back to article Hackers create 'ghost' traffic jam to confound smart traffic systems

How many “adversarial vehicles” do you need to befuddle smart traffic lights? Just one, according to research published in late February. Five researchers from the University of Michigan attacked the traffic control system the US Department of Transportation has been using for trials since 2016. Called I-SIG (Intelligent …

Page:

  1. Anonymous Coward
    Anonymous Coward

    Braking News !!! :) <==== NOT a Typo !!!

    Clever people 'Hack' Traffic Control System and ....... Quelle Surprise, it does not work any more !!!

    Why are these 'CV-based signal control systems' made so easy to confound ?

    It is a given that anything new will be targeted by the 'Usual Suspects', so why make it so easy to misuse.

    It always comes down to some form of 'Spoofing' to feed 'Bad Data' into the system to break it.

    Is anything learnt from the mess we have with the Internet because we assumed that 'Bad Actors' would not be trying to misuse and break it ...... and today there are whole industries making money out of defending you from those same 'Bad Actors !!!

    Is this the system that is expected to be installed in Driver-less cars as this makes them ideal as weapons to snarl up the Roads as a diversionary tactic for other 'Unfriendly Acts' !!!

    Just a Thought !!! :)

    1. JetSetJim Silver badge

      Re: Braking News !!! :) <==== NOT a Typo !!!

      I've been wondering for a while how easy it is to spoof the location data the phones are always sending to Google to see how it impacts the traffic layer on the maps. Want to get a few people off the road in front of you? Then spoof a few "slow cars" in the system ahead of you to bump up the traffic weight in the Google navigation world, hence getting redirects. No idea how many devices and throwaway accounts you'd need for this, though - and at the moment the effectiveness is limited as I suspect only a small percentage of drivers are using it.

      1. Anonymous Coward
        Anonymous Coward

        Re: Braking News !!! :) <==== NOT a Typo !!!

        Live in the real world just drive 5-10 mph slower than the rest and watch the queues build up. You don't have to brake or slow for anyone and still get there on time.

        1. Anonymous Coward
          Anonymous Coward

          Re: Braking News !!! :) <==== NOT a Typo !!!

          Live in the real world just drive 5-10 mph slower than the rest and watch the queues build up.

          Doesn't work here. If you leave a car length of space in front of you, the universe will fill it with the car that was behind you. Simple impatience at work.

      2. hammarbtyp Silver badge

        Re: Braking News !!! :) <==== NOT a Typo !!!

        I've been wondering for a while how easy it is to spoof the location data the phones are always sending to Google to see how it impacts the traffic layer on the maps. Want to get a few people off the road in front of you?

        It sort of depends how they are doing it. It used to be done via triangulation of cell tower. This would be pretty hard to hack. Now it also uses GPS, but because not everyone had GPS enabled all the time, I assume they use a combination of data and methods.

        On the other hand if I could get a button will tells everyone to avoid the M1 on a Friday evening.....

    2. Doctor Syntax Silver badge

      Re: Braking News !!! :) <==== NOT a Typo !!!

      "snarl up the Roads as a diversionary tactic "

      Sounds like an Italian Job.

    3. Michael Wojcik Silver badge

      Re: Braking News !!! :) <==== NOT a Typo !!!

      Exclamation points still work if you only use one of them at a time.

      HTH. HAND.

  2. bombastic bob Silver badge
    Devil

    All I want...

    All I want is the ability to make the lights go green when I'm approaching the intersection.

    1. John Smith 19 Gold badge
      Unhappy

      All I want is the ability to make the lights go green when I'm approaching the intersection.

      Well, if you were the head of the HKSBC in Hong Kong before 1997 you already had one.

      You weren't?

      Then I guess you'll go on waiting.

      1. Jason Bloomberg Silver badge

        Re: All I want is the ability to make the lights go green when I'm approaching the intersection.

        Which is exactly what this system is hoping to deliver as best as it can. The trouble is that everyone wants their light to be green so it has to juggle those desires. And I think most would agree that it's a good idea to grant emergency vehicles priority.

        And then we have to deal with those pretending to be emergency vehicles, or pretending to be emergency vehicles which don't even exist.

    2. W4YBO

      Re: All I want...

      In the late seventies, my southern US hometown installed a new traffic light system that featured a 1"x2"x3" box hanging with each set of lights. Way too small for an industrial camera at the time, but if you flashed a particular speed strobe at it, the traffic lights would cycle. I was in high school. Had a lot of fun with that.

      I've noticed similar boxes and tubes on many traffic lights and assumed they performed a similar function.

      Or you could drive a firetruck.

      1. Tom 38 Silver badge

        Re: All I want...

        The traffic lights in my home town in $DREARY_RURAL_LOCATION are light activated, at night time if you flash to full beam as you approach the junction, the lights will change to you (assuming no other cars doing the same from other junctions). As the roads are basically empty at 11pm (yes, that dreary and rural), you can basically whizz through town, coast in to the lights and never actually stop.

        1. katrinab Silver badge

          Re: All I want...

          The lights in my home town are activated by an inductive sensor under the road.

          The lights default to green for traffic going up and down the main road. If a car approaches the main road from one of the side streets, the lights will change to let it out, then change back to the default position. So unless someone approaches the side street on the opposite side of the main road just before me, there's always a wait of about 20 seconds or so for the lights to change.

        2. CrazyOldCatMan Silver badge

          Re: All I want...

          you can basically whizz through town, coast in to the lights and never actually stop

          The main road through Slough[1] had, at one point (and my do still) had linked traffic lights that were supposed to enable traffic at 30mph to pass though all of them at green.

          Someone discovered it also worked (mostly) at 60mph as well. Hilarity resulted.

          [1] My fingers always want to type "of Despond" after that. I've only ever gone through Slough - never lingered.

          1. JetSetJim Silver badge

            Re: All I want...

            > The main road through Slough[1] had, at one point (and my do still) had linked traffic lights that were supposed to enable traffic at 30mph to pass though all of them at green.

            The newish "Northern Orbital" road in Swindon had that, so, at first, a lump of traffic would go all along it's length at 40mph, through about 9 sets of lights that spurred off into the new residential roads which also had the "if something approaches from the side, find a suitable time soon to allow it to join the carriageway by changing the lights".

            Then they broke, and it would cost a fortune to repair them, so they are now left so that traffic joining from the side effectively triggers a gap in the main traffic, which then triggers the next lights to change for the traffic joining there - leading to stop-start all the way up the road for the main traffic. Unless you went at 60 in a 40mph zone.

            1. Martin-73 Silver badge

              Re: All I want...

              There are a couple of intersections in Southampton (Basset Green Road/Stoneham Lane being one) where 'after hours' it defaults to either all red or slowly cycling through phases, probably the latter but I've never sat and watched it.

              If you approach at <=30 mph, and there are no contesting vehicles, it'll be green by the time you reach it. Inductive sensors only ttbomk.

              Knowing the traffic policy of Southampton City Council, I assume this is an oversight, as the default for most other lights in the city is to turn RED when you approach them, even when you're the only car within a mile

  3. Dodgy Geezer Silver badge

    In the new automated world we are creating...

    ... any system that we develop will have to predict ALL possible current and future methods of misusing it, and will have to contain counters to these before it is rolled out.

    This is not going to be possible.

    1. DougS Silver badge

      Re: In the new automated world we are creating...

      No, they just have to restrict who is allowed to feed information into it by having some overall government-level authority allowed to issue certificates for communication, and quickly revoke ones that become compromised.

      This is never going to be something where the FSF can create an OpeCar project that can autonomously drive along the roads. It has to be closed. Because if you let anyone feed information into it, as you say you can never anticipate all the ways of misusing it and counter them in advance.

      1. Charles 9 Silver badge

        Re: In the new automated world we are creating...

        And even then, you'll still have to deal with insiders who MUST have clearance in order to do their jobs.

      2. littlesmith

        Re: In the new automated world we are creating...

        Even if I also do not anticipate the FSF Car any time soon, your posting IMHO has a flaw: Open software does not automatically mean that anybody can feed data into it. It just means that it is open for anybody who wants to understand how it works. To be allowed to participate in public (data) traffic, the software still needs to be certified, as it is today with any conventional car before a new model is allowed to hit the road in most countries. Autonomous cars will need to have a certified system to be allowed in public traffic. But a car vendor could use the open system, adapt it to his models and get it certified for those. When signatures are involved, the car could refuse to run with customized software.

        Today way you can theoretically customize your current car in an unlawful manner and drive around with it, until the police will eventually check your car. The same thing could go with customized software. If there was a standard for certification and signing, the police could easily check an autonomous car's software.

        Closed software does not stop the real bad guys to do their evil stuff, it just adds one or two layers of complexity for them, which are quickly broken if enough money or fanaticism is involved. But open software would enable anybody interested in it (e.g. engineering students) to study existing systems and maybe even come up with a better software.

        So closing up all those systems does not stop the bad guys, but makes it hard to impossible for anybody who is interested in those systems in a lawful way.

      3. maffski

        Re: In the new automated world we are creating...

        No, they just have to restrict who is allowed to feed information into it

        No, 'I was only following orders' is exactly the wrong thing to do. The systems needs a healthy level of cynicism built it.

    2. Anonymous Coward
      Anonymous Coward

      Re: In the new automated world we are creating...

      I thought that was the point of AI, to learn from experience and adapt.

  4. Anonymous Coward
    Anonymous Coward

    Yet we applaud this 'always connected' world????

    Sigh.

    Fools leading the blind into disaster.

    In the past, we humans would have adapted and worked around this sort of thing. Now we are content/have been conditioned to leave it to our robotic overlords.

    There clearly is no future for us as a race...

    1. Anonymous Coward
      Anonymous Coward

      Re: Yet we applaud this 'always connected' world????

      It's a hack on a prototype system, exactly the kind of thing we need for this tech to develop. What's with the doom and gloom? Someone needs a hug!

      1. andyp-random-number

        Re: Yet we applaud this 'always connected' world????

        ...a prototype system they would like to sell "as is"....normally.

        What would have been nice is if the same type of people, with the same enquiring minds, that did the "hack" (new word for software testing), were part of the development / testing process before roads dug up etc.

        At present things are always said to work....until someone just happens to properly test it. If that someone happens to not come along and study it, then it would have gone into production, and then at some inconvenient time in the future would have produced a problem.

        ....yeah, go on then, I'll take a hug :)

    2. Rich 11 Silver badge

      Re: Yet we applaud this 'always connected' world????

      There clearly is no future for us as a race...

      Certainly not if there are traffic lights on the racetrack.

  5. Justin Case
    Windows

    I despair

    Why rely on what a "car" is telling you? A car that can easily be co-opted into telling lies.

    Why not use independent sensors that "see" what's really there?

    1. Tim Seventh

      Re: I despair

      Why rely on what a "car" is telling you? A car that can easily be co-opted into telling lies.

      Why not use independent sensors that "see" what's really there?

      We screwed up that part too, by 'hacking' the sensors with covers on traffic signs, and hand-drawn car lane trap (a nice circle with doted lines on the outer side, the smart car can enter but can never exit).

    2. Cuddles Silver badge

      Re: I despair

      "Why not use independent sensors that "see" what's really there?"

      Indeed, traffic lights with cameras and/or under-road sensors seem to work perfectly well around here, including turning green in plenty of time to drive through without slowing down if no other cars are around. Replacing that with a system that requires every vehicle to have a broadcast device fitted adds a huge amount of complication and vulnerability without adding any real benefit. And of course, since you can't rely on all vehicles actually having it, you still need an entire normal system working in parallel anyway.

    3. boltar Silver badge

      Re: I despair

      "Why not use independent sensors that "see" what's really there?"

      I guess you didn't get the memo - anything "connected" is cool. It doesn't matter if it actually works, what matters is the kudos and reflected glory the local officials get from having greenlit something similar idiots will consider cutting edge. Either than or they fell hook & line for some marketing BS by some company or uni spin off that had a product to flog.

  6. andyp-random-number

    Same old story

    When it comes to software, earning money takes priority. No one seems to take time to test properly since that reduces profit. If the one scenario that it is built for seems to work, get it out the door and let the user test it.

    There's also money in changing the design further down the road once it's been signed off by the customer and will then be called an upgrade as it is outside the original contract.

  7. Ralph B

    This is why we can't have nice things

    This is why we can't have nice things. But knowing that people are going to do this sort of thing, then obviously we should design in defences against it. Even though the engineering involved is going to make the system 5 to 10x more expensive to deploy.

    It still rather sticks in the throat that the ones who'll be doing this defensive engineering are probably the same one who would otherwise attack the system. It's like a protection racket run by nerds.

    1. BinkyTheMagicPaperclip Silver badge

      Re: This is why we can't have nice things

      It really isn't the same. There's potentially a person with a set of skills who could go one of three ways

      1) Designing systems safe from malicious input

      2) Testing systems to ensure they're safe from malicious input (possible alternative career option, but not a certainty)

      3) Actively and illegally trying to exploit systems.

      Saying that they would otherwise choose 3) is a huge stretch. Whilst there are a number of bored teenagers out there trying to exploit systems for laughs, there's also a criminal element attempting it for profit, and nation states hacking to achieve their own aims.

      The genie cannot be put back in the bottle. They've been provided a potential risk, and it's up to them to assess if this is a risk that needs to be mitigated against. If the risk is one with a high probability then the researchers should be thanked, as it's better than having a day zero exploit of your systems.

      It is in no way the same as a protection racket, where it isn't a case that the people could otherwise go the other way, it's a case that the racketeers *ARE* definitely going to attack if their racket is not paid. It's more akin to someone telling you your locks are a little weak, but that once they've been replaced (and not by the lock adviser) then no-one can get in easily.

  8. Walter Bishop Silver badge
    Facepalm

    Spoof traffic entering the Intelligent Traffic Signal System

    The attacker can change the speed and location in its BSM [Basic Safety Message – El Reg] message to set the arrival time and the requested phase of her choice and thus increase the corresponding arrival table element by one

    Have they ever considered designing a system that doesn't rely on any user generated data.

    1. Jason Bloomberg Silver badge

      Re: Spoof traffic entering the Intelligent Traffic Signal System

      Have they ever considered designing a system that doesn't rely on any user generated data.

      It's not really user generated data; it's data generated by the vehicle system, and there's no reasonable presumption such a system would wilfully lie if working as intended.

      All data comes from somewhere and any somewhere can be hacked or replaced to provide false data. The problem is that it's hard to tell if it is correct or false data, being user generated or through a fault or error.

      It's a simple trick, effectively standing in the lift lobby shouting "hold the doors!" but never boarding, radioing air traffic control that you are coming in for an emergency landing when you don't have a plane, calling in false reports to an emergency service, causing yourself to be prioritised to the detriment of others.

      1. JetSetJim Silver badge

        Re: Spoof traffic entering the Intelligent Traffic Signal System

        > It's not really user generated data; it's data generated by the vehicle system,

        Isn't it "crowdsourced", and therefore trendy?

        It needs some anomaly detection routines to detect the spoofers.

      2. Doctor Syntax Silver badge

        Re: Spoof traffic entering the Intelligent Traffic Signal System

        "It's not really user generated data; it's data generated by the vehicle system, and there's no reasonable presumption such a system would wilfully lie if working as intended."

        There is, however, an unreasonable presumption that the system will work as intended and that nobody will get at it to make it lie.

      3. Anonymous Coward
        Anonymous Coward

        Re: Spoof traffic entering the Intelligent Traffic Signal System

        radioing air traffic control that you are coming in for an emergency landing when you don't have a plane,

        Whenever I get cold-called by spammers, I tell them that I don't have a phone.

      4. Michael Wojcik Silver badge

        Re: Spoof traffic entering the Intelligent Traffic Signal System

        All data comes from somewhere and any somewhere can be hacked or replaced to provide false data

        Exactly. In fact I don't see any need to "hack" the I-SIG transmitter in a car (and then go through the trouble of "parking it nearby", per the article). Just use SDR and a small embedded system, and you can hide your fake-I-SIG transmitter pretty much anywhere. Have it broadcast only at random times, and it'll be that much harder to locate.

        The same would be true if the sensors were mounted on fixed infrastructure rather than on the vehicles.

        If you want a stronger guarantee of the provenance of your data, you have to use mechanisms that give you such a guarantee. Moving the sensors from vehicles to infrastructure is not one of them.

        This really has very little to do with connected vehicles, other than that the DoT lumped it into their CV pilot program.

        1. Charles 9 Silver badge

          Re: Spoof traffic entering the Intelligent Traffic Signal System

          "If you want a stronger guarantee of the provenance of your data, you have to use mechanisms that give you such a guarantee. Moving the sensors from vehicles to infrastructure is not one of them."

          Problem is, I don't think such a guarantee exists. ANY kind of authentication mechanism can be subverted if hacked.

  9. Anonymous Coward
    Anonymous Coward

    Ah Intelligent traffic lights...

    ...the ones that allow a empty bus running 2 minutes late to hold up otherwise free flowing traffic.

    1. BinkyTheMagicPaperclip Silver badge

      Re: Ah Intelligent traffic lights...

      your point is? The person standing at the next stop is expecting the bus two minutes ago.

  10. John Smith 19 Gold badge
    FAIL

    Wow. This is like software failure mode bingo. I call "HOUSE"

    1) Authentication bypass. Because it does not matter who the vehicle is.

    2) Data from vehicle is "trusted." No apparent "sanity checks"

    3) Data has no security on it. Basically plain text in the context of this system.

    4) System developed by traffic signals specialists without (it seems) any consideration of "Blackhats."

    5) Without 4 its "No one will hack this because because a) It's no benefit to them b) The information to do so is too obscure to find." It seems a is inaccurate and we know how well b has worked before.

    6) "Vehicle side" system can be compromised by hardware, software (malware) and wireless (spoofing data) means (according to the report).

    7) system is in "transition" mode until 95% of all US vehicles are fitted with it. That may be some time.

    8) If we're into spoofing packets already how does the system run with DoS attacks and stupid numbers of packets from the same vehicle? Should be a) Too many coming from vehicle b) Ignore this vehicle. But who knows?

    Hence I call "HOUSE".

    Attention DoT (and other government departments)

    Wake the f**k up. Everything that has 2 or more elements linked by a radio/cable link can be hacked. How badly it can be hacked depends on design. Defense in depth demands you accept the possibility that one (or more) devices/staff/software systems has gone rogue and there is now a "fox" in the "hen house."

    And yes, despite it's snore inducingly dull subject (traffic) there are bad people who can find a use for this technology.

    1. Michael Wojcik Silver badge

      Re: Wow. This is like software failure mode bingo. I call "HOUSE"

      And yes, despite it's snore inducingly dull subject (traffic) there are bad people who can find a use for this technology.

      Sure. It's useful as a low-sustained-cost terror attack, for example: snarl up traffic (significantly worse than normal) for many days in a row in an urban center.

      Low-sustained-cost is actually a successful terrorism strategy. The IRA used it for years to bolster their position so they could run an extortion racket, among other organized-crime goodies, and then leveraged it to claim legitimated political power. Muhammad & Malvo used it to scare the crap out of D.C. residents for three weeks, and they could have continued doing so for years (particularly if they periodically moved on to a new city) had they not gotten greedy and lazy.

      There are lots of potential LSC terror projects. Arson of abandoned (and thus poorly defended) buildings is another; free-range arson was a big contributor to the gutting of Detroit.

      Compared to bombings, sniping, and arson, fucking with traffic doesn't seem like much - unless you're depending on an emergency vehicle, perhaps. But that kind of widespread, low-level cost really eats away at a locality's civil society and ability to make rational group decisions (often pretty low to begin with). And note the asymmetry: it's nearly zero cost for the attacker, assuming we have a high density of vulnerable "smart" intersections in the metro core.

      In fact, what this sort of thing shows is that "terror masterminds" are much rarer than the government scaremongers would have us believe. Terrorist organizations are generally far more successful with this sort of strategy than with plowing lots of resources into splashy attacks with a high probability of failure.

  11. PNGuinn Silver badge
    WTF?

    Boring

    The Italian Job was much more fun.

    The last century called. It wants its comedy back.

    1. hammarbtyp Silver badge

      Re: Boring

      "The Italian Job was much more fun."

      who knew that Benny Hill was a master hacker

  12. Anonymous Coward
    Anonymous Coward

    Traffic flow

    There's a striking similarity between vehicle traffic and packet flow.

    Most roads appear to be CSMA/CD or xon/xoff based, add some CDMA and all our problems will be solved.

    Why is this connection so slow?

    1. Stoneshop Silver badge
      Boffin

      Re: Traffic flow

      CSMA/CD

      Problem is that a lot of traffic doesn't gracefully back off in case of a CS, interpreting MA as My Access. And CD, while working in a way, has rather a large time delay between the actual C and any traffic rerouting required, never mind that the involved cars only rarely manage to get retransmitted.

      1. earl grey Silver badge
        Paris Hilton

        Re: Traffic flow

        in case of a CS

        Well, she knows.

  13. unwarranted triumphalism Bronze badge

    Can't we just blame this on someone else?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019