"On the Road" - Reflections on the Security of Vehicular Communication Systems

Vehicular communication (VC) systems have recently drawn the attention of industry, authorities, and academia. A consensus on the need to secure VC systems and protect the privacy of their users led to concerted efforts to design security architectures. Interestingly, the results different project contributed thus far bear extensive similarities in terms of objectives and mechanisms. As a result, this appears to be an auspicious time for setting the corner-stone of trustworthy VC systems. Nonetheless, there is a considerable distance to cover till their deployment. This paper ponders on the road ahead. First, it presents a distillation of the state of the art, covering the perceived threat model, security requirements, and basic secure VC system components. Then, it dissects predominant assumptions and design choices and considers alternatives. Under the prism of what is necessary to render secure VC systems practical, and given possible non-technical influences, the paper attempts to chart the landscape towards the deployment of secure VC systems

A survey on pseudonym changing strategies for Vehicular Ad-Hoc Networks

The initial phase of the deployment of Vehicular Ad-Hoc Networks (VANETs) has begun and many research challenges still need to be addressed. Location privacy continues to be in the top of these challenges. Indeed, both of academia and industry agreed to apply the pseudonym changing approach as a solution to protect the location privacy of VANETs'users. However, due to the pseudonyms linking attack, a simple changing of pseudonym shown to be inefficient to provide the required protection. For this reason, many pseudonym changing strategies have been suggested to provide an effective pseudonym changing. Unfortunately, the development of an effective pseudonym changing strategy for VANETs is still an open issue. In this paper, we present a comprehensive survey and classification of pseudonym changing strategies. We then discuss and compare them with respect to some relevant criteria. Finally, we highlight some current researches, and open issues and give some future directions

Privacy implications of smartphone-based connected vehicle communications

Considerable work has been carried out into making the vision of connected vehicles a reality, with inter-operable communications to take place between vehicles for the purpose of improving road safety and alerting road users to accidents or sudden braking. The cost of deploying such a solution to large numbers of vehicles is significant, and vehicles have a much longer lifespan than other consumer equipment, leading to other work considering the use of smartphones as possible devices for such connected vehicle networks. In this paper, we consider the security and privacy implications of using smartphone based platforms for connected vehicle applications, both in vehicles, and those carried by pedestrians. We also consider the general risks of relying on consumer smartphones, particularly with regard to the lack of long-term security updates being available. We finally explore the need for privacy to be considered in the design of solutions, in addition to the well-recognised need for security, and explore the trade-off between anonymity and prevention of abuse, in the context of designing future connected vehicle technologies

Context-based Pseudonym Changing Scheme for Vehicular Adhoc Networks

Vehicular adhoc networks allow vehicles to share their information for safety and traffic efficiency. However, sharing information may threaten the driver privacy because it includes spatiotemporal information and is broadcast publicly and periodically. In this paper, we propose a context-adaptive pseudonym changing scheme which lets a vehicle decide autonomously when to change its pseudonym and how long it should remain silent to ensure unlinkability. This scheme adapts dynamically based on the density of the surrounding traffic and the user privacy preferences. We employ a multi-target tracking algorithm to measure privacy in terms of traceability in realistic vehicle traces. We use Monte Carlo analysis to estimate the quality of service (QoS) of a forward collision warning application when vehicles apply this scheme. According to the experimental results, the proposed scheme provides a better compromise between traceability and QoS than a random silent period scheme.Comment: Extended version of a previous paper "K. Emara, W. Woerndl, and J. Schlichter, "Poster: Context-Adaptive User-Centric Privacy Scheme for VANET," in Proceedings of the 11th EAI International Conference on Security and Privacy in Communication Networks, SecureComm'15. Dallas, TX, USA: Springer, June 2015.

Vehicular Internet: Security & Privacy Challenges and Opportunities

The vehicular internet will drive the future of vehicular technology and intelligent transportation systems (ITS). Whether it is road safety, infotainment, or driver-less cars, the vehicular internet will lay the foundation for the future of road travel. Governments and companies are pursuing driver-less vehicles as they are considered to be more reliable than humans and, therefore, safer. The vehicles today are not just a means of transportation but are also equipped with a wide range of sensors that provide valuable data. If vehicles are enabled to share data that they collect with other vehicles or authorities for decision-making and safer driving, they thereby form a vehicular network. However, there is a lot at stake in vehicular networks if they are compromised. With the stakes so high, it is imperative that the vehicular networks are secured and made resilient to any attack or attempt that may have serious consequences. The vehicular internet can also be the target of a cyber attack, which can be devastating. In this paper, the opportunities that the vehicular internet offers are presented and then various security and privacy aspects are discussed and some solutions are presented

Contribution to design a communication framework for vehicular ad hoc networks in urban scenarios

The constant mobility of people, the growing need to be always connected, the large number of vehicles that nowadays can be found in the roads and the advances in technology make Vehicular Ad hoc Networks (VANETs) be a major area of research. Vehicular Ad hoc Networks are a special type of wireless Mobile Ad hoc Networks (MANETs), which allow a group of mobile nodes configure a temporary network and maintain it without the need of a fixed infrastructure. A vehicular network presents some specific characteristics, as the very high speed of nodes. Due to this high speed the topology changes are frequent and the communication links may last only a few seconds. Smart cities are now a reality and have a direct relationship with vehicular networks. With the help of existing infrastructure such as traffic lights, we propose a scheme to update and analyse traffic density and a warning system to spread alert messages. With this, traffic lights assist vehicular networks to take proper decisions. This would ensure less congested streets. It would also be possible that the routing protocol forwards data packets to vehicles on streets with enough neighbours to increase the possibility of delivering the packets to destination. Sharing updated, reliable and real-time information, about traffic conditions, weather or security alerts, increases the need of algorithms for the dissemination of information that take into account the main beneffits and constraints of these networks. For all this, routing protocols for vehicular networks have the difficult task to select and establish transmission links to send the data packets from source to destination through multiple nodes using intermediate vehicles efficiently. The main objective of this thesis is to provide improvements in the communication framework for vehicular networks to improve decisions to select next hops in the moment to send information, in this way improving the exchange of information to provide suitable communication to minimize accidents, reduce congestion, optimize resources for emergencies, etc. Also, we include intelligence to vehicles at the moment to take routing decisions. Making them map-aware, being conscious of the presence of buildings and other obstacles in urban environments. Furthermore, our proposal considers the decision to store packets for a maximum time until finding other neighbouring nodes to forward the packets before discarding them. For this, we propose a protocol that considers multiple metrics that we call MMMR (A Multimetric, Map-Aware Routing Protocol ). MMMR is a protocol based on geographical knowledge of the environment and vehicle location. The metrics considered are the distance, the density of vehicles in transmission range, the available bandwidth and the future trajectory of the neighbouring nodes. This allows us to have a complete view of the vehicular scenario to anticipate the driver about possible changes that may occur. Thus, a node can select a node among all its neighbours, which is the best option to increase the likelihood of successful packet delivery, minimizing time and offering a level of quality and service. In the same way, being aware of the increase of information in wireless environments, we analyse the possibility of offering anonymity services. We include a mechanism of anonymity in routing protocols based on the Crowd algorithm, which uses the idea of hiding the original source of a packet. This allowed us to add some level of anonymity on VANET routing protocols. The analytical modeling of the available bandwidth between nodes in a VANET, the use of city infrastructure in a smart way, the forwarding selection in data routing byvehicles and the provision of anonymity in communications, are issues that have been addressed in this PhD thesis. In our research work we provide contributions to improve the communication framework for Vehicular Ad hoc Networks obtaining benefits toenhance the everyday of the population.La movilidad constante de las personas y la creciente necesidad de estar conectados en todo momento ha hecho de las redes vehiculares un área cuyo interés ha ido en aumento. La gran cantidad de vehículos que hay en la actualidad, y los avances tecnológicos han hecho de las redes vehiculares (VANETS, Vehicular Ad hoc Networks) un gran campo de investigación. Las redes vehiculares son un tipo especial de redes móviles ad hoc inalámbricas, las cuales, al igual que las redes MANET (Mobile Ad hoc Networks), permiten a un grupo de nodos móviles tanto configurar como mantener una red temporal por si mismos sin la necesidad de una infraestructura fija. Las redes vehiculares presentan algunas características muy representativas, por ejemplo, la alta velocidad que pueden alcanzar los nodos, en este caso vehículos. Debido a esta alta velocidad la topología cambia frecuentemente y la duración de los enlaces de comunicación puede ser de unos pocos segundos. Estas redes tienen una amplia área de aplicación, pudiendo tener comunicación entre los mismos nodos (V2V) o entre los vehículos y una infraestructura fija (V2I). Uno de los principales desafíos existentes en las VANET es la seguridad vial donde el gobierno y fabricantes de automóviles han centrado principalmente sus esfuerzos. Gracias a la rápida evolución de las tecnologías de comunicación inalámbrica los investigadores han logrado introducir las redes vehiculares dentro de las comunicaciones diarias permitiendo una amplia variedad de servicios para ofrecer. Las ciudades inteligentes son ahora una realidad y tienen una relación directa con las redes vehiculares. Con la ayuda de la infraestructura existente, como semáforos, se propone un sistema de análisis de densidad de tráfico y mensajes de alerta. Con esto, los semáforos ayudan a la red vehicular en la toma de decisiones. Así se logrará disponer de calles menos congestionadas para hacer una circulación más fluida (lo cual disminuye la contaminación). Además, sería posible que el protocolo de encaminamiento de datos elija vehículos en calles con suficientes vecinos para incrementar la posibilidad de entregar los paquetes al destino (minimizando pérdidas de información). El compartir información actualizada, confiable y en tiempo real sobre el estado del tráfico, clima o alertas de seguridad, aumenta la necesidad de algoritmos de difusión de la información que consideren los principales beneficios y restricciones de estas redes. Así mismo, considerar servicios críticos que necesiten un nivel de calidad y servicio es otro desafío importante. Por todo esto, un protocolo de encaminamiento para este tipo de redes tiene la difícil tarea de seleccionar y establecer enlaces de transmisión para enviar los datos desde el origen hacia el destino vía múltiples nodos utilizando vehículos intermedios de una manera eficiente. El principal objetivo de esta tesis es ofrecer mejoras en los sistemas de comunicación vehicular que mejoren la toma de decisiones en el momento de realizar el envío de la información, con lo cual se mejora el intercambio de información para poder ofrecer comunicación oportuna que minimice accidentes, reduzca atascos, optimice los recursos destinados a emergencias, etc. Así mismo, incluimos más inteligencia a los coches en el momento de tomar decisiones de encaminamiento de paquetes. Haciéndolos conscientes de la presencia de edificios y otros obstáculos en los entornos urbanos. Así como tomar la decisión de guardar paquetes durante un tiempo máximo de modo que se encuentre otros nodos vecinos para encaminar paquetes de información antes de descartarlo. Para esto, proponemos un protocolo basado en múltiples métricas (MMMR, A Multimetric, Map-aware Routing Protocol ) que es un protocolo geográfio basado en el conocimiento del entorno y localización de los vehículos. Las métricas consideradas son la distancia, la densidad de vehículos en el área de transmisión, el ancho de banda disponible y la trayectoria futura de los nodos vecinos. Esto nos permite tener una visión completa del escenario vehicular y anticiparnos a los posibles cambios que puedan suceder. Así, un nodo podrá seleccionar aquel nodo entre todos sus vecinos posibles que sea la mejor opción para incrementar la posibilidad de entrega exitosa de paquetes, minimizando tiempos y ofreciendo un cierto nivel de calidad y servicio. De la misma manera, conscientes del incremento de información que circula por medios inalámbricos, se analizó la posibilidad de servicios de anonimato. Incluimos pues un mecanismo de anonimato en protocolos de encaminamiento basado en el algoritmo Crowd, que se basa en la idea de ocultar la fuente original de un paquete. Esto nos permitió añadir cierto nivel de anonimato que pueden ofrecer los protocolos de encaminamiento. El modelado analítico del ancho de banda disponible entre nodos de una VANET, el uso de la infraestructura de la ciudad de una manera inteligente, la adecuada toma de decisiones de encaminamiento de datos por parte de los vehículos y la disposición de anonimato en las comunicaciones, son problemas que han sido abordados en este trabajo de tesis doctoral que ofrece contribuciones a la mejora de las comunicaciones en redes vehiculares en entornos urbanos aportando beneficios en el desarrollo de la vida diaria de la población

A trust-driven privacy architecture for vehicular ad-hoc networks

Vehicular Ad-Hoc NETworks (VANETs) are an emerging technology which aims to improve road safety by preventing and reducing traffic accidents. While VANETs offer a great variety of promising applications, such as, safety-related and infotainment applications, they remain a number of security and privacy related research challenges that must be addressed. A common approach to security issues widely adopted in VANETs is the use of Public Key Infrastructures (PKI) and digital certificates in order to enable authentication, authorization and confidentiality. These approaches usually rely on a large set of regional Certification Authorities (CAs). Despite the advantages of PKI-based approaches, there are two main problems that arise, i) the secure interoperability among the different and usually unknown- issuing CAs, and ii) the sole use of PKI in a VANET environment cannot prevent privacy related attacks, such as, linking a vehicle with an identifier, tracking vehicles ¿big brother scenario" and user profiling. Additionally, since vehicles in VANETs will be able to store great amounts of information including private information, unauthorized access to such information should be carefully considered. This thesis addresses authentication and interoperability issues in vehicular communications, considering an inter-regional scenario where mutual authentication between nodes is needed. To provide interoperability between vehicles and services among different domains, an Inter-domain Authentication System (AS) is proposed. The AS supplies vehicles with a trusted set of authentication credentials by implementing a near real-time certificate status service. The proposed AS also implements a mechanism to quantitatively evaluate the trust level of a CA, in order to decide on-the-y if an interoperability relationship can be created. This research work also contributes with a Privacy Enhancing Model (PEM) to deal with important privacy issues in VANETs. The PEM consists of two PKI-based privacy protocols: i) the Attribute-Based Privacy (ABP) protocol, and ii) the Anonymous Information Retrieval (AIR) protocol. The ABP introduces Attribute-Based Credentials (ABC) to provide conditional anonymity and minimal information disclosure, which overcome with the privacy issues related to linkability (linking a vehicle with an identifier) and vehicle tracking (big brother scenario). The AIR protocol addresses user profiling when querying Service Providers (SPs), by relying in a user collaboration privacy protocol based on query forgery and permutation; and assuming that neither participant nodes nor SPs could be completely trusted. Finally, the Trust Validation Model (TVM) is proposed. The TVM supports decision making by evaluating entities trust based on context information, in order to provide i) access control to driver and vehicle's private information, and ii) public information trust validation