Security in Autonomous Vehicles: A Review of Attacks and Defenses

Abstract

As Autonomous Vehicles (AVs) transition from controlled environments to real-world deployment, ensuring their cybersecurity has become critical. The integration of software, AI-based control systems, sensors, and Vehicle-to-Everything (V2X) communication significantly expands the attack surface, exposing AVs to a range of cyber and physical threats. This paper presents a review of AV security, with a particular focus on the classification of attacks across physical, software, communication, and hardware domains. It further analyzes existing defense mechanisms, including both traditional rule-based systems and emerging Machine Learning (ML) approaches, and examines current evaluation and testing strategies for assessing AV resilience. While notable progress has been made, the field still faces challenges related to generalization, real-world robustness, and standardized testing frameworks. This review identifies key gaps and outlines future directions toward building secure and trustworthy autonomous systems.

Introduction

1. Overview

• AVs integrate AI, sensors, control units, and wireless communication to enable safer, more efficient transportation.

• However, these same features create a complex attack surface vulnerable to cyber-physical threats.

• Attacks range from sensor spoofing and CAN bus injection to remote hijacking via APIs.

• Growing real-world attacks raise concerns about AV safety, reliability, and public trust.

2. Literature Review

• AV security research has evolved rapidly, covering:

  • Architectural vulnerability analysis

  • Intrusion detection (IDS)

  • Sensor fusion techniques

  • Adversarial machine learning attacks and defenses

  • Regulatory policy

• Key contributions:

  • Chowdhury et al. (2020) mapped real-world AV attacks and layered defenses.

  • Kim et al. (2021) meta-analyzed 151 papers, highlighting data-driven defenses.

  • Hataba et al. (2022) applied an OSI-layered taxonomy to AV vulnerabilities.

  • Recent works explore blockchain for secure vehicle communication and adversarial AI threats.

  • Abdallah et al. (2023) surveyed machine learning for CAN bus intrusion detection.

  • Rajapaksha et al. (2024) introduced a rare real-world dataset for CAN injection attacks.

  • Khadka et al. (2021) proposed simulation frameworks for standardized evaluation.

• Despite advances, gaps remain:

  • Few defenses validated in realistic or real-world conditions

  • Lack of standardized benchmarks and diverse testing environments

  • ML models often tested in synthetic or limited scenarios, raising reliability concerns

3. Security Challenges in AVs

• AVs’ heavy reliance on sensors, software, communication, and AI increases the attack surface.

• Cybersecurity must be integral from design, not an afterthought.

• Security failures can risk human safety, disrupt traffic systems, and damage public trust.

• Privacy concerns also grow due to sensitive data collection (location, behavior, biometrics).

4. Classification of Attacks

• AV attacks span multiple subsystems:

  • Physical & Access-level Attacks: Exploit exposed interfaces or insecure entry points.

    • Examples: Relay attacks on keyless entry, key fob spoofing, brute-force attacks on application units, immobilizer hacking.

  • Safety-Critical System Attacks: Target perception, localization, and control systems.

    • These can cause operational failures, accidents, or vehicle control loss.

Conclusion

Autonomous Vehicles bring together AI, real-time control, and complex networked systems, creating powerful capabilities but also exposing wide, layered attack surfaces. This review outlined the major categories of threats across physical, communication, and software domains, and assessed both traditional and ML-based defense strategies. While progress is clear, most existing solutions still rely on narrow assumptions or are tested only in controlled environments, making them fragile when faced with real-world variability. Security in AVs is no longer just about isolated protections; it\'s about designing resilient, adaptive systems from the ground up. Looking forward, the field needs more robust, generalizable defenses backed by high-fidelity datasets and unified testing frameworks. Research should push toward lightweight, explainable, and certifiable models that can operate on constrained hardware without sacrificing performance. As AV connectivity expands, especially through V2X and OTA updates, tackling distributed and coordinated threats becomes critical. Building trust in autonomous vehicles will ultimately hinge not just on functional safety, but on security that holds up under pressure—both in simulation and on real roads.

References

[1] A. Chowdhury, G. Karmakar, J. Kamruzzaman, A. Jolfaei, and R. Das, “Attacks on Self-Driving Cars and Their Countermeasures: A Survey,” IEEE Access, vol. 8, pp. 207308–207342, 2020, doi: 10.1109/ACCESS.2020.3037705. [2] K. Kim, J. S. Kim, S. Jeong, J.-H. Park, and H. K. Kim, “Cybersecurity for autonomous vehicles: Review of attacks and defense,” Computers & Security, vol. 103, p. 102150, Apr. 2021, doi: 10.1016/j.cose.2020.102150. [3] M. Hataba, A. Sherif, M. Mahmoud, M. Abdallah, and W. Alasmary, “Security and Privacy Issues in Autonomous Vehicles: A Layer-Based Survey,” IEEE Open J. Commun. Soc., vol. 3, pp. 811–829, 2022, doi: 10.1109/OJCOMS.2022.3169500. [4] A. Giannaros et al., “Autonomous Vehicles: Sophisticated Attacks, Safety Issues, Challenges, Open Topics, Blockchain, and Future Directions,” JCP, vol. 3, no. 3, pp. 493–543, Aug. 2023, doi: 10.3390/jcp3030025. [5] G. Hamza, Y. Taher, M. Z. Es-sadek, and A. Tmiri, “Cybersecurity in Autonomous Vehicles: A Comprehensive Review Study of Cyber-Attacks and AI-Based Solutions,” IJETT, vol. 72, no. 1, pp. 101–116, Jan. 2024, doi: 10.14445/22315381/IJETT-V72I1P111. [6] M. Girdhar, J. Hong, and J. Moore, “Cybersecurity of Autonomous Vehicles: A Systematic Literature Review of Adversarial Attacks and Defense Models,” IEEE Open J. Veh. Technol., vol. 4, pp. 417–437, 2023, doi: 10.1109/OJVT.2023.3265363. [7] E. E. Abdallah, A. Aloqaily, and H. Fayez, “Identifying Intrusion Attempts on Connected and Autonomous Vehicles: A Survey,” Procedia Computer Science, vol. 220, pp. 307–314, 2023, doi: 10.1016/j.procs.2023.03.040. [8] S. Rajapaksha, H. Kalutarage, G. Madzudzo, A. Petrovski, and M. O. Al-Kadri, “CAN-MIRGU: A Comprehensive CAN Bus Attack Dataset from Moving Vehicles for Intrusion Detection System Evaluation,” in Proceedings Symposium on Vehicle Security & Privacy, San Diego, CA, USA: Internet Society, 2024. doi: 10.14722/vehiclesec.2024.23043. [9] A. Khadka, P. Karypidis, A. Lytos, and G. Efstathopoulos, “A benchmarking framework for cyber-attacks on autonomous vehicles,” Transportation Research Procedia, vol. 52, pp. 323–330, 2021, doi: 10.1016/j.trpro.2021.01.038. [10] S. Sagam, “Securing the Future of Transportation: An In-Depth Analysis of Cybersecurity Challenges and Solutions for Autonomous Vehicles,” IJRASET, vol. 12, no. 8, pp. 1053–1063, Aug. 2024, doi: 10.22214/ijraset.2024.63967. [11] B. R. Mudhivarthi, P. Thakur, and G. Singh, “Aspects of Cyber Security in Autonomous and Connected Vehicles,” Applied Sciences, vol. 13, no. 5, p. 3014, Feb. 2023, doi: 10.3390/app13053014. [12] Y. Xu, X. Han, G. Deng, J. Li, Y. Liu, and T. Zhang, “SoK: Rethinking Sensor Spoofing Attacks against Robotic Vehicles from a Systematic View,” in 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), Delft, Netherlands: IEEE, Jul. 2023, pp. 1082–1100. doi: 10.1109/EuroSP57164.2023.00067. [13] D. Parekh et al., “A Review on Autonomous Vehicles: Progress, Methods and Challenges,” Electronics, vol. 11, no. 14, p. 2162, Jul. 2022, doi: 10.3390/electronics11142162. [14] M. S. Korium, M. Saber, A. Beattie, A. Narayanan, S. Sahoo, and P. H. J. Nardelli, “Intrusion detection system for cyberattacks in the Internet of Vehicles environment,” Ad Hoc Networks, vol. 153, p. 103330, Feb. 2024, doi: 10.1016/j.adhoc.2023.103330. [15] T. Islam, Md. A. Sheakh, A. N. Jui, O. Sharif, and M. Z. Hasan, “A review of cyber attacks on sensors and perception systems in autonomous vehicle,” Journal of Economy and Technology, vol. 1, pp. 242–258, Nov. 2023, doi: 10.1016/j.ject.2024.01.002. [16] Y. Wang, Q. Liu, E. Mihankhah, C. Lv, and D. Wang, “Detection and Isolation of Sensor Attacks for Autonomous Vehicles: Framework, Algorithms, and Validation,” IEEE Trans. Intell. Transport. Syst., vol. 23, no. 7, pp. 8247–8259, Jul. 2022, doi: 10.1109/TITS.2021.3077015. [17] M. Boughanja and T. Mazri, “Attacks and defenses on autonomous vehicles: a comprehensive Study,” in Proceedings of the 4th International Conference on Networking, Information Systems & Security, KENITRA AA Morocco: ACM, Apr. 2021, pp. 1–6. doi: 10.1145/3454127.3456575. [18] S. Jakobsen, K. Knudsen, and B. Andersen, “Analysis of Sensor Attacks Against Autonomous Vehicles:,” in Proceedings of the 8th International Conference on Internet of Things, Big Data and Security, Prague, Czech Republic: SCITEPRESS - Science and Technology Publications, 2023, pp. 131–139. doi: 10.5220/0011841800003482. [19] M. M. Abrar et al., “GPS-IDS: An Anomaly-based GPS Spoofing Attack Detection Framework for Autonomous Vehicles,” 2024, arXiv. doi: 10.48550/ARXIV.2405.08359. [20] A. Mohammadi et al., “Detection of Multiple Small Biased GPS Spoofing Attacks on Autonomous Vehicles Using Time Series Analysis,” IEEE Open J. Veh. Technol., vol. 6, pp. 1152–1163, 2025, doi: 10.1109/OJVT.2025.3559461. [21] Y. Zhu, C. Miao, H. Xue, Y. Yu, L. Su, and C. Qiao, “Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving,” in Proceedings of the 30th Annual International Conference on Mobile Computing and Networking, Washington D.C. DC USA: ACM, May 2024, pp. 436–451. doi: 10.1145/3636534.3649372. [22] Dr. N. Katiyar, Dr. A. Shukla, and Dr. N. Chawla, “AI in Autonomous Vehicles: Opportunities, Challenges, and Regulatory Implications,” eatp, Apr. 2024, doi: 10.53555/kuey.v30i4.2373. [23] T. H. H. Aldhyani and H. Alkahtani, “Attacks to Automatous Vehicles: A Deep Learning Algorithm for Cybersecurity,” Sensors, vol. 22, no. 1, p. 360, Jan. 2022, doi: 10.3390/s22010360. [24] J. Wang, L. Zhang, Y. Huang, J. Zhao, and F. Bella, “Safety of Autonomous Vehicles,” Journal of Advanced Transportation, vol. 2020, pp. 1–13, Sep. 2020, doi: 10.1155/2020/8867757. [25] E. Yurtsever, J. Lambert, A. Carballo, and K. Takeda, “A Survey of Autonomous Driving: Common Practices and Emerging Technologies,” IEEE Access, vol. 8, pp. 58443–58469, 2020, doi: 10.1109/ACCESS.2020.2983149.

Copyright

Copyright © 2025 Shivanshi Sharma, Naveen Kumar, Ritesh Rana, Sandeep Kumar, Ashok Kumar Kashyap. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.