A survey of artificial intelligence-related cybersecurity risks and countermeasures in Mobility-as-a-Service
Date published
Free to read from
Supervisor/s
Journal Title
Journal ISSN
Volume Title
Publisher
Department
Type
ISSN
Format
Citation
Abstract
Mobility-as-a-service (MaaS) integrates different transport modalities and can support more personalization of travelers’ journey planning based on their individual preferences, behaviors and wishes. To fully achieve the potential of MaaS, a range of artificial intelligence (AI) (including machine learning and data mining) algorithms are needed to learn personal requirements and needs to optimize the journey planning of each traveler and all travelers as a whole, to help transport service operators and relevant governmental bodies to operate and plan their services, and to detect and prevent cyberattacks from various threat actors, including dishonest and malicious travelers and transport operators. The increasing use of different AI and data processing algorithms in both centralized and distributed settings opens the MaaS ecosystem up to diverse cyber and privacy attacks at both the AI algorithm level and the connectivity surfaces. In this article, we present the first comprehensive review on the coupling between AI-driven MaaS design and the diverse cybersecurity challenges related to cyberattacks and countermeasures. In particular, we focus on how current and emerging AI-facilitated privacy risks (profiling, inference, and third-party threats) and adversarial AI attacks (evasion, extraction, and gamification) may impact the MaaS ecosystem. These risks often combine novel attacks (e.g., inverse learning) with traditional attack vectors (e.g., man-in-the-middle attacks), exacerbating the risks for the wider participation actors and the emergence of new business models.
Description
Software Description
Software Language
Github
Keywords
DOI
Rights
Relationships
Relationships
Resources
Funder/s
This work was supported by the Engineering and Physical Sciences Research Council (EPSRC), part of the UK Research and Innovation (UKRI), as part of the research projects “MACRO – Mobility as a service: Managing Cybersecurity Risks across Consumers, Organisations and Sectors” (EP/V039164/1), and “TAS-S: Trustworthy Autonomous Systems: Security” (EP/V026763/1).