Gateway Servers for the Internet of Vehicles (IoV) must meet stringent Security and Quality of Service (QoS) requirements, including cyberattack protection, low delays and minimal packet loss, to offer secure real-time data exchange for human and vehicle safety and efficient road traffic management. Therefore, it is vital to protect these systems from cyberattacks with adequate Attack Detection (AD) and Mitigation mechanisms. Such attacks often include packet Floods that impair the QoS of the networks and Gateways and even impede the Gateways capability to carry out AD. Thus, this paper first evaluates these effects using system measurements during Flood attacks. It then demonstrates how a Smart Quasi-Deterministic Policy Forwarder (SQF) at the entrance of the Gateway can regulate the incoming traffic to ensure that the Gateway supports the AD to operate promptly during an attack. Since Flood attacks create substantial packet backlogs, we propose a novel Adaptive Attack Mitigation (AAM) system that is activated after an attack is detected to dynamically sample the incoming packet stream, determine whether the attack is continuing, and also drop batches of packets at the input to reduce the effects of the attack. The AAM is designed to minimize a cost function that includes the sampling overhead and the cost of lost benign packets. We show experimentally that the Optimum AAM approach is effective in mitigating attacks and present theoretical and experimental results that validate the proposed approach.

翻译：车联网（IoV）网关服务器必须满足严格的安全性和服务质量（QoS）要求，包括网络攻击防护、低延迟与最小化数据包丢失，以保障人车安全所需的实时数据安全交换及高效道路交通管理。因此，通过有效的攻击检测（AD）与缓解机制保护这些系统免受网络攻击至关重要。此类攻击常包含数据包洪泛，此类攻击不仅会损害网络及网关的QoS，甚至可能阻碍网关执行攻击检测的能力。为此，本文首先通过洪泛攻击期间的系统测量评估了这些影响。随后论证了在网关入口部署智能准确定性策略转发器（SQF）如何通过调控输入流量，确保网关在攻击期间仍能支持攻击检测机制及时运作。鉴于洪泛攻击会产生大量数据包积压，本文提出一种新型自适应攻击缓解（AAM）系统，该系统在检测到攻击后激活，通过动态采样输入数据包流以判定攻击是否持续，并在输入端批量丢弃数据包以降低攻击影响。AAM的设计旨在最小化包含采样开销与良性数据包丢失代价的成本函数。实验表明，最优AAM方法能有效缓解攻击，本文同时提供了验证该方法的理论与实验结果。