Why AI and ML Offer the Best Protection Against Cyber Attacks on Connected Cars


May 16, 2018

Like all industries, the automotive industry is facing a major challenge due to digitalization: Big Data coming from multiple connected sources is only getting bigger, making it increasingly difficult to analyze and protect the connected car against cyber threats. The only way to cut through the data clutter and identify potential attacks is by leveraging AI and ML technologies for behavioral analysis of the data. Upstream Security’s unique technology is doing just that, giving OEMs and smart mobility services vital data visibility for a wholesome protection of their connected vehicles, apps, and car-fleets, as well as better control and management capabilities.

The problem: Big Data Overload

The proliferation of data due to digitalization processes across almost every industry, is not going to stop any time soon –in just 2 years’ time, the number of smart connected devices in the world is predicted to reach more than 50 billion, which means more data to be shared,  collected, and analyzed. IDC estimates that by 2020, new information generated every second for every human being will amount to approximately 1.7 megabytes, with an accumulated volume of 44 zettabytes (44 trillion GB)!

The prospects introduced by these vast amounts of data are numerous: more insight, better control, and deeper process understanding are just a few of the many implications humanity can derive from Big Data. However, along with the exponential knowledge growth, so becomes clear the realization that we are on the verge of having more data than any human capacity can possibly handle. The Big Data “problem” has raised two primary challenges over recent decades:

  1. How to accumulate and correlate all the data produced from so many different connected devices?
  2. How to make sense of all that data, and in the context of cybersecurity, how to identify anomalies and possible threats?
Humanity’s Response – Artificial Intelligence (AI) and Machine Learning (ML)

AI has stormed into our world with ML following right behind it offering significant promise: arming computers with human-like intelligence. The implementation of these technologies has a significant and immediate effect on handling and managing Big Data in practical industries such as medicine, banking, retail, or commerce. To illustrate this further, it’s enough to look at the many benefits AI and ML are already providing these industries:

  • In medicine, it is used to understand better and predict how cancer spreads through genomic data.
  • In banking, it is used to personalize banking services
  • In Astronomy, it is used to analyze data from deep space to study black holes
  • In warfare, it is used to predict terrorist behavior.
  • In IT cyber security, AI systems can categorize and identify new generations of malware and cyber-attacks which can be difficult to detect with conventional cybersecurity solutions.

The ability of AI and ML to collect vast amounts of data, process it, interpret it, classify it, and learn from it in order to plan, reason, and solve problems – is what ultimately allows us to manage, control, protect, and eventually benefit from Big Data across industries. To put it simply, AI and ML take Big Data and turn it into a coherent picture in order to derive valuable insight and identify potential problems.

False Positives – is There a Problem?

Since the very core of artificial intelligence relies on behavioral analysis rather than exact science, mistakes often occur.  However, machine learning, being the most advanced form of artificial intelligence, is slowly beginning to address this issue; it is inherently designed to become more and more adapt as it is exposed to more data, and is meant to learn from its failures, as well as from its success. As such, it creates its own learning curve, upgrading it as it goes along. In other words, machine learning might just be the answer to the false positives problem, but this is a matter too complex to resolve in this blog. For the purposes of the automotive industry, it seems machine learning is becoming a valuable tool.

Implementing AI and ML in the Automotive Industry

In the automotive industry, Big Data poses a significant problem with the connected car becoming more of a gadget than a purely physical product, constantly synced and updated. It now produces huge amounts of data.

According to a McKinsey & Company estimate, connected cars create up to 25GB of data per hour, and that’s just the beginning: autonomous cars are expected to generate more than 300 TB of data per year!

Where is all this data coming from?

From the vehicle’s hundreds of sensors and processes, the OTA software update servers, and the mobile apps. In other words, the complexity of the interconnectivity between connected cars, back-end servers, mobile apps data, application services data (such as car-sharing) and more, create a new connected car ecosystem data explosion that makes it an increasingly challenging task to make sense of it and create a coherent, big picture.

Combining machine learning with big-data analytics presents an opportunity to make sense of the huge volumes of valuable data collected from the vehicle, the servers, and the smart mobility services. Using machine learning, patterns of “normal” behavior can serve as baselines to identify anomalies of any kind: from cyber threats and policy violations to vehicle and driver irregular behaviors.

Upstream – Leveraging AI and ML to Secure the Connected Car

Leveraging latest advancements in AI and ML technology, Upstream uses sophisticated analytics to create full visibility into the telematics data, in order to drive actionable, real-time insights. After collecting the data from the multiple connected sources, the Upstream solution synthesizes these troves of data and distills actionable cyber security intelligence by processing it through 4 stages of intelligent, behavioral analytics:

  1. Threat inspection at the protocol and application level.
  2. Identification of communication patterns to detect anomalies in the communication between the vehicle, the server, and mobile apps.
  3. Detection of anomalies within the current vehicle status and context: for example, identifying a remote shut down engine command being sent to a vehicle while it is still traveling (which may seem as a valid action at the protocol level).
  4. Inspection of behavioral level patterns to detect anomalies in driver, vehicle, or entire fleets of cars.

Upstream’s technology is based on the realization that understanding the big picture produced from multiple sources in the complex connected car ecosystem is only possible through holistic, centralized visibility into the entire connected car ecosystem. Leveraging artificial intelligence and machine learning to perform behavioral analysis, allows Upstream to inspect every link in the chain, from the vehicle itself to the car apps and down to entire fleets of cars in parallel. This approach is the only one capable of providing ongoing monitoring, network-wide security, and behavioral control for the entire connected car’s ecosystem.


Learn more about how Upstream protects connected vehicles and car fleets at upstream.auto.

Newsletter Icon

H1'2024 Report: Redefining Automotive & Smart Mobility IoT Cyber Risks

Newsletter Icon

to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

The 2024 Paris Olympics: Navigating the Escalated Cyber Threat Landscape

As the Paris Olympic Games approach, ensuring the safety and success of the event is paramount. Transportation systems and fleets are critical components in this…

Read more

European Legislators are Charging Ahead on IoT Cybersecurity Regulations

IoT devices have become deeply embedded in the automotive and smart mobility ecosystem, dramatically transforming industries with increased efficiencies and innovation. However, this rapid technological…

Read more

The US Federal Government Zooms in on IoT Cybersecurity

As IoT device usage continues to expand across various sectors in the US, government efforts to ensure that these devices are not only effective but…

Read more

The State of Automotive Cybersecurity: Key Insights from Auto-ISAC European Summit

We recently took part in the Auto-ISAC European Summit at the iconic BMW-Welt in Munich, gaining valuable insights into the evolving automotive cybersecurity landscape. As…

Read more