Bradley Fighting Vehicle (Sgt. Brandon Banzhaf/US Army)

Defending against attacks on vehicle networks

As the Defense Department steps up research into automated and autonomous vehicles, Army researchers are developing a way to enhance their internal security without undermining performance.

Currently, in-vehicle networking protocols are bandwidth-constrained, difficult to scale and lack common security requirements. That makes it difficult to deliver enough bandwidth and compute power to vehicle components for reliable defense.

In collaboration with an international team of experts, researchers from the Army Research Laboratory (ARL) devised a technique to optimize a recognized cybersecurity strategy known as the moving target defense, which systematically changes multiple system dimensions to increase uncertainty and create complexity for attackers.

DESOLATOR -- which stands for deep reinforcement learning-based resource allocation and moving target defense deployment framework – uses machine learning to help the in-vehicle network identify the best way to shuffle the frequency and bandwidth allocation of IP addresses to deliver effective, long-term moving target defense.

“The idea is that it’s hard to hit a moving target,” Army mathematician Terrence Moore said. “If everything is static, the adversary can take their time looking at everything and choosing their targets. But if you shuffle the IP addresses fast enough, then the information assigned to the IP quickly becomes lost, and the adversary has to look for it again.”

DESOLATOR not only defends vehicle networks, but it also does so without generating additional overhead that could slow or degrade performance. Its value add is the use of “fewer resources to protect mission systems and connected devices in vehicles while maintaining the same quality of service,” Army computer scientist and program lead Frederica Free-Nelson said.

To ensure that DESOLATOR took both security and efficiency into equal consideration, the research team used deep reinforcement learning to shape the behavior of the algorithm so it would learn to limit exposure time and the number of dropped packets, for example. As a result, DESOLATOR identifies the optimal amount of network resources that should be allocated each network slice to minimizing packet loss as well as the ideal triggering interval for shuffling IP addresses to limit vulnerability. 

“Existing legacy in-vehicle networks are very efficient, but they weren’t really designed with security in mind,” Moore said. “Nowadays, there’s a lot of research out there that looks solely at either enhancing performance or enhancing security. Looking at both performance and security is in itself a little rare, especially for in-vehicle networks.”

Because DESOLATOR is a machine learning-based framework -- not limited to identifying the optimal IP shuffling frequency and bandwidth allocation -- other researchers can use it to pursue different goals within the problem space, ARL officials said.

“This ability to retool the technology is very valuable not only for extending the research but also marrying the capability to other cyber capabilities for optimal cybersecurity protection,” Nelson said.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.

Connect with Susan at [email protected] or @sjaymiller.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected