Data-centric Misbehavior Detection in VANETs

Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is very important problem with wide range of implications including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned with detection of malicious nodes. In most situations, vehicles would send wrong information because of selfish reasons of their owners, e.g. for gaining access to a particular lane. Because of this (\emph{rational behavior}), it is more important to detect false information than to identify misbehaving nodes. We introduce the concept of data-centric misbehavior detection and propose algorithms which detect false alert messages and misbehaving nodes by observing their actions after sending out the alert messages. With the data-centric MDS, each node can independently decide whether an information received is correct or false. The decision is based on the consistency of recent messages and new alert with reported and estimated vehicle positions. No voting or majority decisions is needed, making our MDS resilient to Sybil attacks. Instead of revoking all the secret credentials of misbehaving nodes, as done in most schemes, we impose fines on misbehaving nodes (administered by the certification authority), discouraging them to act selfishly. This reduces the computation and communication costs involved in revoking all the secret credentials of misbehaving nodes.Comment: 12 page

Self-certified sybil-free pseudonyms

Accurate and trusted identifiers are a centerpiece for any security architecture. Protecting against Sybil attacks in a privacy-friendly manner is a non-trivial problem in wireless infrastructureless networks, such as mobile ad hoc networks. In this paper, we introduce self-certified Sybil-free pseudonyms as a means to provide privacy-friendly Sybil-freeness without requiring continuous online availability of a trusted third party. These pseudonyms are self-certified and computed by the users themselves from their cryptographic longterm identities. Contrary to identity certificates, we preserve location privacy and improve protection against some notorious attacks on anonymous communication systems

Design a Cloud Security Model in VANET Communication: Design and Architecture

During the last few years, Intelligent Transportation System (ITS) has been progressed at a rapid rate, which aimed to improve the transportation activities in the terms of the safety and efficiency. According to many issues with the traditional Vehicular Ad-Hoc Networks (VANET), some efforts are made to merge the VANET with the cloud technology. This work proposes the VANET based on the cloud (V2Cloud), and designs a security model framework that is hosted on the cloud to manage the security services, and provide a secure VANET communication between the different entities eg vehicles, authorities and etc. This security model framework is called VANET Security as a Service (VSaaS). Our works will presented in a set of two papers. In this first one, it presents VSaaS design and architecture in order to show that the VSaaS fulfills the VANET's security requirements, and protects the VANET against the different types of attacks. The second paper will present the progress towards the implementation and the security analysis of the proposed architecture, along with the results of the performance of the security overhead for the secure Vehicle Information Messages (VIMs), which are sent by vehicles to the cloud as a coarse-grained information

SPATA: Strong Pseudonym based AuthenTicAtion in Intelligent Transport System

Intelligent Transport System (ITS) is generally deployed to improve road safety, comfort, security, and traffic efficiency. A robust mechanism of authentication and secure communication is required to protect privacy and conditional resolution of pseudonyms to revoke malicious vehicles. In a typical ITS framework, a station can be a vehicle, Road Side Unit (RSU), or a server that can participate in communication. During authentication, the real identity of an Intelligent Transport System-Station (ITSS), referred to as a vehiclečň should not be revealed in order to preserve its privacy. In this paper, we propose a Strong Pseudonym based AutenTicAtion (SPATA) framework for preserving the real identity of vehicles. The distributed architecture of SPATA allows vehicles to generate pseudonyms in a very private and secure way. In the absence of a distributed architecture, the privacy cannot be preserved by storing information regarding vehicles in a single location. Therefore, the concept of linkability of certificates based on single authority is eliminated. This is done by keeping the real identity to pseudonym mappings distributed. Furthermore, the size of the Certificate Revocation List (CRL) is kept small, as only the most recent revoked communication pseudonyms are kept in the CRL. The privacy of the vehicle is preserved during the revocation and resolution phase through the distributed mechanism. Empirical results show that SPATA is a lightweight framework with low computational overhead, average latency, overhead ratio, and stable delivery ratio, in both sparse and dense network scenarios