Secure and robust multi-constrained QoS aware routing algorithm for VANETs

Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services with QoS and security guarantees. In Vehicular Ad hoc Networks (VANETs), vehicles perform routing functions, and at the same time act as end-systems thus routing control messages are transmitted unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on the routing process, and manipulation of the routing control messages. In this paper, we propose a novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ the Ant Colony Optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented Evolving Graph (VoEG) model to perform plausibility checks on the exchanged routing control messages among vehicles. Simulation results show that the QoS can be guaranteed while applying security mechanisms to ensure a reliable and robust routing service

Secure multi-constrained QoS reliable routing algorithm for vehicular ad hoc networks (VANETs)

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University LondonVehicular Ad hoc Networks (VANETs) are a particular form of wireless network made by vehicles communicating among themselves and with roadside base stations. A wide range of services has been developed for VANETs ranging from safety to infotainment applications. A key requirement for such services is that they are offered with Quality of Service (QoS) guarantees in terms of service reliability and availability. Furthermore, due to the openness of VANET’s wireless channels to both internal and external attacks, the application of security mechanisms is mandatory to protect the offered QoS guarantees. QoS routing plays an essential role in identifying routes that meet the QoS requirements of the offered service over VANETs. However, searching for feasible routes subject to multiple QoS constraints is in general an NP-hard problem. Moreover, routing reliability needs to be given special attention as communication links frequently break in VANETs. To date, most existing QoS routing algorithms are designed for stable networks without considering the security of the routing process. Therefore, they are not suitable for applications in VANETs. In this thesis, the above issues are addressed firstly by developing a link reliability model based on the topological and mathematical properties of vehicular movements and velocities. Evolving graph theory is then utilised to model the VANET communication graph and integrate the developed link reliability model into it. Based on the resulting extended evolving graph model, the most reliable route in the network is picked. Secondly, the situational awareness model is applied to the developed reliable routing process because picking the most reliable route does not guarantee reliable transmission. Therefore, a situation-aware reliable multipath routing algorithm for VANETs is proposed. Thirdly, the Ant Colony Optimisation (ACO) technique is employed to propose an Ant-based multi-constrained QoS (AMCQ) routing algorithm for VANETs. AMCQ is designed to give significant advantages to the implementation of security mechanisms that are intended to protect the QoS routing process. Finally, a novel set of security procedures is proposed to defend the routing process against external and internal threats. Simulation results demonstrate that high levels of QoS can be still guaranteed by AMCQ even when the security procedures are applied

A Trust Evaluation Framework in Vehicular Ad-Hoc Networks

Vehicular Ad-Hoc Networks (VANET) is a novel cutting-edge technology which provides connectivity to millions of vehicles around the world. It is the future of Intelligent Transportation System (ITS) and plays a significant role in the success of emerging smart cities and Internet of Things (IoT). VANET provides a unique platform for vehicles to intelligently exchange critical information, such as collision avoidance or steep-curve warnings. It is, therefore, paramount that this information remains reliable and authentic, i.e., originated from a legitimate and trusted vehicle. Due to sensitive nature of the messages in VANET, a secure, attack-free and trusted network is imperative for the propagation of reliable, accurate and authentic information. In case of VANET, ensuring such network is extremely difficult due to its large-scale and open nature, making it susceptible to diverse range of attacks including man-in-the-middle (MITM), replay, jamming and eavesdropping. Trust establishment among vehicles can increase network security by identifying dishonest vehicles and revoking messages with malicious content. For this purpose, several trust models (TMs) have been proposed but, currently, there is no effective way to compare how they would behave in practice under adversary conditions. Further, the proposed TMs are mostly context-dependent. Due to randomly distributed and highly mobile vehicles, context changes very frequently in VANET. Ideally the TMs should perform in every context of VANET. Therefore, it is important to have a common framework for the validation and evaluation of TMs. In this thesis, we proposed a novel Trust Evaluation And Management (TEAM) framework, which serves as a unique paradigm for the design, management and evaluation of TMs in various contexts and in presence of malicious vehicles. Our framework incorporates an asset-based threat model and ISO-based risk assessment for the identification of attacks against critical risks. TEAM has been built using VEINS, an open source simulation environment which incorporates SUMO traffic simulator and OMNET++ discrete event simulator. The framework created has been tested with the implementation of three types of TM (data-oriented, entity-oriented and hybrid) under four different contexts of VANET based on the mobility of both honest and malicious vehicles. Results indicate that TEAM is effective to simulate a wide range of TMs, where the efficiency is evaluated against different Quality of Service (QoS) and security-related criteria. Such framework may be instrumental for planning smart cities and for car manufacturers.University of Derb

A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles

With the growing threat of cyber and cyber-physical attacks against automobiles, drones, ships, driverless pods and other vehicles, there is also a growing need for intrusion detection approaches that can facilitate defence against such threats. Vehicles tend to have limited processing resources and are energy-constrained. So, any security provision needs to abide by these limitations. At the same time, attacks against vehicles are very rare, often making knowledge-based intrusion detection systems less practical than behaviour-based ones, which is the reverse of what is seen in conventional computing systems. Furthermore, vehicle design and implementation can differ wildly between different types or different manufacturers, which can lead to intrusion detection designs that are vehicle-specific. Equally importantly, vehicles are practically defined by their ability to move, autonomously or not. Movement, as well as other physical manifestations of their operation may allow cyber security breaches to lead to physical damage, but can also be an opportunity for detection. For example, physical sensing can contribute to more accurate or more rapid intrusion detection through observation and analysis of physical manifestations of a security breach. This paper presents a classification and survey of intrusion detection systems designed and evaluated specifically on vehicles and networks of vehicles. Its aim is to help identify existing techniques that can be adopted in the industry, along with their advantages and disadvantages, as well as to identify gaps in the literature, which are attractive and highly meaningful areas of future research

Intensional Cyberforensics

This work focuses on the application of intensional logic to cyberforensic analysis and its benefits and difficulties are compared with the finite-state-automata approach. This work extends the use of the intensional programming paradigm to the modeling and implementation of a cyberforensics investigation process with backtracing of event reconstruction, in which evidence is modeled by multidimensional hierarchical contexts, and proofs or disproofs of claims are undertaken in an eductive manner of evaluation. This approach is a practical, context-aware improvement over the finite state automata (FSA) approach we have seen in previous work. As a base implementation language model, we use in this approach a new dialect of the Lucid programming language, called Forensic Lucid, and we focus on defining hierarchical contexts based on intensional logic for the distributed evaluation of cyberforensic expressions. We also augment the work with credibility factors surrounding digital evidence and witness accounts, which have not been previously modeled. The Forensic Lucid programming language, used for this intensional cyberforensic analysis, formally presented through its syntax and operational semantics. In large part, the language is based on its predecessor and codecessor Lucid dialects, such as GIPL, Indexical Lucid, Lucx, Objective Lucid, and JOOIP bound by the underlying intensional programming paradigm.Comment: 412 pages, 94 figures, 18 tables, 19 algorithms and listings; PhD thesis; v2 corrects some typos and refs; also available on Spectrum at http://spectrum.library.concordia.ca/977460

Relevanzbasierte Nachrichtenselektion für die serientaugliche Integration von Fahrzeug-zu-Fahrzeug-Kommunikation

Die Fahrzeug-zu-Fahrzeug-Kommunikation ermöglicht neue Anwendungen durch den direkten Austausch von Informationen zwischen Fahrzeugen. In den vergangenen Jahrzehnten wurde dazu intensiv geforscht und eine standardisierte Technologie auf der Grundlage von WLAN geschaffen. Die Fahrzeuge erfassen damit andere Verkehrsteilnehmer in ihrem Umfeld, auch über Sichthindernisse hinweg. Bei der Umsetzung von Seriensystemen stehen die Fahrzeughersteller vor der Herausforderung, dass unter Umständen höhere Raten an Nachrichten empfangen werden als von den Fahrzeugsystemen verarbeitet werden können. Diese Arbeit betrachtet diese Problemstellung erstmals umfänglich und schlägt eine Lösung vor, um auch in Überlastsituationen die Funktionalität sicherheitsrelevanter Anwendungen zu gewährleisten. Zunächst werden die auftretenden Nachrichtenraten anhand einer gekoppelten Verkehrs-, Kommunikations- und Anwendungssimulation quantifiziert. Es bestätigt sich, dass auch unter alltäglichen Bedingungen Überlast auftreten kann. Daher wird vorgeschlagen, die Verarbeitung empfangener Nachrichten um zwei Module zu ergänzen, eine Relevanzschätzung und einen Selektionsmechanismus. Die Relevanzschätzung hat die Aufgabe, jede Nachricht nach ihrer Relevanz zu bewerten und mit einem Relevanzwert zu versehen. Je früher sich der Sender und Empfänger einer Nachricht begegnen, desto höher wird die Relevanz bewertet. Der Selektionsmechanismus wählt auf Basis dieser Relevanzwerte die jeweils relevanteste Nachricht zur Weiterverarbeitung aus und verwirft bei Überlast weniger relevante Nachrichten. Sowohl die Relevanzschätzung als auch der Selektionsmechanismus sollten möglichst effizient implementierbar sein. Die Evaluation beider Module zeigt auf, dass die vorgeschlagenen Konzepte für einen Serieneinsatz geeignet sind und die Entwicklung stabiler Gesamtfahrzeugsysteme ermöglichen