Towards a comparable evaluation for VANET protocols: NS-2 experiments builder assistant and extensible test bed

Proceedings of: 9th Embedded Security in Cars Conference (ESCAR 2011), November 9 to 10, 2011, Dresden, GermanyIn order to validate an Intelligent Transportation System (ITS) application or service, simulation techniques are usually employed. Nowadays, there are two problems associated to this kind of validation: the relative complexity of existing simulators and the lack of common criteria in the creation of simulation experiments. The first one makes it hard for users not familiar with a simulation tool to create and execute comprehensive experiments. The second one leads to a situation in which different proposals are validated in different scenarios, thus making it difficult to compare their performance. This work contributes on addressing both problems by proposing VanSimFM, an open-source assistant tool for creating NS-2 simulation experiments, and by defining an extensible test bed which contains a set of simulation scenarios. The test bed is intended to represent the different situations that may be found in a real vehicular environment.This work is partially supported by Ministerio de Ciencia e Innovacion of Spain, project E-SAVE, under grant TIN2009-13461.No publicad

Improving the Authentication Mechanism of Business to Consumer (B2C) Platform in a Cloud Computing Environment: Preliminary Findings

The reliance of e-commerce infrastructure on cloud computing environment has undoubtedly increased the security challenges in web-based e-commerce portals. This has necessitated the need for a built-in security feature, essentially to improve the authentication mechanism, during the execution of its dependent transactions. Comparative analysis of the existing works and studies on XML-based authentication and non-XML signaturebased security mechanisms for authentication in Business to Consumer (B2C) e-commerce showed the advantage of using XML-based authentication, and its inherent weaknesses and limitations. It is against this background that this study, based on review and meta-analysis of previous works, proposes an improved XML digital signature with RSA algorithm, as a novel algorithmic framework that improves the authentication strength of XML digital signature in the B2C e-commerce in a cloud-based environment. Our future works include testing and validation, and simulation, of the proposed authentication framework in Cisco’s XML Management Interface with inbuilt feature of NETCONF. The evaluation will be done in conformity to international standard and guideline –such as W3C and NIST

A Framework of Fog Computing: Architecture, Challenges and Optimization

This is the author accepted manuscript. The final version is available from IEEE via the DOI in this record.Fog Computing (FC) is an emerging distributed computing platform aimed at bringing computation close to its data sources, which can reduce the latency and cost of delivering data to a remote cloud. This feature and related advantages are desirable for many Internet-of-Things applications, especially latency sensitive and mission intensive services. With comparisons to other computing technologies, the definition and architecture of FC are presented in this article. The framework of resource allocation for latency reduction combined with reliability, fault tolerance, privacy, and underlying optimization problems are also discussed. We then investigate an application scenario and conduct resource optimization by formulating the optimization problem and solving it via a Genetic Algorithm. The resulting analysis generates some important insights on the scalability of FC systems.This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/P020224/1] and the EU FP7 QUICK project under Grant Agreement No. PIRSES-GA-2013-612652. Yang Liu was supported by the Chinese Research Council

Secure Authentication and Privacy-Preserving Techniques in Vehicular Ad-hoc NETworks (VANETs)

In the last decade, there has been growing interest in Vehicular Ad Hoc NETworks (VANETs). Today car manufacturers have already started to equip vehicles with sophisticated sensors that can provide many assistive features such as front collision avoidance, automatic lane tracking, partial autonomous driving, suggestive lane changing, and so on. Such technological advancements are enabling the adoption of VANETs not only to provide safer and more comfortable driving experience but also provide many other useful services to the driver as well as passengers of a vehicle. However, privacy, authentication and secure message dissemination are some of the main issues that need to be thoroughly addressed and solved for the widespread adoption/deployment of VANETs. Given the importance of these issues, researchers have spent a lot of effort in these areas over the last decade. We present an overview of the following issues that arise in VANETs: privacy, authentication, and secure message dissemination. Then we present a comprehensive review of various solutions proposed in the last 10 years which address these issues. Our survey sheds light on some open issues that need to be addressed in the future

TruMan : trust management for vehicular networks

Orientador: Luiz Carlos Pessoa AlbiniDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 21/05/2018Inclui referências: p.54-60Área de concentração: Ciência da ComputaçãoResumo: À medida em que computadores tornam-se menores e mais poderosos, a possibilidade de integrá-los a objetos do cotidiano é cada vez mais interessante. Ao integrar processadores e unidades de comunicação sem fio a veículos, é possível criar uma rede veicular ad-hoc (VANET), na qual carros compartilham dados entre si para cooperar e criar ruas mais seguras e eficientes. Uma solução descentralizada ad-hoc, que não depende de infraestrutura pré-existente, conexão com a internet ou disponibilidade de servidores, é preferida para que a latência de entrega de mensagens seja a mais curta possível em situações críticas. No entanto, assim como é o caso de muitas novas tecnologias, VANETs serão um alvo de ataques realizados por usuários maliciosos, que podem obter benefícios ao afetar condições de trânsito. Para evitar tais ataques, uma importante característica para redes veiculares é o gerenciamento de confiança, permitindo que nós filtrem mensagens recebidas de acordo com valores de confiança previamente estabelecidos e designados a outros nós. Para gerar esses valores de confiança, nós usam informações adquiridas de interações passadas; nós que frequentemente compartilham dados falsos ou irrelevantes terão valores de confiança mais baixos do que os que aparentam ser confiáveis. Este trabalho introduz TruMan, um modelo de gerenciamento de confiança para redes veiculares no contexto de trajetos diários, utilizando o Working Day Movement Model como base para a mobilidade de nós. Este modelo de movimentação permite a comparação entre VANETs e redes sociais tradicionais, pois é possível observar que pares de veículos podem se encontrar mais de uma vez em diversos cenários: por exemplo, eles podem pertencer a vizinhos ou colegas de trabalho, ou apenas tomar rotas similares diariamente. Através de repetidos encontros, uma relação de confiança pode ser desenvolvida entre um par de nós. O valor de confiança resultante pode também ser usado para auxiliar outros nós que podem não ter uma relação desenvolvida entre si. O TruMan é baseado em um algoritmo já existente, que é desenvolvido para redes centralizadas e focado em modelos ad-hoc estáticos; seus conceitos são adaptados para servir uma rede descentralizada e dinâmica, que é o caso de VANETs. Usando valores de confiança formados por interações entre nós, um grafo de confiança é modelado; suas arestas representam as relações de confiança entre pares de nós. Então, componentes fortemente conexos do grafo são formados, de forma que cada nó em um componente confie nos outros nós do mesmo componente direta ou indiretamente. Um algoritmo de coloração de grafo é usado no grafo de componentes resultantes e, usando os resultados de coloração, é possível inferir quais nós são considerados maliciosos pelo consenso da rede. TruMan é rápido, colocando pouca carga nos computadores dos veículos, e satisfaz a maioria das propriedades desejáveis para modelos de gerenciamento de confiança veiculares. Palavras-chave: redes veiculares, gerenciamento de confiança, identificação de nós maliciosos.Abstract: As computers become small and powerful, the possibility of integrating them into everyday objects is ever more appealing. By integrating processors and wireless communication units into vehicles, it is possible to create a vehicular ad-hoc network (VANET), in which cars share data amongst themselves in order to cooperate and make roads safer and more efficient. A decentralized ad-hoc solution, which doesn't rely on previously existing infrastructure, Internet connection or server availability, is preferred so the message delivery latency is as short as possible in the case of life-critical situations. However, as is the case with most new technologies, VANETs might be a prime target for attacks performed by malicious users, who may benefit from affecting traffic conditions. In order to avoid such attacks, one important feature for vehicular networks is trust management, which allows nodes to filter incoming messages according to previously established trust values assigned to other nodes. To generate these trust values, nodes use information acquired from past interactions; nodes which frequently share false or irrelevant data will have lower trust values than the ones which appear to be reliable. This work introduces TruMan, a trust management model for vehicular networks in the context of daily commutes, utilizing the Working Day Movement Model as a basis for node mobility. This movement model allows the comparison of VANETs to traditional social networks, as it can be observed that pairs of vehicles are likely to meet more than once in several scenarios: for example, they can belong to neighbors or work colleagues, or simply take similar routes every day. Through these repeated encounters, a trust relationship can be developed between a pair of nodes. The resulting trust value can also be used to aid other nodes which might not have a developed relationship with each other. TruMan is based on a previously existing algorithm, which was developed for centralized networks and focused on static ad-hoc models; its concepts were adapted to serve a decentralized and dynamic network, which is the case of VANETs. Using trust values formed by node interactions, a trust graph is modeled; its edges represent trust relationships between pairs of nodes. Then, strongly connected components are formed so that each node in each component trusts other nodes in the same component directly or indirectly. A graph coloring algorithm is used on the resulting components graph and, using the coloring results, it is possible to infer which nodes are considered malicious by the consensus of the network. TruMan is fast, so it incurs low pressure on on-board computers, and is able to satisfy most desired properties for vehicular trust management models. Keywords: vehicular networks, trust management, malicious node identification

Diseño e implementación de VanSimFM, un asistente para la generación de escenarios vehiculares en NS-2

Las redes vehiculares ad-hoc (VANET) serán, con toda probabilidad, el gran salto de las TIC en la industria automovilística tan pronto como se disponga de modelos de comportamiento que justifiquen las inversiones necesarias para desarrollar los dispositivos hardware y las aplicaciones que den contenido a esas redes. En la práctica, estos modelos de comportamiento sólo pueden obtenerse, a un coste asumible, a través de aplicaciones de simulación capaces de predecir el comportamiento de una aplicación o protocolo para VANET en diferentes escenarios. Aunque se dispone de un gran número de simuladores, tanto de movilidad como de red, existen dificultades importantes para su uso de forma confortable: - Su manejo no es sencillo, y varía bastante de una herramienta a otra. - La interacción entre simuladores de movilidad y red también resulta compleja. - Al trabajar cada investigador sobre parámetros diferentes de los demás, a veces resulta difícil o imposible comparar resultados de simulaciones del mismo modelo realizadas con criterios distintos. Ante esta situación, este proyecto plantea el análisis, diseño y construcción de un sistema que: - Integre diferentes simuladores disponibles. - Automatice la interacción entre simuladores de movilidad y de red. - Simplifique y haga homogénea la creación de experimentos de simulación. - Permita la incorporación de nuevas funcionalidades y herramientas. Adicionalmente, el proyecto pretende construir un catálogo de experimentos de simulación con los escenarios más representativos del entorno real de las VANET. _________________________________________________________________________________________________________________Ad-hoc vehicular networks (VANET) will become, with a high probability, the big bet of the Information and Communication Technologies into the automotive industry, as soon as models of behavior are made available to justify the costs of developing new hardware devices and applications that build those nets and their contents. In practice, those behavioral models can only be obtained, at a reasonable cost, by using simulation applications capable of predicting the behavior of a VANET on different scenarios. Even though such tools already exist, for mobility and network simulations, there are some important difficulties for them to be used in a comfortable way: - Use is not simple, and quite different from tool to tool. - The interaction among mobility and network simulation tools is also fairly complex. - As each person works on parameters different from the others, sometimes is difficult or even impossible to compare simulation results of a single model elaborated by two different set of criteria. To face such situation, this project proposes the analysis, design and construction of a system that: - Integrates different simulation tools available. - Automates the interactions among mobility and network simulation tools. - Simplify and homogenize the definition of simulation experiments. - Allows the inclusion of new functionalities/tools. Additionally, the project will attempt to create a catalog of simulation experiments that includes the most representative scenarios of the VANET’s real environment.Ingeniería en Informátic

Security and Privacy Preservation in Mobile Social Networks

Social networking extending the social circle of people has already become an important integral part of our daily lives. As reported by ComScore, social networking sites such as Facebook and Twitter have reached 82 percent of the world's online population, representing 1.2 billion users around the world. In the meantime, fueled by the dramatic advancements of smartphones and the ubiquitous connections of Bluetooth/WiFi/3G/LTE networks, social networking further becomes available for mobile users and keeps them posted on the up-to-date worldwide news and messages from their friends and families anytime anywhere. The convergence of social networking, advanced smartphones, and stable network infrastructures brings us a pervasive and omnipotent communication platform, named mobile social network (MSN), helping us stay connected better than ever. In the MSN, multiple communication techniques help users to launch a variety of applications in multiple communication domains including single-user domain, two-user domain, user-chain domain, and user-star domain. Within different communication domains, promising mobile applications are fostered. For example, nearby friend search application can be launched in the two-user or user-chain domains to help a user find other physically-close peers who have similar interests and preferences; local service providers disseminate advertising information to nearby users in the user-star domain; and health monitoring enables users to check the physiological signals in the single-user domain. Despite the tremendous benefits brought by the MSN, it still faces many technique challenges among of which security and privacy protections are the most important ones as smartphones are vulnerable to security attacks, users easily neglect their privacy preservation, and mutual trust relationships are difficult to be established in the MSN. In this thesis, we explore the unique characteristics and study typical research issues of the MSN. We conduct our research with a focus on security and privacy preservation while considering human factors. Specifically, we consider the profile matching application in the two-user domain, the cooperative data forwarding in the user-chain domain, the trustworthy service evaluation application in the user-star domain, and the healthcare monitoring application in the single-user domain. The main contributions are, i) considering the human comparison behavior and privacy requirements, we first propose a novel family of comparison-based privacy-preserving profile matching (PPM) protocols. The proposed protocols enable two users to obtain comparison results of attribute values in their profiles, while the attribute values are not disclosed. Taking user anonymity requirement as an evaluation metric, we analyze the anonymity protection of the proposed protocols. From the analysis, we found that the more comparison results are disclosed, the less anonymity protection is achieved by the protocol. Further, we explore the pseudonym strategy and an anonymity enhancing technique where users could be self-aware of the anonymity risk level and take appropriate actions when needed; ii) considering the inherent MSN nature --- opportunistic networking, we propose a cooperative privacy-preserving data forwarding (PDF) protocol to help users forward data to other users. We indicate that privacy and effective data forwarding are two conflicting goals: the cooperative data forwarding could be severely interrupted or even disabled when the privacy preservation of users is applied, because without sharing personal information users become unrecognizable to each other and the social interactions are no longer traceable. We explore the morality model of users from classic social theory, and use game-theoretic approach to obtain the optimal data forwarding strategy. Through simulation results, we show that the proposed cooperative data strategy can achieve both the privacy preservation and the forwarding efficiency; iii) to establish the trust relationship in a distributed MSN is a challenging task. We propose a trustworthy service evaluation (TSE) system, to help users exchange their service reviews toward local vendors. However, vendors and users could be the potential attackers aiming to disrupt the TSE system. We then consider the review attacks, i.e., vendors rejecting and modifying the authentic reviews of users, and the Sybil attacks, i.e., users abusing their pseudonyms to generate fake reviews. To prevent these attacks, we explore the token technique, the aggregate signature, and the secret sharing techniques. Simulation results show the security and the effectiveness of the TSE system can be guaranteed; iv) to improve the efficiency and reliability of communications in the single-user domain, we propose a prediction-based secure and reliable routing framework (PSR). It can be integrated with any specific routing protocol to improve the latter's reliability and prevent data injection attacks during data communication. We show that the regularity of body gesture can be learned and applied by body sensors such that the route with the highest predicted link quality can always be chose for data forwarding. The security analysis and simulation results show that the PSR significantly increases routing efficiency and reliability with or without the data injection attacks