Black-Box Adversarial ML Attacks on IDS and Multi-Domain Impact Analysis for Threat Intelligence in Automotive Scenarios

In recent years, the automotive sector is going through a period of strong innovation linked to the vehicle connection not only to each other but also to Smart City systems. A direct consequence is an increase in the vehicle attack surface that could lead to complex attacks by providing potential access to a strategic network for government and military organizations for the 'Country System', violating the national security perimeter. The target of these could be the Machine Learning (ML) based Intrusion Detection System (IDS) delegated to protect such assets. Therefore, this research aims to verify the applicability of some Black-Box Adversarial Machine Learning attacks in the CAN bus frame detection task. The victim is a Supervised ML-based IDS assumed to be resident in the vehicle itself. The attack types consist of one evasion and one inference attack. The results show the evasion attack impact (weighted accuracy loss) is about 7 0% and the inference attack is not successful. A Multi-Domain (M-D) qualitative impact analysis involving 'Cyber' and 'Land' domains is proposed in an application scenario of Cyber Warfare and Cyber Espionage constituting integral parts of Multi-Domain Operations (MDOs) potentially aimed at terrorism climates. The victim organization is the entire Nation. This analysis shows the impact of these attacks on real-world assets is very high so a Security by Design approach is needed.