Lewis William Koplon, Ameer Ghasem Nessaee, Alex Choi (University of Arizona, Tucson), Andres Mentoza (New Mexico State University, Las Cruces), Michael Villasana, Loukas Lazos, Ming Li (University of Arizona, Tucson)
We address the problem of cyber-physical access control for connected autonomous vehicles. The goal is to bind a vehicle’s digital identity to its physical identity represented by its physical properties such as its trajectory. We highlight that simply complementing digital authentication with sensing information remains insecure. A remote adversary with valid or compromised cryptographic credentials can hijack the physical identities of nearby vehicles detected by sensors. We propose a cyber-physical challenge-response protocol named Cyclops that relies on lowcost monocular cameras to perform cyber and physical identity binding. In Cyclops, a verifier vehicle challenges a prover vehicle to prove its claimed physical trajectory. The prover constructs a response by capturing a series of scenes in the common Field of View (cFoV) between the prover and the verifier. Verification is achieved by matching the dynamic targets in the cFoV (other vehicles crossing the cFoV). The security of Cyclops relies on the spatiotemporal traffic randomness that cannot be predicted by a remote adversary. We validate the security of Cyclops via simulations on the CARLA simulator and on-road real-world experiments in an urban setting.