Comparison between Sybil Attack Detection Technique: Lightweight and Robust,”

ABSTRACT: Mobile ad-hoc network (MANET) is an independent network which consists of many nodes and these nodes uses wireless links to communicate with each other. The infrastructure less nature of MANET makes it vulnerable to various attacks. There is an attack which causes many serious threats to the network and it is known as Sybil attack. In Sybil attack, attackers or malicious nodes uses many identities or IP addresses to gain control over the network and creates lots of misconception among nodes present in the network. In this paper two approaches are discussed to detect the Sybil Attack, one is Lightweight Sybil Attack Detection Approach and other is Robust Sybil Attack Detection Approach

Etude de Faisabilité des Mécanismes de Détection de Mauvais Comportement dans les systèmes de transport intelligents coopératifs (C-ITS)

International audience—Cooperative Intelligent Transport Systems (C–ITS) is an emerging technology that aims at improving road safety, traffic efficiency and drivers experience. To this end, vehicles cooperate with each others and the infrastructure by exchanging Vehicle–to–X communication (V2X) messages. In such communicating systems message authentication and privacy are of paramount importance. The commonly adopted solution to cope with these issues relies on the use of a Public Key Infrastructure (PKI) that provides digital certificates to entities of the system. Even if the use of pseudonym certificates mitigate the privacy issues, the PKI cannot address all cyber threats. That is why we need a mechanism that enable each entity of the system to detect and report misbehaving neighbors. In this paper, we provide a state-of-the-art of misbehavior detection methods. We then discuss their feasibility with respect to current standards and law compliance as well as hardware/software requirements

Data-centric Misbehavior Detection in VANETs

Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is very important problem with wide range of implications including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned with detection of malicious nodes. In most situations, vehicles would send wrong information because of selfish reasons of their owners, e.g. for gaining access to a particular lane. Because of this (\emph{rational behavior}), it is more important to detect false information than to identify misbehaving nodes. We introduce the concept of data-centric misbehavior detection and propose algorithms which detect false alert messages and misbehaving nodes by observing their actions after sending out the alert messages. With the data-centric MDS, each node can independently decide whether an information received is correct or false. The decision is based on the consistency of recent messages and new alert with reported and estimated vehicle positions. No voting or majority decisions is needed, making our MDS resilient to Sybil attacks. Instead of revoking all the secret credentials of misbehaving nodes, as done in most schemes, we impose fines on misbehaving nodes (administered by the certification authority), discouraging them to act selfishly. This reduces the computation and communication costs involved in revoking all the secret credentials of misbehaving nodes.Comment: 12 page

Achieving Perfect Location Privacy in Wireless Devices Using Anonymization

The popularity of mobile devices and location-based services (LBS) have created great concerns regarding the location privacy of the users of such devices and services. Anonymization is a common technique that is often being used to protect the location privacy of LBS users. This technique assigns a random pseudonym to each user and these pseudonyms can change over time. Here, we provide a general information theoretic definition for perfect location privacy and prove that perfect location privacy is achievable for mobile devices when using the anonymization technique appropriately. First, we assume that the user’s current location is independent from her past locations. Using this i.i.d model, we show that if the pseudonym of the user is changed before O(n2/(r−1)) number of anonymized observations is made by the adversary for that user, then she has perfect location privacy, where n is the number of users in the network and r is the number of all possible locations that the user might occupy. Then, we model each user’s movement by a Markov chain so that a user’s current location depends on his previous locations, which is a more realistic model when approximating real world data. We show that perfect location privacy is achievable in this model if the pseudonym of the user is changed before O(n2/(|E|−r)) anonymized observations is collected by the adversary for that user where |E| is the number of edges in the user’s Markov model

A formal approach toward authenticated authorization without identification

Anonymity is a valued commodity on the Internet many uses take advantage of. Unfortunately, anonymity and credibility are essentially mutually exclusive. A practical method to determine request creditability without also inheriting the capability to identify the exclusive source of a request is not in practice. Previous research efforts have proposed methods to ensure anonymous communication, but most sacrifice either authorization or privacy. We propose a scheme that allows a message sender to prove his or her creditability without also providing any participant capability to identify the source. In addition, the scheme is resists sybil attacks and disjoints correlation of independent message to a similar source

Privacy-Preserving Detection of Sybil Attacks in Vehicular Ad Hoc Networks

Abstract — Vehicular ad hoc networks (VANETs) are being advocated for traffic control, accident avoidance, and a variety of other applications. Security is an important concern in VANETs because a malicious user may deliberately mislead other vehicles and vehicular agencies. One type of malicious behavior is called a Sybil attack, wherein a malicious vehicle pretends to be multiple other vehicles. Reported data from a Sybil attacker will appear to arrive from a large number of distinct vehicles, and hence will be credible. This paper proposes a light-weight and scalable framework to detect Sybil attacks. Importantly, the proposed scheme does not require any vehicle in the network to disclose its identity, hence privacy is preserved at all times. Simulation results demonstrate the efficacy of our protocol. I

Sécurisation des VANETS par la méthode de réputation des noeuds

RÉSUMÉ Les réseaux ad hoc sans fil véhiculaires (VANET) permettent la communication entre les véhicules et entre les équipements de communication placés le long des rues. Cette communication apporte plusieurs avantages. Le premier est l’augmentation de la sécurité routière. Le second est l’agrémentation de l’expérience de conduite et de voyage. La sécurité routière est assurée par une catégorie d’applications dites « applications de sécurité du trafic routier ». La seconde catégorie d’application considérée regroupe les applications liées au confort des usagers sur la route, telles que : l’accès à une connexion Internet durant le voyage, le téléchargement de contenu multimédia, les jeux en ligne et en réseau, les applications de paiement pour les services. La troisième catégorie d’applications regroupe les applications de maintenance à distance. Toutes ces applications nécessitent que les communications soient sécurisées. Cette contrainte est d’autant plus importante pour les applications de sécurité du trafic, car les informations transmises par ces applications peuvent mener au changement du comportement des automobilistes et conduire à des situations aussi catastrophiques que les accidents de la circulation. Depuis quelques années, plusieurs travaux ont été menés, tant par l’industrie automobile que par les universités ou encore les institutions de recherche gouvernementales en vue de sécuriser les VANETS. De ces travaux, plusieurs méthodes ont émergé, parmi lesquelles, les méthodes cryptographiques à clé publique/privée, les méthodes de sécurisation des protocoles de communication, les méthodes de sécurisation par révocation de certificat, les méthodes de sécurisation par réputation. Cette dernière méthode permet de vérifier les variables telles que la vitesse, l’accélération, la position géographique, le rayon de transmission, la direction, etc. Afin d’empêcher les adversaires de mentir et d’induire les automobilistes en erreur provoquant des accidents ou du trafic sur certains tronçons de route. C’est pourquoi l’objectif de notre travail est de doter les nœuds hôtes d’un système de réputation qui servira de cadre d’analyse des différentes variables publiées par les véhicules émetteurs. Cette analyse permet de filtrer les nœuds qui fournissent des variables erronées sur leur position géographique, leur vitesse ou encore leur accélération. Ces informations sont importantes car pour la majorité des applications de sécurité du trafic, le nœud hôte se fie à elles pour poser des actions à propos d’une alerte de danger reçue par d’autres nœuds (accident, risque de collision, mauvais état de la route, risque de trafic, etc.). Notre système réalise des tests sur les variables reçues pour se rassurer qu’elles concordent avec les paramètres attendues. Ces paramètres sont données par les observations faites grâces aux capteurs, aux récepteurs GPS et aux équipements de communication embarqués sur les véhicules, ou encore grâce à des calculs effectués pendant la réception des variables. Notre première contribution dans ce travail est la conception d’un système de filtrage, qui permet de supprimer tous les messages pour lesquels les variables sont erronées et ainsi de détecter et d’éjecter du réseau les adversaires potentiels. Notre seconde contribution est de doter notre système d’une capacité de réhabilitation des nœuds adversaires par le passé et qui se comportent maintenant de façon exemplaire. Notre troisième contribution est la mise en place d’un système à deux niveaux : un premier niveau binaire, rigide qui ne permet pas une réhabilitation, et un second niveau qui introduit la flexibilité, et la réhabilitation tout en permettant aux utilisateurs de le personnaliser lors de l’implémentation. Notre quatrième contribution est d’avoir pu modifier le protocole AODV dans le simulateur Network Simulator (NS-2) dans sa deuxième version, afin de réaliser des simulations réalistes à propos du système de réputation que nous proposons. Mots clés : Sécurité, Réseaux sans fil véhiculaire, système de réputation.----------Abstract Vehicular ad-hoc network is a specific type of Mobile ad-hoc network (MANET) that provides communication between nearby vehicles and nearby roadside equipments. This communication provides several advantages. The first one is to increase road safety. The second one is the improvement of the driving experience. Road safety is ensured by applications category called “safety applications”. The second category includes comfort applications of road users, such as access to an Internet connection during the trip, downloading multimedia content, online and network gaming, tool payment services. The third category includes remote maintenance applications. All these applications require efficient secured communication. This constraint is particularly important for safety applications, as the information transmitted by these applications can lead to drivers’ behavior changing and caused catastrophic situations such as cars’ accidents. In recent years, several studies have been conducted, both in the automotive industry and universities or government researches’ institutions to secure VANETs. From all these researches several VANETS’ security methods have emerged, including the public/private key cryptographic methods, communication protocols’ security methods, certificate revocation methods, reputation methods and so one. The reputation method is used to check information such as speed, acceleration, location, transmission range, direction, etc. To prevent attacks from malicious nodes that would lie about the variables that they are publishing to mislead motorists’ behavior and cause cars’ accidents or traffic jam on certain stretches of road. That is why the objective of our work is to provide hosts nodes with a reputation system to check different variables published by transmitting nodes. This analysis allows filtering nodes that publish false information about their geographical position, speed or acceleration. This information is important because, for the majority of safety applications, the host node relies on them and the motorist will react considering them. Our system performs tests on the information received to make sure that they are consistent with the expected parameters. These parameters are given by observations thanks to sensors, GPS receivers and vehicles’ communication equipments on board. Our first contribution in this work is the design of a filter system that removes all messages whose variables are erroneous and thus to detect and eject potential adversaries out of the network. Our second contribution is to provide our system with a capacity of rehabilitation of nodes that were previously regarded as adversaries who now behave in an exemplary manner. Our third contribution is the establishment of a two-tier system, a first binary level and a second level which introduces flexibility and allows users to customize them during the implementation. Our fourth contribution is to be able to modify the AODV protocol in NS-2 simulator to test our reputation system for realistic simulations. Keywords: Security, vehicular ad hoc networks, reputation

A Trust Management Framework for Vehicular Ad Hoc Networks

The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a user’s trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driver’s future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These “untrue attacks” are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driver’s truthfulness is influenced by their trust score and trust state. For each trust state, the driver’s likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers