A transparent distributed ledger-based certificate revocation scheme for VANETs

The widespread adoption of Cooperative, Connected, and Automated Mobility (CCAM) applications requires the implementation of stringent security mechanisms to minimize the surface of cyber attacks. Authentication is an effective process for validating user identity in vehicular networks. However, authentication alone is not enough to prevent dangerous attack situations. Existing security mechanisms are not able to promptly revoke the credentials of misbehaving vehicles, thus tolerate malicious actors to remain trusted in the system for a long time. The resulting vulnerability window allows the implementation of complex attacks, thus posing a substantial impairment to the security of the vehicular ecosystem. In this paper we propose a Distributed Ledger-based Vehicular Revocation Scheme that improves the state of the art by providing a vulnerability window lower than 1 s, reducing well-behaved vehicles exposure to sophisticated and potentially dangerous attacks. The proposed scheme harnesses the advantages of the underlying Distributed Ledger Technology (DLT) to implement a privacy-aware revocation process while being fully transparent to all participating entities. Furthermore, it meets the critical message processing times defined by EU and US standards, thus closing a critical gap in the current international standards. Theoretical analysis and experimental validation demonstrate the effectiveness and efficiency of the proposed scheme, where DLT streamlines the revocation operation overhead and delivers an economically viable yet scalable solution against cyber attacks on vehicular systems

Etude de Faisabilité des Mécanismes de Détection de Mauvais Comportement dans les systèmes de transport intelligents coopératifs (C-ITS)

International audience—Cooperative Intelligent Transport Systems (C–ITS) is an emerging technology that aims at improving road safety, traffic efficiency and drivers experience. To this end, vehicles cooperate with each others and the infrastructure by exchanging Vehicle–to–X communication (V2X) messages. In such communicating systems message authentication and privacy are of paramount importance. The commonly adopted solution to cope with these issues relies on the use of a Public Key Infrastructure (PKI) that provides digital certificates to entities of the system. Even if the use of pseudonym certificates mitigate the privacy issues, the PKI cannot address all cyber threats. That is why we need a mechanism that enable each entity of the system to detect and report misbehaving neighbors. In this paper, we provide a state-of-the-art of misbehavior detection methods. We then discuss their feasibility with respect to current standards and law compliance as well as hardware/software requirements

Secure multi-constrained QoS reliable routing algorithm for vehicular ad hoc networks (VANETs)

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University LondonVehicular Ad hoc Networks (VANETs) are a particular form of wireless network made by vehicles communicating among themselves and with roadside base stations. A wide range of services has been developed for VANETs ranging from safety to infotainment applications. A key requirement for such services is that they are offered with Quality of Service (QoS) guarantees in terms of service reliability and availability. Furthermore, due to the openness of VANET’s wireless channels to both internal and external attacks, the application of security mechanisms is mandatory to protect the offered QoS guarantees. QoS routing plays an essential role in identifying routes that meet the QoS requirements of the offered service over VANETs. However, searching for feasible routes subject to multiple QoS constraints is in general an NP-hard problem. Moreover, routing reliability needs to be given special attention as communication links frequently break in VANETs. To date, most existing QoS routing algorithms are designed for stable networks without considering the security of the routing process. Therefore, they are not suitable for applications in VANETs. In this thesis, the above issues are addressed firstly by developing a link reliability model based on the topological and mathematical properties of vehicular movements and velocities. Evolving graph theory is then utilised to model the VANET communication graph and integrate the developed link reliability model into it. Based on the resulting extended evolving graph model, the most reliable route in the network is picked. Secondly, the situational awareness model is applied to the developed reliable routing process because picking the most reliable route does not guarantee reliable transmission. Therefore, a situation-aware reliable multipath routing algorithm for VANETs is proposed. Thirdly, the Ant Colony Optimisation (ACO) technique is employed to propose an Ant-based multi-constrained QoS (AMCQ) routing algorithm for VANETs. AMCQ is designed to give significant advantages to the implementation of security mechanisms that are intended to protect the QoS routing process. Finally, a novel set of security procedures is proposed to defend the routing process against external and internal threats. Simulation results demonstrate that high levels of QoS can be still guaranteed by AMCQ even when the security procedures are applied

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Asioiden Internetin tietoturva: ratkaisuja, standardeja ja avoimia ongelmia

Internet of Things (IoT) extends the Internet to our everyday objects, which enables new kind of applications and services. These IoT applications face demanding technical challenges: the number of ‘things’ or objects can be very large, they can be very con-strained devices, and may need to operate on challenging and dynamic environments. However, the architecture of today’s Internet is based on many legacy protocols and technology that were not originally designed to support features like mobility or the huge and growing number of objects the Internet consists of today. Similarly, many security features of today’s Internet are additional layers built to fill up flaws in the un-derlying design. Fulfilling new technical requirements set by IoT applications requires efficient solutions designed for the IoT use from the ground up. Moreover, the imple-mentation of this new IoT technology requires interoperability and integration with tra-ditional Internet. Due to considerable technical challenges, the security is an often over-looked aspect in the emerging new IoT technology. This thesis surveys general security requirements for the entire field of IoT applica-tions. Out of the large amount of potential applications, this thesis focuses on two major IoT application fields: wireless sensor networks and vehicular ad-hoc networks. The thesis introduces example scenarios and presents major security challenges related to these areas. The common standards related to the areas are examined in the security perspective. The thesis also examines research work beyond the area of standardization in an attempt to find solutions to unanswered security challenges. The thesis aims to give an introduction to the security challenges in the IoT world and review the state of the security research through these two major IoT areas

Cloud Computing in VANETs: Architecture, Taxonomy, and Challenges

Cloud Computing in VANETs (CC-V) has been investigated into two major themes of research including Vehicular Cloud Computing (VCC) and Vehicle using Cloud (VuC). VCC is the realization of autonomous cloud among vehicles to share their abundant resources. VuC is the efficient usage of conventional cloud by on-road vehicles via a reliable Internet connection. Recently, number of advancements have been made to address the issues and challenges in VCC and VuC. This paper qualitatively reviews CC-V with the emphasis on layered architecture, network component, taxonomy, and future challenges. Specifically, a four-layered architecture for CC-V is proposed including perception, co-ordination, artificial intelligence and smart application layers. Three network component of CC-V namely, vehicle, connection and computation are explored with their cooperative roles. A taxonomy for CC-V is presented considering major themes of research in the area including design of architecture, data dissemination, security, and applications. Related literature on each theme are critically investigated with comparative assessment of recent advances. Finally, some open research challenges are identified as future issues. The challenges are the outcome of the critical and qualitative assessment of literature on CC-V

State-of-the-art authentication and verification schemes in VANETs:A survey

Vehicular Ad-Hoc Networks (VANETs), a subset of Mobile Ad-Hoc Networks (MANETs), are wireless networks formed around moving vehicles, enabling communication between vehicles, roadside infrastructure, and servers. With the rise of autonomous and connected vehicles, security concerns surrounding VANETs have grown. VANETs still face challenges related to privacy with full-scale deployment due to a lack of user trust. Critical factors shaping VANETs include their dynamic topology and high mobility characteristics. Authentication protocols emerge as the cornerstone of enabling the secure transmission of entities within a VANET. Despite concerted efforts, there remains a need to incorporate verification approaches for refining authentication protocols. Formal verification constitutes a mathematical approach enabling developers to validate protocols and rectify design errors with precision. Therefore, this review focuses on authentication protocols as a pivotal element for securing entity transmission within VANETs. It presents a comparative analysis of existing protocols, identifies research gaps, and introduces a novel framework that incorporates formal verification and threat modeling. The review considers key factors influencing security, sheds light on ongoing challenges, and emphasises the significance of user trust. The proposed framework not only enhances VANET security but also contributes to the growing field of formal verification in the automotive domain. As the outcomes of this study, several research gaps, challenges, and future research directions are identified. These insights would offer valuable guidance for researchers to establish secure authentication communication within VANETs

On-demand service architecture for wireless vehicular networks

Vehicular Networks (VN) or VANETS has become a cutting-edge topic in the development of innovative solutions for the automotive industry and of special interest to transit management authorities. Well known examples of the potential benefits of enabling communications in vehicles is fostering a better driving by reducing the risk of accidents on the road. Besides the transmission of safety messages among vehicles in the vicinity, the development of non-safety applications will allow the delivery of information services to potential users willing to request them in on-demand basis. To provide such type of services, major challenges need to be tackled to offer secure and reliable communication in anonymous and sometimes hostile communication environments on the roads. These challenges cover security, billing and accounting issues to provide a secure access to services. The objective of this thesis work is to propose a service architecture for on-demand services in vehicular environments. A key point to keep a robust information service supply, stands in the capacity to provide and manage security mechanisms which comprise authentication and authorization of subscribers following a temporary subscription model. These features, along with privacy mechanisms, will offer to the communicating peers a secure way to mutually access and exchange information even if no previous knowledge of each other is available. Policies of service providers can regulate the supply of information services according to the subscribers' profiles. Providers can also define the implementation of accountability models in the form of metering and billing schemes appropriate for VANETS. This will result in the implementation of incentive and collaborative mechanisms to foster service delivery among vehicles

Named Data Networking in Vehicular Ad hoc Networks: State-of-the-Art and Challenges

International audienceInformation-Centric Networking (ICN) has been proposed as one of the future Internet architectures. It is poised to address the challenges faced by today's Internet that include, but not limited to, scalability, addressing, security, and privacy. Furthermore, it also aims at meeting the requirements for new emerging Internet applications. To realize ICN, Named Data Networking (NDN) is one of the recent implementations of ICN that provides a suitable communication approach due to its clean slate design and simple communication model. There are a plethora of applications realized through ICN in different domains where data is the focal point of communication. One such domain is Intelligent Transportation System (ITS) realized through Vehicular Ad hoc NETwork (VANET) where vehicles exchange information and content with each other and with the infrastructure. To date, excellent research results have been yielded in the VANET domain aiming at safe, reliable, and infotainment-rich driving experience. However, due to the dynamic topologies, host-centric model, and ephemeral nature of vehicular communication, various challenges are faced by VANET that hinder the realization of successful vehicular networks and adversely affect the data dissemination, content delivery, and user experiences. To fill these gaps, NDN has been extensively used as underlying communication paradigm for VANET. Inspired by the extensive research results in NDN-based VANET, in this paper, we provide a detailed and systematic review of NDN-driven VANET. More precisely, we investigate the role of NDN in VANET and discuss the feasibility of NDN architecture in VANET environment. Subsequently, we cover in detail, NDN-based naming, routing and forwarding, caching, mobility, and security mechanism for VANET. Furthermore, we discuss the existing standards, solutions, and simulation tools used in NDN-based VANET. Finally, we also identify open challenges and issues faced by NDN-driven VANET and highlight future research directions that should be addressed by the research community