nIoVe aims at advancing the state-of-the-art and current state-of-practice in cybersecurity, including:
Early Prediction and Detection:
- The attack prediction and detection tool allows cyber-defence companies to automate the process of correlating specific security, system and network events that may have been logged at different places in the network over short or long period of time.
- Risk assessment Engine will detect intrusions of attacks from the internet at an early stage, and additionally detects intrusions to the in-vehicle network as a second step.
- Anomaly detection based on ML will provide abnormal system behaviour first, and then all other behavioural patterns will be considered as normal, but this process will be dynamin so new abnormal system behaviour entries will increase the system's ability.
Response and Recovery Mechanisms:
- The response mechanism is a multi-layered offering a robust response to the complex attacks in the IoV ecosystem at its various layers.
- The response plans may differ depending on whether the attack was directed to single vehicles, or single components (nodes) of the IoV network infrastructure.
- Both active and passible responses will be used according to the critical asset profile and role on the IoV network.
- nIoVe Recovery Toolkit has three kinds of recovery actions will be possible to take place: 1. Data recovery, 2. Device recovery and 3. System recovery.
- Automatic process of data, device and system recovery after a real-world attack, or as a simulated IoV simulated incident.