Security Methods in Internet of vehicles

The emerging wireless communication technology known as vehicle ad hoc networks (VANETs) has the potential to both lower the risk of auto accidents caused by drivers and offer a wide range of entertainment amenities. The messages broadcast by a vehicle may be impacted by security threats due to the open-access nature of VANETs. Because of this, VANET is susceptible to security and privacy problems. In order to go beyond the obstacle, we investigate and review some existing researches to secure communication in VANET. Additionally, we provide overview, components in VANET in details

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

Protocols and Architecture for Privacy-preserving Authentication and Secure Message Dissemination in Vehicular Ad Hoc Networks

The rapid development in the automotive industry and wireless communication technologies have enhanced the popularity of Vehicular ad hoc networks (VANETs). Today, the automobile industry is developing sophisticated sensors that can provide a wide range of assistive features, including accident avoidance, automatic lane tracking, semi-autonomous driving, suggested lane changes, and more. VANETs can provide drivers a safer and more comfortable driving experience, as well as many other useful services by leveraging such technological advancements. Even though this networking technology enables smart and autonomous driving, it also introduces a plethora of attack vectors. However, the main issues to be sorted out and addressed for the widespread deployment/adoption of VANETs are privacy, authenticating users, and the distribution of secure messages. These issues have been addressed in this dissertation, and the contributions of this dissertation are summarized as follows: Secure and privacy-preserving authentication and message dissemination in VANETs: Attackers can compromise the messages disseminated within VANETs by tampering with the message content or sending malicious messages. Therefore, it is crucial to ensure the legitimacy of the vehicles participating in the VANETs as well as the integrity and authenticity of the messages transmitted in VANETs. In VANET communication, the vehicle uses pseudonyms instead of its real identity to protect its privacy. However, the real identity of a vehicle must be revealed when it is determined to be malicious. This dissertation presents a distributed and scalable privacy-preserving authentication and message dissemination scheme in VANET. Low overhead privacy-preserving authentication scheme in VANETs: The traditional pseudonym-based authentication scheme uses Certificate Revocation Lists (CRLs) to store the certificates of revoked and malicious entities in VANETs. However, the size of CRL increases significantly with the increased number of revoked entities. Therefore, the overhead involved in maintaining the revoked certificates is overwhelming in CRL-based solutions. This dissertation presents a lightweight privacy-preserving authentication scheme that reduces the overhead associated with maintaining CRLs in VANETs. Our scheme also provides an efficient look-up operation for CRLs. Efficient management of pseudonyms for privacy-preserving authentication in VANETs: In VANETs, vehicles change pseudonyms frequently to avoid the traceability of attackers. However, if only one vehicle out of 100 vehicles changes its pseudonym, an intruder can easily breach the privacy of the vehicle by linking the old and new pseudonym. This dissertation presents an efficient method for managing pseudonyms of vehicles. In our scheme, vehicles within the same region simultaneously change their pseudonyms to reduce the chance of linking two pseudonyms to the same vehicle

Review of Prevention Schemes for Man-In-The-Middle (MITM) Attack in Vehicular Ad hoc Networks

Vehicular Ad-Hoc Network (VANET) is an indispensable part of the Intelligent Transportation System (ITS) due to its abilities to enhance traffic management and safety. Many researchers have been focused on specific areas involving management and storage data, protocols standardization, network fragmentation, monitoring, and quality of service.  The benchmarks of security of VANET are studied and figured out in this paper. VANET provides the driver and passenger with the safety application as well as entertainment service. However, the communication between nodes in VANET is susceptible to security threats in both communication modes, which indicates the main hazard. In this paper, we identified different Man-In-The-Middle (MITM) attacks with various behaviors such as message tampering, message delaying, and message dropping, according to the literature. In this study, the essential background of VANET from architectural point of view and communication types are discussed. Then, the overview of MITM attack in VANET is presented. In addition, this paper thoroughly reviews the existing prevention schemes for MITM attack in VANET. This review paper reveals that there is still a need for a better and more efficient preventive scheme to address the MITM attack in VANET. This review paper could serve as evidence and reference in the development of any new security schemes for VANETs

Proposal: An Efficient Security and Privacy Scheme based on Elliptic Curve Cryptography (ECC) for Vehicular Ad hoc Network (VANET)

Vehicles in a vehicular ad-hoc network (VANET) broadcast information about the driving environment in the road. Due to the open-access environment, this means that the VANET is susceptible to security and privacy issues. However, none of the related works satisfies all security and privacy requirements. Besides, their proposed has huge overhead in terms of computation and communication. To address the above issues, we will propose the security and privacy scheme based on Elliptic Curve Cryptography (ECC) and one secure hash function. Hence the reliability of each message being signed and checked has been improved. The main aim of this work is to satisfy all aspect requirements of security and privacy and reduce the computational complexity of the system

A novel key management protocol for vehicular cloud security

Vehicular cloud computing (VCC) is a new hybrid technology which has become an outstanding area of research. VCC combines salient features of cloud computing and wireless communication technology to help drivers in network connectivity, storage space availability and applications. VCC is formed by dynamic cloud formation by moving vehicles. Security plays an important role in VCC communication. Key management is one of the important tasks for security of VCC. This paper proposes a novel key management protocol for VCC security. Proposed scheme is based on Elliptical Curve Cryptography (ECC). The simulation results demonstrated that the proposed protocol is efficient compared to existing key management algorithms in terms of key generation time, memory usage and cpu utilization

Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

Chebyshev Polynomial-Based Fog Computing Scheme Supporting Pseudonym Revocation for 5G-Enabled Vehicular Networks

he privacy and security of the information exchanged between automobiles in 5G-enabled vehicular networks is at risk. Several academics have offered a solution to these problems in the form of an authentication technique that uses an elliptic curve or bilinear pair to sign messages and verify the signature. The problem is that these tasks are lengthy and difficult to execute effectively. Further, the needs for revoking a pseudonym in a vehicular network are not met by these approaches. Thus, this research offers a fog computing strategy for 5G-enabled automotive networks that is based on the Chebyshev polynomial and allows for the revocation of pseudonyms. Our solution eliminates the threat of an insider attack by making use of fog computing. In particular, the fog server does not renew the signature key when the validity period of a pseudonym-ID is about to end. In addition to meeting privacy and security requirements, our proposal is also resistant to a wide range of potential security breaches. Finally, the Chebyshev polynomial is used in our work to sign the message and verify the signature, resulting in a greater performance cost efficiency than would otherwise be possible if an elliptic curve or bilinear pair operation had been employed

A hybrid dual-mode trust management scheme for vehicular networks

Vehicular ad-hoc networks allow vehicles to exchange messages pertaining to safety and road efficiency. Building trust between nodes can, therefore, protect vehicular ad-hoc networks from malicious nodes and eliminate fake messages. Although there are several trust models already exist, many schemes suffer from varied limitations. For example, many schemes rely on information provided by other peers or central authorities, for example, roadside units and reputation management centers to ensure message reliability and build nodes’ reputation. Also, none of the proposed schemes operate in different environments, for example, urban and rural. To overcome these limitations, we propose a novel trust management scheme for self-organized vehicular ad-hoc networks. The scheme is based on a crediting technique and does not rely on other peers or central authorities which distinguishes it as an economical solution. Moreover, it is hybrid, in the sense it is data-based and entity-based which makes it capable of revoking malicious nodes and discarding fake messages. Furthermore, it operates in a dual-mode (urban and rural). The simulation has been performed utilizing Veins, an open-source framework along with OMNeT++, a network simulator, and SUMO, a traffic simulator. The scheme has been tested with two trust models (urban and rural). The simulation results prove the performance and security efficacy of the proposed scheme

Location Privacy in VANETs: Improved Chaff-Based CMIX and Privacy-Preserving End-to-End Communication

VANETs communication systems are technologies and defined policies that can be formed to enable ITS applications to provide road traffic efficacy, warning about such issues as environmental dangers, journey circumstances, and in the provision of infotainment that considerably enhance transportation safety and quality. The entities in VANETs, generally vehicles, form part of a massive network known as the Internet of Vehicles (IoV). The deployment of large-scale VANETs systems is impossible without ensuring that such systems are themselves are safe and secure, protecting the privacy of their users. There is a risk that cars might be hacked, or their sensors become defective, causing inaccurate information to be sent across the network. Consequently, the activities and credentials of participating vehicles should be held responsible and quickly broadcast throughout a vast VANETs, considering the accountability in the system. The openness of wireless communication means that an observer can eavesdrop on vehicular communication and gain access or otherwise deduce users' sensitive information, and perhaps profile vehicles based on numerous factors such as tracing their travels and the identification of their home/work locations. In order to protect the system from malicious or compromised entities, as well as to preserve user privacy, the goal is to achieve communication security, i.e., keep users' identities hidden from both the outside world and the security infrastructure and service providers. Being held accountable while still maintaining one's privacy is a difficult balancing act. This thesis explores novel solution paths to the above challenges by investigating the impact of low-density messaging to improve the security of vehicle communications and accomplish unlinkability in VANETs. This is achieved by proposing an improved chaff-based CMIX protocol that uses fake messages to increase density to mitigate tracking in this scenario. Recently, Christian \etall \cite{vaas2018nowhere} proposed a Chaff-based CMIX scheme that sends fake messages under the presumption low-density conditions to enhance vehicle privacy and confuse attackers. To accomplish full unlinkability, we first show the following security and privacy vulnerabilities in the Christian \etall scheme: linkability attacks outside the CMIX may occur due to deterministic data-sharing during the authentication phase (e.g., duplicate certificates for each communication). Adversaries may inject fake certificates, which breaks Cuckoo Filters' (CFs) updates authenticity, and the injection may be deniable. CMIX symmetric key leakage outside the coverage may occur. We propose a VPKI-based protocol to mitigate these issues. First, we use a modified version of Wang \etall's \cite{wang2019practical} scheme to provide mutual authentication without revealing the real identity. To this end, a vehicle's messages are signed with a different pseudo-identity “certificate”. Furthermore, the density is increased via the sending of fake messages during low traffic periods to provide unlinkability outside the mix-zone. Second, unlike Christian \etall's scheme, we use the Adaptive Cuckoo Filter (ACF) instead of CF to overcome the effects of false positives on the whole filter. Moreover, to prevent any alteration of the ACFs, only RUSs distribute the updates, and they sign the new fingerprints. Third, mutual authentication prevents any leakage from the mix zones' symmetric keys by generating a fresh one for each communication through a Diffie–Hellman key exchange. As a second main contribution of this thesis, we focus on the V2V communication without the interference of a Trusted Third Party (TTP)s in case this has been corrupted, destroyed, or is out of range. This thesis presents a new and efficient end-to-end anonymous key exchange protocol based on Yang \etall's \cite{yang2015self} self-blindable signatures. In our protocol, vehicles first privately blind their own private certificates for each communication outside the mix-zone and then compute an anonymous shared key based on zero-knowledge proof of knowledge (PoK). The efficiency comes from the fact that once the signatures are verified, the ephemeral values in the PoK are also used to compute a shared key through an authenticated Diffie-Hellman key exchange protocol. Therefore, the protocol does not require any further external information to generate a shared key. Our protocol also does not require interfacing with the Roadside Units or Certificate Authorities, and hence can be securely run outside the mixed-zones. We demonstrate the security of our protocol in ideal/real simulation paradigms. Hence, our protocol achieves secure authentication, forward unlinkability, and accountability. Furthermore, the performance analysis shows that our protocol is more efficient in terms of computational and communications overheads compared to existing schemes.Kuwait Cultural Offic