Existing cyber-attacks are classified as in-vehicle network attacks, vehicle-to-everything network (V2X) attacks, and additional attacks in the context of CAVs[4]. For the execution of these cyber-attacks, we first determine the vehicle's attack surfaces. The total of distinct attack points on a system's attack surface is the number of ways an adversary might try to inject or extract data from the system to compromise the vehicle's security. Remote sensor intrusions, for example, can be carried out via a hacked radar, which is called an attack surface
In-Vehicle Network Attacks
Remote sensor attacks, GPS spoofing attacks, location trailing attacks, proximity vulnerabilities, controller area network (CAN) and society of automotive engineers buses vulnerabilities, software flashing attacks on electronic control units (ECUs)[6], and integrated business services attacks are all examples of in-vehicle network attacks.
Remote Sensor Attacks
One of the main issues in the environment of CAVs is that numerous electrical components, such as ultrasonic radar, lidar, camera, and other sensors, are connected via an in-vehicle network. In terms of range, detecting capabilities, and reliability, each type of sensor has its own set of advantages and disadvantages. Furthermore, existing wireless access technologies can be used by other organizations to connect to sensors
GPS Spoofing Attacks
Global Positioning System, which provides geolocation and trilateration, is frequently used by CAVs. Many important operations rely on it, including pseudonym certificates, fundamental safety messages, and message timestamps. For CAVs, accuracy and truthfulness are essential. The attacker manipulates the received GPS signal arbitrarily in the attacked region in GPS spoofing assaults[8]. It gives recipients false information. Furthermore, the opponent broadcasts a fraudulent GPS signal with a higher signal strength than the real GPS signal.
Location Trailing Attacks
The attacker can collect private information from drivers by finding and following their automobiles in location tracing attacks[9]. The enemy can use location information to uncover car habits and activities, as well as collect the driver's profile and connect it to personal privacy in the real world.
Close Proximity Vulnerabilities
Short-range communication systems reveal risks close. These flaws might have occurred by chance. Bluetooth, tire pressure monitoring systems (TPMS), and keyless entry and ignition systems can all be used to carry out these tasks
Bluetooth
A possible memory attack has been identified in the Bluetooth control code, allowing code from any linked Bluetooth device to be executed. The engine control units of a vehicle may be attacked by a hacked device that has been linked with it. The driver, on the other hand, is completely unaware of the attack. Furthermore, cryptography algorithms have built numerous safe Bluetooth protocols.
Tire Pressure Monitoring System (TPMS):
Standard modulation schemes and simple protocols are typically used in TPMS communications. TPMS communications can be reverse-engineered since they don't rely on cryptographic techniques. Furthermore, TPMS malfunctions may be caused by spoofing and battery depletion assaults.
Key Fob and Keyless Entry:
There are two methods for entering the vehicle: key fob entry and keyless automobile entry. When the driver tries to lock his car with a variety of devices, such as garage door openers and house light controllers/dimmers, the opponent may block the signals from the key fob. The signals of the key fob will be jammed in entire regions of car parks or streets once these devices are buried in bushes and operated for lengthy periods.