Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

PRADA: Proactive Risk Assessment and Mitigation of Misinformed Demand Attacks on Navigational Route Recommendations

Ya-Ting Yang, Haozhe Lei, Quanyan Zhu

TL;DR

A game-theoretic framework for proactive risk assessment of demand attacks (PRADA) is proposed and a trust mechanism is introduced that leverages users’ confidence in the integrity of the NRS, and can effectively reduce the impact of misinformed demand attacks.

Abstract

Leveraging recent advances in wireless communication, IoT, and AI, intelligent transportation systems (ITS) played an important role in reducing traffic congestion and enhancing user experience. Within ITS, navigational recommendation systems (NRS) are essential for helping users simplify route choices in urban environments. However, NRS are vulnerable to information-based attacks that can manipulate both the NRS and users to achieve the objectives of the malicious entities. This study aims to assess the risks of misinformed demand attacks, where attackers use techniques like Sybil-based attacks to manipulate the demands of certain origins and destinations considered by the NRS. We propose a game-theoretic framework for proactive risk assessment of demand attacks (PRADA) and treat the interaction between attackers and the NRS as a Stackelberg game. The attacker is the leader who conveys misinformed demands, while the NRS is the follower responding to the provided information. Specifically, we consider the case of local-targeted attacks, in which the attacker aims to make the NRS recommend the authentic users towards a specific road that favors certain groups. Our analysis unveils the equivalence between users' incentive compatibility and Wardrop equilibrium recommendations and shows that the NRS and its users are at high risk when encountering intelligent attackers who can significantly alter user routes by strategically fabricating non-existent demands. To mitigate these risks, we introduce a trust mechanism that leverages users' confidence in the integrity of the NRS, and show that it can effectively reduce the impact of misinformed demand attacks. Numerical experiments are used to corroborate the results and demonstrate a Resilience Paradox, where locally targeted attacks can sometimes benefit the overall traffic conditions.

PRADA: Proactive Risk Assessment and Mitigation of Misinformed Demand Attacks on Navigational Route Recommendations

TL;DR

A game-theoretic framework for proactive risk assessment of demand attacks (PRADA) is proposed and a trust mechanism is introduced that leverages users’ confidence in the integrity of the NRS, and can effectively reduce the impact of misinformed demand attacks.

Abstract

Leveraging recent advances in wireless communication, IoT, and AI, intelligent transportation systems (ITS) played an important role in reducing traffic congestion and enhancing user experience. Within ITS, navigational recommendation systems (NRS) are essential for helping users simplify route choices in urban environments. However, NRS are vulnerable to information-based attacks that can manipulate both the NRS and users to achieve the objectives of the malicious entities. This study aims to assess the risks of misinformed demand attacks, where attackers use techniques like Sybil-based attacks to manipulate the demands of certain origins and destinations considered by the NRS. We propose a game-theoretic framework for proactive risk assessment of demand attacks (PRADA) and treat the interaction between attackers and the NRS as a Stackelberg game. The attacker is the leader who conveys misinformed demands, while the NRS is the follower responding to the provided information. Specifically, we consider the case of local-targeted attacks, in which the attacker aims to make the NRS recommend the authentic users towards a specific road that favors certain groups. Our analysis unveils the equivalence between users' incentive compatibility and Wardrop equilibrium recommendations and shows that the NRS and its users are at high risk when encountering intelligent attackers who can significantly alter user routes by strategically fabricating non-existent demands. To mitigate these risks, we introduce a trust mechanism that leverages users' confidence in the integrity of the NRS, and show that it can effectively reduce the impact of misinformed demand attacks. Numerical experiments are used to corroborate the results and demonstrate a Resilience Paradox, where locally targeted attacks can sometimes benefit the overall traffic conditions.
Paper Structure (40 sections, 5 theorems, 40 equations, 7 figures, 1 table, 1 algorithm)

This paper contains 40 sections, 5 theorems, 40 equations, 7 figures, 1 table, 1 algorithm.

Table of Contents

  1. Introduction
  2. Literature Review
  3. Misinformed Demand Attack
  4. Demand Attack Methods
  5. Sybil Attacks
  6. Botnet
  7. GPS Spoofing
  8. Wireless Communication Network
  9. Insider Threats
  10. Types of Attackers
  11. Non-Strategic Attacker
  12. Strategic Attacker
  13. Attacker's Goals
  14. Local-Targeted Attacks
  15. Network-Wide Attacks
  16. ...and 25 more sections

Key Result

Proposition 1

A WE solution pair $(\widehat{\textbf{y}}, \widehat{\textbf{x}}^w)$ defined in Definition def:WE that corresponds to the UE pair ($\textbf{p}$, $\textbf{x}^r$) is a feasible solution for the UE recommendation defined in Definition def:NRS.

Figures (7)

  • Figure 1: The NRS receives user origin and destination (OD) requests, which are vulnerable to exploitation by malicious entities for demand attacks: (1) Sybil attack (2) Botnet (3) GPS spoofing (4) Man-in-the-middle attack (5) Insider threats.
  • Figure 2: The PRADA framework is analyzed through three layers of games between users, the NRS, the threat model of the attacker, and the PRADA risk evaluator.
  • Figure 3: Local-targeted attacks: The malicious entity manipulates the NRS to guide users through the target road. The blue dashed line represents the original recommendation from the NRS, and the red line illustrates the one under attack.
  • Figure 4: An example network (based on the network structure of Sioux Falls) for our case study. The value on each edge denotes the free-flow road travel time.
  • Figure 5: Risk report in terms of TI (local-targeted impact on roads along users' feasible paths) and NI (network-wide impact) when encountering non-strategic (random, uniform) and strategic attackers.
  • ...and 2 more figures

Theorems & Definitions (17)

  • Definition 1: User Equilibrium Recommendation
  • Definition 2: Wardrop Equilibrium Recommendation
  • Proposition 1
  • proof
  • Remark 1
  • Remark 2
  • Remark 3
  • Proposition 2
  • proof
  • Proposition 3
  • ...and 7 more