Nataša Trkulja, M. Sc.

Nataša Trkulja, M. Sc.
Nataša Trkulja, M. Sc.
wiss. Angestellte
Institut für Verteilte Systeme
Institut für Verteilte Systeme
Universität Ulm
Albert-Einstein-Allee 11
89081 Ulm
Germany
Room: O27 3210
Office Hours

For in-person or online meetings, please arrange an appointment via mail.
Alternatively, you can try to drop by at my office.

Nataša Trkulja

Nataša Trkulja is a research assistant at the Institute of Distributed Systems. Her research focuses on the security of wireless communication networks, particularly as related to Vehicle-to-Everything (V2X) networks.

She holds a Master of Science degree (M.Sc.) from Boston University (USA) in Electrical Engineering and a Bachelor of Science degree (B.Sc.) from Worcester Polytechnic Institute (USA) in Electrical and Computer Engineering. She worked in the automotive industry for three years as an electrical design engineer prior to starting graduate school.

Research

Projects

  • CONNECT (09/2022 - ongoing): Continuous and Efficient Cooperative Trust Management for Resilient CCAM. Funding: European Union’s Horizon Europe
  • SAVE (11/2020 – 06/2023): Securing Automated VEhicles – Japan-Germany. Funding: BMBF.
  • SecForCARs (04/2018 – 01/2023): Security for Connected Automated Cars. Funding: BMBF.

Publications

2024

Ouattara, K.I., Petrovska, A., Hermann, A., Trkulja, N., Dimitrakos, T. and Kargl, F. 2024. On Subjective Logic Trust Discount for Referral Paths. 2024 27th International Conference on Information Fusion (FUSION) (2024), 1–8.

2023

Bradatsch, L., Miroshkin, O., Trkulja, N. and Kargl, F. 2023. Zero Trust Score-based Network-level Access Control in Enterprise Networks. 2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (2023), 1–7.
Zero Trust security has recently gained attention in enterprise network security. One of its key ideas is making network-level access decisions based on trust scores. However, score-based access control in the enterprise domain still lacks essential elements in our understanding, and in this paper, we contribute with respect to three crucial aspects. First, we provide a comprehensive list of 29 trust attributes that can be used to calculate a trust score. By introducing a novel mathematical approach, we demonstrate how to quantify these attributes. Second, we describe a dynamic risk-based method to calculate the trust threshold the trust score must meet for permitted access. Third, we introduce a novel trust algorithm based on Subjective Logic that incorporates the first two contributions and offers fine-grained decision possibilities. We discuss how this algorithm shows a higher expressiveness compared to a lightweight additive trust algorithm. Performance-wise, a prototype of the Subjective Logic-based approach showed similar calculation times for mak- ing an access decision as the additive approach. In addition, the dynamic threshold calculation showed only 7% increased decision-making times compared to a static threshold.
Kargl, F., Trkulja, N., Hermann, A., Sommer, F., Ferraz de Lucena, A.R., Kiening, A. and Japs, S. 2023. Securing Cooperative Intersection Management through Subjective Trust Networks. 2023 IEEE 97th Vehicular Technology Conference (VTC2023-Spring) (2023), 1–7.
Connected, Cooperative, and Autonomous Mobility (CCAM) will take intelligent transportation to a new level of complexity. CCAM systems can be thought of as complex Systems-of-Systems (SoSs). They pose new challenges to security as consequences of vulnerabilities or attacks become much harder to assess. In this paper, we propose the use of a specific type of a trust model, called subjective trust network, to model and assess trustworthiness of data and nodes in an automotive SoS. Given the complexity of the topic, we illustrate the application of subjective trust networks on a specific example, namely Cooperative Intersection Management (CIM). To this end, we introduce the CIM use-case and show how it can be modelled as a subjective trust network. We then analyze how such trust models can be useful both for design time and run-time analysis, and how they would allow us a more precise quantitative assessment of trust in automotive SoSs. Finally, we also discuss the open research problems and practical challenges that need to be addressed before such trust models can be applied in practice.
Hermann, A., Wolf, M., Trkulja, N., Jemaa, I.B., Bkakria, A. and Kargl, F. 2023. Privacy of Smart Traffic Lights Systems. 2023 IEEE Vehicular Networking Conference (VNC) (2023), 17–24.
Smart traffic lights systems (STLSs) are a promising approach to improve traffic efficiency at intersections. They rely on the information sent by vehicles via C2X communication (like in cooperative awareness messages (CAMs)) at the managed intersection. While there exists a large body of work on privacy-enhancing technologies (PETs) for cooperative Intelligent Transport Systems (cITS) in general, such PETs like changing pseudonyms often impact the performance of cITS applications. This paper analyzes the extent to which different PETs affect the performance of two types of STLSs, a phase-based and a reservation-based STLS. These are implemented in SUMO and combined with four different PETs. Through extensive simulations we then investigate the impact of those PETs on STLS performance metrics like time loss, waiting time, fuel consumption, and average velocity. Our analysis shows that the impact of PETs on performance varies greatly depending on the type of STLS. Finally, we propose a hybrid STLS which is a combination of the two STLS types as a potential solution for limiting the negative impact of PETs on performance.
Trkulja, N., Hermann, A., Petrovska, A., Kiening, A., Ferraz de Lucena, A.R. and Kargl, F. 2023. In-vehicle trust assessment framework. 21th escar Europe : The World’s Leading Automotive Cyber Security Conference (Hamburg, 15. - 16.11.2023) (2023).
Today’s vehicles run various safety-critical applications requiring data input from diverse in-vehicle components. Adaptive Cruise Control (ACC), for example, can rely on the data input from components such as lidar, radar, GNSS, and cameras. Malicious manipulation of any of this data compromises the data integrity and can result in safety incidents or accidents on the road. Security mechanisms like intrusion detection can be in place; however, they can not reliably assess the consequences of attacks on a system level or for arbitrary subsystems. In this paper, we present a Trust Assessment Framework (TAF) that allows an in-vehicle application in a complex System-of-Systems to assess whether it can trust the integrity of its input data.The TAF assesses the trustworthiness of every component in the data flow chain based on collected evidence. We explain this concept with the example of ACC and show case two ossible implementations of the TAF inside a vehicle.

2022

Kargl, F., Krontiris, I., Weimerskirch, A., Williams, I. and Trkulja, N. 2022. Privacy Protection of Automated and Self-Driving Vehicles (Dagstuhl Seminar 22042). Dagstuhl Reports. 12, 1 (2022), 83–100.
This report documents the program and the outcomes of Dagstuhl Seminar 22042 "Privacy Protection of Automated and Self-Driving Vehicles". The Seminar reviewed existing privacy-enhancing technologies, standards, tools, and frameworks for protecting personal information in the context of automated and self-driving vehicles (AVs). We specifically focused on where such existing techniques clash with requirements of an AV and its data processing and identified the major road blockers on the way to deployment of privacy protection in AVs from a legal, technical, business and ethical perspective. Therefore, the seminar took an interdisciplinary approach involving autonomous and connected driving, privacy protection, and legal data protection experts. This report summarizes the discussions and findings during the seminar, includes the abstracts of talks, and includes a report from the working groups.

2021

Trkulja, N., Starobinski, D. and Berry, R.A. 2021. Denial-of-Service Attacks on C-V2X Networks. Workshop on Automotive and Autonomous Vehicle Security (AutoSec) (2021), 25.
Cellular Vehicle-to-Everything (C-V2X) has been adopted by the FCC as the technology standard for safety related transportation and vehicular communications in the US. C-V2X allows vehicles to self-manage the network in absence of a cellular base-station. Since C-V2X networks convey safety-critical messages, it is crucial to assess their security posture. This work contributes a novel set of Denial-of-Service (DoS) attacks on CV2X networks. The attacks are caused by adversarial resource block selection and vary in sophistication and efficiency. In particular, we consider “oblivious” adversaries that ignore recent transmission activity on resource blocks, “smart” adversaries that do monitor activity on each resource block, and “cooperative” adversaries that work together to ensure they attack different targets. We analyze and simulate these attacks to showcase their effectiveness. Assuming a fixed number of attackers, we show that at low vehicle density, smart and cooperative attacks can significantly impact network performance, while at high vehicle density, oblivious attacks are almost as effective as the more sophisticated attacks.

2020

Trkulja, N., Starobinski, D. and Berry, R.A. 2020. Denial-of-Service Attacks on C-V2X Networks. CoRR. abs/2010.13725, (2020).
Cellular Vehicle-to-Everything (C-V2X) networks are increasingly adopted by automotive original equipment manufacturers (OEMs). C-V2X, as defined in 3GPP Release 14 Mode 4, allows vehicles to self-manage the network in absence of a cellular base-station. Since C-V2X networks convey safety-critical messages, it is crucial to assess their security posture. This work contributes a novel set of Denial-of-Service (DoS) attacks on C-V2X networks operating in Mode 4. The attacks are caused by adversarial resource block selection and vary in sophistication and efficiency. In particular, we consider "oblivious" adversaries that ignore recent transmission activity on resource blocks, "smart" adversaries that do monitor activity on each resource block, and "cooperative" adversaries that work together to ensure they attack different targets. We analyze and simulate these attacks to showcase their effectiveness. Assuming a fixed number of attackers, we show that at low vehicle density, smart and cooperative attacks can significantly impact network performance, while at high vehicle density, oblivious attacks are almost as effective as the more sophisticated attacks.

Teaching Assistant:
  • Security of IT Systems (SEC) - WS 2021/2022
  • Praktische IT-Sicherheit (PSEC) - SS 2022
  • Embedded Security (EMS) - WS 2022/2023
  • Praktische IT-Sicherheit (PSEC) - SS 2023