基于C-V2X的前向碰撞预警系统中协议合规拒绝服务攻击的真实场景评估 (Real-World Evaluation of Protocol-Compliant Denial-of-Service Attacks on C-V2X-based Forward Collision Warning Systems)

Cellular Vehicle-to-Everything (C-V2X) technology enables low-latency, reliable communications essential for safety applications such as a Forward Collision Warning (FCW) system. C-V2X deployments operate under strict protocol compliance with the 3rd Generation Partnership Project (3GPP) and the Society of Automotive Engineers Standard (SAE) J2735 specifications to ensure interoperability. This paper presents a real-world testbed evaluation of protocol-compliant Denial-of-Service (DoS) attacks using User Datagram Protocol (UDP) flooding and oversized Basic Safety Message (BSM) attacks that 7 exploit transport- and application-layer vulnerabilities in C-V2X. The attacks presented in this study transmit valid messages over standard PC5 sidelinks, fully adhering to 3GPP and SAE J2735 specifications, but at abnormally high rates and with oversized payloads that overload the receiver resources without breaching any protocol rules such as IEEE 1609. Using a real-world connected vehicle 11 testbed with commercially available On-Board Units (OBUs), we demonstrate that high-rate UDP flooding and oversized payload of BSM flooding can severely degrade FCW performance. Results show that UDP flooding alone reduces packet delivery ratio by up to 87% and increases latency to over 400ms, while oversized BSM floods overload receiver processing resources, delaying or completely suppressing FCW alerts. When UDP and BSM attacks are executed simultaneously, they cause near-total communication failure, preventing FCW warnings entirely. These findings reveal that protocol-compliant communications do not necessarily guarantee safe or reliable operation of C-V2X-based safety applications.

翻译：蜂窝车联网（C-V2X）技术为实现前向碰撞预警（FCW）等安全应用提供了低时延、高可靠性的通信保障。C-V2X的实际部署严格遵循第三代合作伙伴计划（3GPP）与汽车工程师学会（SAE）J2735标准协议，以确保系统互操作性。本文通过真实场景测试平台，评估了利用用户数据报协议（UDP）泛洪攻击与超规格基本安全消息（BSM）攻击这两种协议合规的拒绝服务（DoS）攻击方式，此类攻击通过利用C-V2X在传输层与应用层的漏洞实现。本研究提出的攻击通过标准PC5侧链路传输符合协议规范的有效消息，完全遵循3GPP与SAE J2735标准，但以异常高的速率及超规格的负载发送，从而在不违反任何协议规则（如IEEE 1609）的前提下耗尽接收端资源。通过采用配备商用车载单元（OBU）的真实网联车辆测试平台，我们证明高速率UDP泛洪与超规格BSM泛洪会严重降低FCW系统性能。实验结果表明：仅UDP泛洪攻击即可使数据包送达率降低最高达87%，时延增加至400毫秒以上；而超规格BSM泛洪会过载接收端处理资源，导致FCW警报延迟或完全被抑制。当UDP与BSM攻击同时执行时，将引发近乎完全的通信失效，致使FCW预警功能彻底瘫痪。这些发现揭示：协议合规的通信并不能保证基于C-V2X的安全应用实现安全可靠的运行。