Adaptive Attack Mitigation for IoV Flood Attacks

Gateway Servers for the Internet of Vehicles (IoV) must meet stringent Security and Quality of Service (QoS) requirements, including cyberattack protection, low delays and minimal packet loss, to offer secure real-time data exchange for human and vehicle safety and efficient road traffic management. Therefore, it is vital to protect these systems from cyberattacks with adequate Attack Detection (AD) and Mitigation mechanisms. Such attacks often include packet Floods that impair the QoS of the networks and Gateways and even impede the Gateways capability to carry out AD. Thus, this paper first evaluates these effects using system measurements during Flood attacks. It then demonstrates how a Smart Quasi-Deterministic Policy Forwarder (SQF) at the entrance of the Gateway can regulate the incoming traffic to ensure that the Gateway supports the AD to operate promptly during an attack. Since Flood attacks create substantial packet backlogs, we propose a novel Adaptive Attack Mitigation (AAM) system that is activated after an attack is detected to dynamically sample the incoming packet stream, determine whether the attack is continuing, and also drop batches of packets at the input to reduce the effects of the attack. The AAM is designed to minimize a cost function that includes the sampling overhead and the cost of lost benign packets. We show experimentally that the Optimum AAM approach is effective in mitigating attacks and present theoretical and experimental results that validate the proposed approach.