Multi-agent reinforcement learning-based passenger spoofing attack on Mobility-as-a-Service

Date published

2024-03-19

Free to read from

2024-04-02

Supervisor/s

Journal Title

Journal ISSN

Volume Title

Publisher

IEEE

Department

Type

Article

ISSN

1545-5971

Format

Citation

Chu KF, Guo W. (2024) Multi-agent reinforcement learning-based passenger spoofing attack on Mobility-as-a-Service. IEEE Transactions on Dependable and Secure Computing. Available online 19 March 2024

Abstract

Cyber-physical systems, such as smart transportation, face security threats from both digital and physical realms. Recently, Mobility-as-a-Service (MaaS) has emerged as a novel transportation concept, offering passengers access to diverse mobility services via a unified platform. Central to this system is the smart MaaS coordinator, tasked with tailoring services to passengers based on their profiles and behaviors. However, the coordination of heterogeneous passengers introduces vulnerabilities, enabling malicious entities to exploit the system by impersonating priority passengers with falsified information. Effective detection mechanisms require a deep understanding of the spoofing process. This paper investigates threats to the smart MaaS coordinator, unveiling a new reinforcement learning-based attack named the passenger spoofing attack, which aims to mitigate the risk of inadvertently exposing MaaS vulnerabilities post-deployment. This attack leverages feedback from actions and experiences to manipulate system profitability and passenger satisfaction by generating false passenger information. Furthermore, our research reveals that multi-agent reinforcement learning, accounting for spatial distribution among malicious agents and passengers, strengthens the attack. Through simulations based on datasets from New York City and synthetic sources, we demonstrate that the attack can significantly reduce 70% of profit and 50% of passenger satisfaction. Spatial analysis indicates an effective distance of approximately two nodes from the origin or destination. This study enriches our comprehension of the vulnerabilities inherent in smart coordinators within MaaS, enabling the development of robust countermeasures against malicious actors.

Description

Software Description

Software Language

Github

Keywords

Passenger spoofing attack, multi-agent reinforcement learning, multimodal transport, intelligent transportation systems

DOI

Rights

Attribution 4.0 International

Relationships

Relationships

Supplements

Funder/s

This work was supported by EPSRC MACRO - Mobility as a service: Managing Cybersecurity Risks across Consumers, Organisations and Sectors (EP/V039164/1)