Toward Anonymity in Delay Tolerant Networks: Threshold Pivot Scheme

Proceedings of the Military Communications Conference (MILCOM 2010), San Jose, CA, October 2010.Delay Tolerant Networks (DTNs) remove traditional assumptions of end-to-end connectivity, extending network communication to intermittently connected mobile, ad-hoc, and vehicular environments. This work considers anonymity as a vital security primitive for viable military and civilian DTNs. DTNs present new and unique anonymity challenges since we must protect physical location information as mobile nodes with limited topology knowledge naturally mix. We develop a novel Threshold Pivot Scheme (TPS) for DTNs to address these challenges and provide resistance to traffic analysis, source anonymity, and sender-receiver unlinkability. Reply techniques adapted from mix-nets allow for anonymous DTN communication, while secret sharing provides a configurable level of anonymity that enables a balance between security and efficiency. We evaluate TPS via simulation on real-world DTN scenarios to understand its feasibility, performance, and overhead while comparing the provided anonymity against an analytically optimal model

Architecture for self-estimation of security level in ad hoc network nodes

Inherent freedom due to a lack of central authority of self-organised mobile ad hoc networks introduces challenges to security and trust management. In these kinds of scenarios, the nodes themselves are naturally responsible for their own security – or they could trust certain known nodes, called “micro-operators”. We propose an architecture for security management in self-organising mobile ad hoc networks that is based on the nodes’ own responsibility and node-level security monitoring. The aim is to predict, as well as to monitor the security level concentrating on the principal effects contributing to it

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Data Substantiation in Mobility

The world is embracing the presence of connected autonomous vehicles which are expected to play a major role in the future of intelligent transport systems. Given such connectivity, vehicles in the networks are vulnerable to making incorrect decisions due to anomalous data. No sophisticated attacks are required; just a vehicle reporting anomalous speeds would be enough to disrupt the entire traffic flow. Detection of such anomalies is vital to ensure the security of a vehicular network. This thesis proposes the use of traffic flow theory for anomalous data detection in vehicular networks, by evaluating the consistency of microscopic parameters which are derived by traffic flow theory with macroscopic views of traffic under different traffic conditions. Though little attention has been given to using traffic flow properties to determine anomalous basic safety message data, the fundamental nature of traffic flow properties makes it a robust assessment tool. The aim of this thesis is to develop a robust data substantiation framework for vehicular networks using traffic flow fundamentals. The aim is fulfilled in three objectives; (1) to provide an overview of the context in terms of existing data substantiation methods, vehicular communication, and traffic flow theory, (2) to develop data substantiation models to detect anomalies irrespective of the cause of the anomality, and (3) to assess the applicability of traffic flow theory for data substantiation in vehicular networks. Chapters 1 and 2 are introductions and literature reviews respectively. The first main chapter describes the context of vehicular networks, traffic flow theory, and the intuition of applying traffic flow theory for substantiation in vehicular networks. The next three chapters elaborate, formulate, demonstrate, and evaluate the use of macroscopic views of traffic to substantiate microscopic data in vehicular networks. The first of these discusses the use of steady state conditions in traffic flow theory to substantiate data in vehicular networks, and the second describes the use of shockwave theory in traffic to substantiate data in vehicular networks. The third chapter develops a data substantiation model utilising localised views of traffic to provide an additional resolution to the previous models

Recent Developments on Mobile Ad-Hoc Networks and Vehicular Ad-Hoc Networks

This book presents collective works published in the recent Special Issue (SI) entitled "Recent Developments on Mobile Ad-Hoc Networks and Vehicular Ad-Hoc Networks”. These works expose the readership to the latest solutions and techniques for MANETs and VANETs. They cover interesting topics such as power-aware optimization solutions for MANETs, data dissemination in VANETs, adaptive multi-hop broadcast schemes for VANETs, multi-metric routing protocols for VANETs, and incentive mechanisms to encourage the distribution of information in VANETs. The book demonstrates pioneering work in these fields, investigates novel solutions and methods, and discusses future trends in these field

A Survey of Medium Access Mechanisms for Providing QoS in Ad-Hoc Networks

n/

Design Models for Trusted Communications in Vehicle-to-Everything (V2X) Networks

Intelligent transportation system is one of the main systems which has been developed to achieve safe traffic and efficient transportation. It enables the road entities to establish connections with other road entities and infrastructure units using Vehicle-to-Everything (V2X) communications. To improve the driving experience, various applications are implemented to allow for road entities to share the information among each other. Then, based on the received information, the road entity can make its own decision regarding road safety and guide the driver. However, when these packets are dropped for any reason, it could lead to inaccurate decisions due to lack of enough information. Therefore, the packets should be sent through a trusted communication. The trusted communication includes a trusted link and trusted road entity. Before sending packets, the road entity should assess the link quality and choose the trusted link to ensure the packet delivery. Also, evaluating the neighboring node behavior is essential to obtain trusted communications because some misbehavior nodes may drop the received packets. As a consequence, two main models are designed to achieve trusted V2X communications. First, a multi-metric Quality of Service (QoS)-balancing relay selection algorithm is proposed to elect the trusted link. Analytic Hierarchy Process (AHP) is applied to evaluate the link based on three metrics, which are channel capacity, link stability and end-to-end delay. Second, a recommendation-based trust model is designed for V2X communication to exclude misbehavior nodes. Based on a comparison between trust-based methods, weighted-sum is chosen in the proposed model. The proposed methods ensure trusted communications by reducing the Packet Dropping Rate (PDR) and increasing the end-to-end delivery packet ratio. In addition, the proposed trust model achieves a very low False Negative Rate (FNR) in comparison with an existing model

Contributions to Wireless multi-hop networks : Quality of Services and Security concerns

Ce document résume mes travaux de recherche conduits au cours de ces 6 dernières années. Le principal sujet de recherche de mes contributions est la conception et l’évaluation des solutions pour les réseaux sans fil multi-sauts en particulier les réseaux mobiles adhoc (MANETs), les réseaux véhiculaires ad hoc (VANETs), et les réseaux de capteurs sans fil (WSNs). La question clé de mes travaux de recherche est la suivante : « comment assurer un transport des données e cace en termes de qualité de services (QoS), de ressources énergétiques, et de sécurité dans les réseaux sans fil multi-sauts? » Pour répondre à cette question, j’ai travaillé en particulier sur les couches MAC et réseau et utilisé une approche inter-couches.Les réseaux sans fil multi-sauts présentent plusieurs problèmes liés à la gestion des ressources et au transport des données capable de supporter un grand nombre de nœuds, et d’assurer un haut niveau de qualité de service et de sécurité.Dans les réseaux MANETs, l’absence d’infrastructure ne permet pas d’utiliser l’approche centralisée pour gérer le partage des ressources, comme l’accès au canal.Contrairement au WLAN (réseau sans fil avec infrastructure), dans les réseaux Ad hoc les nœuds voisins deviennent concurrents et il est di cile d’assurer l’équité et l’optimisation du débit. La norme IEEE802.11 ne prend pas en compte l’équité entre les nœuds dans le contexte des MANETs. Bien que cette norme propose di érents niveaux de transmission, elle ne précise pas comment allouer ces débits de manière e cace. En outre, les MANETs sont basés sur le concept de la coopération entre les nœuds pour former et gérer un réseau. Le manque de coopération entre les nœuds signifie l’absence de tout le réseau. C’est pourquoi, il est primordial de trouver des solutions pour les nœuds non-coopératifs ou égoïstes. Enfin, la communication sans fil multi-sauts peut participer à l’augmentation de la couverture radio. Les nœuds de bordure doivent coopérer pour transmettre les paquets des nœuds voisins qui se trouvent en dehors de la zone de couverture de la station de base.Dans les réseaux VANETs, la dissémination des données pour les applications de sureté est un vrai défi. Pour assurer une distribution rapide et globale des informations, la méthode de transmission utilisée est la di usion. Cette méthode présente plusieurs inconvénients : perte massive des données due aux collisions, absence de confirmation de réception des paquets, non maîtrise du délai de transmission, et redondance de l’information. De plus, les applications de sureté transmettent des informations critiques, dont la fiabilité et l’authenticité doivent être assurées.Dans les réseaux WSNs, la limitation des ressources (bande passante, mémoire, énergie, et capacité de calcul), ainsi que le lien sans fil et la mobilité rendent la conception d’un protocole de communication e cace di cile. Certaines applications nécessitent un taux important de ressources (débit, énergie, etc) ainsi que des services de sécurité, comme la confidentialité et l’intégrité des données et l’authentification mutuelle. Ces paramètres sont opposés et leur conciliation est un véritable défi. De plus, pour transmettre de l’information, certaines applications ont besoin de connaître la position des nœuds dans le réseau. Les techniques de localisation sou rent d’un manque de précision en particulier dans un environnement fermé (indoor), et ne permettent pas de localiser les nœuds dans un intervalle de temps limité. Enfin, la localisation des nœuds est nécessaire pour assurer le suivi d’objet communicant ou non. Le suivi d’objet est un processus gourmand en énergie, et requiert de la précision.Pour répondre à ces défis, nous avons proposé et évalué des solutions, présentées de la manière suivante : l’ensemble des contributions dédiées aux réseaux MANETs est présenté dans le deuxième chapitre. Le troisième chapitre décrit les solutions apportées dans le cadre des réseaux VANETs. Enfin, les contributions liées aux réseaux WSNs sont présentées dans le quatrième chapitre

A Comparative Survey of VANET Clustering Techniques

© 2016 Crown. A vehicular ad hoc network (VANET) is a mobile ad hoc network in which network nodes are vehicles - most commonly road vehicles. VANETs present a unique range of challenges and opportunities for routing protocols due to the semi-organized nature of vehicular movements subject to the constraints of road geometry and rules, and the obstacles which limit physical connectivity in urban environments. In particular, the problems of routing protocol reliability and scalability across large urban VANETs are currently the subject of intense research. Clustering can be used to improve routing scalability and reliability in VANETs, as it results in the distributed formation of hierarchical network structures by grouping vehicles together based on correlated spatial distribution and relative velocity. In addition to the benefits to routing, these groups can serve as the foundation for accident or congestion detection, information dissemination and entertainment applications. This paper explores the design choices made in the development of clustering algorithms targeted at VANETs. It presents a taxonomy of the techniques applied to solve the problems of cluster head election, cluster affiliation, and cluster management, and identifies new directions and recent trends in the design of these algorithms. Additionally, methodologies for validating clustering performance are reviewed, and a key shortcoming - the lack of realistic vehicular channel modeling - is identified. The importance of a rigorous and standardized performance evaluation regime utilizing realistic vehicular channel models is demonstrated

Software Protection and Secure Authentication for Autonomous Vehicular Cloud Computing

Artificial Intelligence (AI) is changing every technology we deal with. Autonomy has been a sought-after goal in vehicles, and now more than ever we are very close to that goal. Vehicles before were dumb mechanical devices, now they are becoming smart, computerized, and connected coined as Autonomous Vehicles (AVs). Moreover, researchers found a way to make more use of these enormous capabilities and introduced Autonomous Vehicles Cloud Computing (AVCC). In these platforms, vehicles can lend their unused resources and sensory data to join AVCC. In this dissertation, we investigate security and privacy issues in AVCC. As background, we built our vision of a layer-based approach to thoroughly study state-of-the-art literature in the realm of AVs. Particularly, we examined some cyber-attacks and compared their promising mitigation strategies from our perspective. Then, we focused on two security issues involving AVCC: software protection and authentication. For the first problem, our concern is protecting client’s programs executed on remote AVCC resources. Such a usage scenario is susceptible to information leakage and reverse-engineering. Hence, we proposed compiler-based obfuscation techniques. What distinguishes our techniques, is that they are generic and software-based and utilize the intermediate representation, hence, they are platform agnostic, hardware independent and support different high level programming languages. Our results demonstrate that the control-flow of obfuscated code versions are more complicated making it unintelligible for timing side-channels. For the second problem, we focus on protecting AVCC from unauthorized access or intrusions, which may cause misuse or service disruptions. Therefore, we propose a strong privacy-aware authentication technique for users accessing AVCC services or vehicle sharing their resources with the AVCC. Our technique modifies robust function encryption, which protects stakeholder’s confidentiality and withstands linkability and “known-ciphertexts” attacks. Thus, we utilize an authentication server to search and match encrypted data by performing dot product operations. Additionally, we developed another lightweight technique, based on KNN algorithm, to authenticate vehicles at computationally limited charging stations using its owner’s encrypted iris data. Our security and privacy analysis proved that our schemes achieved privacy-preservation goals. Our experimental results showed that our schemes have reasonable computation and communications overheads and efficiently scalable