0.97	0.44	0.44	0.56
CVE-2018-18071	0.56	0	0	0	0.56	0.56	0
CVE-2018-18203	0.56	0.56	0.56	0.44	0.44	0.56	0.56
CVE-2018-9318	0.56	0.56	0.56	0	0	0.56	0.44
CVE-2019-12797	0.56	0.56	0.56	0.97	0	0	0.56
CVE-2019-13582	0.56	0.56	0.56	0	0.44	0.44	0.56
CVE-2019-9493	0.56	0.56	0.56	0	0.56	0.56	0
CVE-2019-9977	0.56	0.56	0.56	0.97	0.44	0.56	0.56