サイバーセキュリティ先端研究所2025年10月
Evaluation of A Cybersecurity System Applied to Small Satellite Missions
学会・研究会:76th International Astronautical Congress (IAC 2025)
著者:Isai Fajardo-Tapia, Yuta Nakagawa, Rafael Rodriguez-Leon, Yusuke Yamamoto, Takuya Watanabe, Hiroshi Kumagai, Masaki Kamizono (DTCY)
概要:The rapid rise of small satellites has transformed the space industry, offering cost-effective solutions for communication, earth observation, technology demonstration, and scientific research. However, these satellites often lack strong cybersecurity measures, making them susceptible to cyber threats that can disrupt operations, compromise data, and manipulate onboard functions. To address these risks, this study proposes a hardware architecture that integrates encryption, authentication, and monitoring functions using commercial off-the-shelf (COTS) components. Although COTS parts improve adaptability, updatability, and cost-effectiveness, their performance and reliability must be assessed for space missions. The paper analyses the selection of devices for security requirements, reliability, and resource demands to guide informed selection of components. Space environment analysis, simulations, and operation tests are conducted on the candidate devices to ensure reliability in performance. Based on these findings, a hardware architecture was proposed to prove the concept of a system that addresses threat vectors while maintaining performance and CubeSat-class platform constraints. Adopting the proposed architecture, a system is being developed for deployment on a 6U CubeSat in a Sun-synchronous orbit, and some system operation considerations are discussed. The ultimate goal is to establish a scalable security solution to protect small satellites in an increasingly contested space environment
https://www.iac2025.org/(外部サイト)
2025年9月
Multi-Query Verifiable PIR and Its Application
学会・研究会:IEICE TRANSACTIONS on Fundamentals, Vol. E108-A, No.9
著者:Ryuya Hayashi (AIST), Junichiro Hayata, Keisuke Hara, Kenta Nomura, Masaki Kamizono (DTCY), Goichiro Hanaoka (AIST)
概要:Private information retrieval (PIR) allows a client to obtain records from a database without revealing the retrieved index to the server. In the single-server model, it has been known that (plain) PIR is vulnerable to selective failure attacks, where a (malicious) server intends to learn information of an index by getting a client’s decoded result. Recently, as one solution for this problem, Ben-David et al. (TCC 2022) proposed verifiable PIR (vPIR) that allows a client to verify that the queried database satisfies certain properties. However, the existing vPIR scheme is not practically efficient, especially when we consider the multi-query setting. We introduce a new formalization of multi-query vPIR and provide an efficient scheme based on authenticated PIR (APIR) and succinct non-interactive arguments of knowledge (SNARKs). Communication cost is O(n|a| + |π|) with only one SNARK proof for n queries. We also present an OCSP application and show that adding SNARK proofs does not significantly increase communication.
https://globals.ieice.org/.../10.1587/transfun.2024DMP0006/_f(外部サイト)
2025年8月
Adversarial Fog: Exploiting the Vulnerabilities of LiDAR Point Cloud Preprocessing Filters
受賞:Best Paper Award
学会・研究会:ACM AsiaCCS 2025
著者:Yuna Tanaka , Kazuki Nomoto (Waseda University/DTCY), Ryunosuke Kobayashi , Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:We propose Adversarial Fog Attack (AFA), a framework that injects strategically configured artificial fog layers to disrupt both ML-based and density-based LiDAR object detection. By modeling LiDAR–fog interaction and analyzing preprocessing filters, AFA achieves 100% success with a six-layer configuration; simulations show collisions at 37.1 km/h average without deceleration. Physical experiments confirm invisibility at 30 m. We discuss countermeasures (noise removal rate heuristics, thermal fusion).
https://asiaccs2025.hust.edu.vn/(外部サイト)
2025年8月
Invisible but Detected: Physical Adversarial Shadow Attack and Defense on LiDAR Object Detection
学会・研究会:USENIX Security 2025
著者:Ryunosuke Kobayashi (Waseda University), Kazuki Nomoto, Yuna Tanaka (Waseda University/DTCY), Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:“Shadow Hack” manipulates naturally occurring object shadows using LiDAR-reflective/absorptive materials to induce misclassification. Optimized adversarial shadows yield up to 100% success (11–21 m) in simulation; physical tests reach 100% (PointPillars) / 98% (SECOND-IoU). We also introduce BB-Validator achieving 100% defense while preserving accuracy.
https://www.usenix.org/.../usenixsecurity25(外部サイト)
2025年8月
WIP: Evaluating the End-to-End Impact of False Localization Attacks on vSLAM-Based Autonomous Drones
学会・研究会:VehicleSec2025
著者:Yuga Ebine (Waseda University), Kazuki Nomoto, Yuna Tanaka (Waseda University/DTCY), Ryunosuke Kobayashi, Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:Phantom Path Attack projects dynamic adversarial visual stimuli to mislead ORB-SLAM3, producing localization errors up to 252 m and altitude deviation of 70 m in end-to-end drone simulations, risking crashes. Highlights need for LiDAR/IMU fusion and dynamic moving-object filtering.
https://www.usenix.org/conference/vehiclesec25(外部サイト)
2025年8月
Poster: A Security Evaluation Framework for V2X Communication in Autonomous Driving System
学会・研究会:VehicleSec2025
著者:Kodai Hirai (Waseda University), Yuna Tanaka, Kazuki Nomoto (Waseda University/DTCY), Ryunosuke Kobayashi, Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:-
https://www.usenix.org/conference/vehiclesec25(外部サイト)
2025年8月
WIP: Evaluation of Threats and Impacts of HD Map Tampering Attacks in Autonomous Driving
学会・研究会:VehicleSec2025
著者:Miyu Sato, Ryunosuke Kobayashi (Waseda University), Kazuki Nomoto, Yuna Tanaka (Waseda University/DTCY), Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:High-definition (HD) maps are essential for autonomous vehicle (AV) navigation, providing detailed road and lane structure information. However, their static nature makes them vulnerable to tampering, posing significant security risks. This study systematically categorizes HD map tampering threats and evaluates their impact through an end-to-end autonomous driving simulation using Autoware and AWSIM. By modifying lane widths in HD maps, we demonstrate how small modifications can cause AVs to deviate from safe trajectories, affecting both planning and control. Our findings demonstrate the need for robust HD map verification, cryptographic validation of map updates, and a balance between HD map reliance and real-time perception. The study demonstrates the importance of securing HD maps to ensure safe and reliable AV operations.
https://www.usenix.org/conference/vehiclesec25(外部サイト)
2025年8月
WIP: Understanding the Mechanisms Behind NDT-Based Localization Vulnerabilities in Autonomous Driving
学会・研究会:VehicleSec2025
著者:Yuna Tanaka, Kazuki Nomoto (Waseda University/DTCY), Ryunosuke Kobayashi, Go Tsuruoka (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:Accurate localization is critical for autonomous driving (AD), yet its security risks remain insufficiently explored, particularly in driving scenarios involving sensor fusion. This study investigates the vulnerabilities of Normal Distributions Transform (NDT) scan matching, a widely used localization method, and analyzes the conditions under which localization errors occur. We reveal that NDT relies primarily on nearby LiDAR point cloud structures from the pre-built map, making it susceptible to gradual manipulations that accumulate over time. To evaluate the impact of such manipulations, we conduct experiments simulating real-world scenarios, incorporating sensor fusion with an Extended Kalman Filter (EKF). Our findings identify key factors influencing localization errors, including target object selection and movement patterns, and confirm that these manipulations can induce errors of up to 23 m. End-to-end evaluation demonstrates that these errors can lead to hazardous driving behaviors, such as lane departures, missed traffic signals, and unintended sidewalk encroachments. By systematically analyzing the vulnerability of NDT-based localization, this study highlights the need for more robust localization mechanisms in AD.
https://www.usenix.org/conference/vehiclesec25(外部サイト)
2025年8月
Demo: A Practical Guide to Building a White-Box End-to-End Autonomous Driving Testbed with Open-Source AD and CAN-Based Drive-By-Wire Vehicle
受賞:Best Demo Award
学会・研究会:VehicleSec2025
著者:Go Tsuruoka (Waseda University), Kazuki Nomoto, Yuna Tanaka (Waseda University/DTCY), Ryunosuke Kobayashi (Waseda University), Tatsuya Mori (Waseda University/NICT/RIKEN AIP)
概要:Autonomous driving (AD) systems face various security threats, including attacks on sensors and machine learning modules. End-to-end (E2E) security evaluations are essential for understanding how component-level attacks translate into control-level consequences, and they are primarily conducted in simulation environments because of cost efficiency and safety concerns. However, recent studies demonstrate gaps between simulations and physical environments, underscoring the need for physical testing. Although commercial vehicles provide a potential test platform in physical experiments, their closed-source nature limits explainability and reproducibility, and integrating open-source alternatives can be challenging due to a lack of documentation. To address these challenges, we present systematic documentation of integration challenges and practical solutions encountered when implementing open-source AD systems on hardware platforms. As a concrete implementation, we demonstrate the integration of Autoware with a CAN-based drive-by-wire system for E2E evaluation environment. This demo shows videos of our recent efforts to build a white-box testbed that integrates Autoware with a CAN-based drive-by-wire vehicle for security research as a concrete implementation of our practical integration guideline. The demo includes AD capabilities and E2E security evaluations of emergency stopping functions and adversarial attacks on pedestrian detection. Implementation details, source code, and additional documentation are available at
https://www.usenix.org/conference/vehiclesec25(外部サイト)
2025年7月
バイナリファジングを用いた正常なプログラムとの挙動比較によるIoT機器のトロイ化検出手法
受賞:CSEC優秀研究賞, CSEC優秀学生研究賞, 推薦論文
学会・研究会:セキュリティサマーサミット2025
著者:金城 豪志 (岡山大学), 高田 雄太, 熊谷 裕志, 神薗 雅紀 (DTCY), 山内 利宏 (岡山大学)
概要:近年,IoT 機器の普及に伴い,IoT 機器を標的とした攻撃が増加しており,特に外部ネットワークやサプライチェーン攻撃を通じて不正なコードが組み込まれるトロイ化は検出が困難である.先行研究ROSAはファジングとメタモルフィックテストを組み合わせシステムコール種類差異から検出するが,入力分類誤差や微細差分による誤検知と詳細調査工数増が課題である.本研究は正常機器と検査対象機器双方に同一テストデータでバイナリファジングを実施し,取得システムコール発行順序の差分比較でトロイ化を検出する手法を提案する.これにより誤検知抑制と調査工数削減を両立できることを ROSARUM を用いた比較評価で示す.
https://ken.ieice.org/ken/program/...IPSJ-CSEC(外部サイト)