Research On Detection And Defense Of Urban Rail CBTC System Man-in-the-Middle Attack

Communication Based Train Control(CBTC)systems are train control systems based on the continuous and high-capacity bidirectional communication.With the deep application of communication and computer technology,the security threat of faced by the CBTC system is becoming more and more serious.Among all kinds of security threats,Man-in-the-Middle(MitM)attack is one kind of attack with strong concealment and serious harm.MitM attacks intercept normal network communication and even modify communication data without being known by two communication sides.The traditional detection method of MitM attacks does not study the dynamic characteristics of node attributes.In addition,it does not consider the specific operation environment of train control system and the system losses when the MitM attack occurs.Based on the above analysis,this paper studies the MitM attack in CBTC system.Bayesian game is applied to detect and defend MitM attacks in CBTC system.While detecting MitM successfully,we reduce the MitM attack loss as lower as possible.The specific research contents of this paper are as follows:(1)The limitations of existing CBTC systems to deal with MitM attacks are studied.Train-ground wireless communication is a key part of CBTC system.It is physically open to the outside world.In the existing CBTC systems,once the MitM attack is realized,the train cannot detect the MitM attack by multi-source comparison immediately,and there is a lack of effective means to reduce the loss caused by the MitM attacks.(2)The modeling approach of the current attack and defense game is deeply investigated.Bayesian game can maximize its own revenue on the basis of estimating participants' types and predicting participants' strategic choices.This is similar to the security offense and defense process.Therefore,this paper chooses Bayesian game method to study the MitM offense and defense behaviors in CBTC system.(3)A two-level attack and defense game structure is built in this paper.The structure includes the passive defense game and active defense game.The passive defense take real-time multi-stages game to respond to different levels of MitM attacks.The active defense games use "deliberately reporting dangerous locations" to speed up exposure of attackers.(4)In order to verify the designed detection and defense methods based on Bayesian game,this paper establishes a basic attack-defense simulation system.The simulation system is comprised of the Automatic Train Supervision(ATS),the Zone Controller(ZC),the Computer Interlocking(CI)and other subsystems.The system can simulate train crash scenarios,train protection scenarios,and MitM attack scenarios.(5)The MitM attack detection and defense method designed in this paper is applied in the established simulation system.The simulation results illustrate that the detection and defense method based on Bayesian game in this paper can detect MitM attack from the views of game and control.and can reduce the loss of CBTC systems caused by MitM attacks.