TFDD: A trust-based framework for reliable data delivery and DoS defense in VANETs

[EN] A trust establishment scheme for enhancing inter-vehicular communication and preventing DoS attacks `TFDD¿ is proposed in this paper. Based on a developed intrusion detection module (IDM) and data centric verification, our framework allows preventing DDoS attacks and eliminating misbehaving nodes in a distributed, collaborative and instantaneous manner. In addition, a trusted routing protocol is proposed that, using context-based information such as link stability and trust information, delivers data through the most reliable way. In this study, the simulation results obtained demonstrate the effectiveness of our trust framework at detecting dishonest nodes, as well as malicious messages that are sent by honest or dishonest nodes, after a very low number of message exchanges. Furthermore, colluding attacks are detected in a small period of time, which results in network resources being released immediately after an overload period. We also show that, in a worst-case scenario, our trust-based framework is able to sustain performance levels, and outperforming existing solutions such as T-CLAIDS and AECFV.Kerrache, CA.; Lagraa, N.; Tavares De Araujo Cesariny Calafate, CM.; Lakas, A. (2017). TFDD: A trust-based framework for reliable data delivery and DoS defense in VANETs. Vehicular Communications. 9:254-267. doi:10.1016/j.vehcom.2016.11.010S254267

Cyber security analysis of connected vehicles

\ua9 2024 The Authors. IET Intelligent Transport Systems published by John Wiley & Sons Ltd on behalf of The Institution of Engineering and Technology.The sensor-enabled in-vehicle communication and infrastructure-centric vehicle-to-everything (V2X) communications have significantly contributed to the spark in the amount of data exchange in the connected and autonomous vehicles (CAV) environment. The growing vehicular communications pose a potential cyber security risk considering online vehicle hijacking. Therefore, there is a critical need to prioritize the cyber security issues in the CAV research theme. In this context, this paper presents a cyber security analysis of connected vehicle traffic environments (CyACV). Specifically, potential cyber security attacks in CAV are critically investigated and validated via experimental data sets. Trust in V2X communication for connected vehicles is explored in detail focusing on trust computation and trust management approaches and related challenges. A wide range of trust-based cyber security solutions for CAV have been critically investigated considering their strengths and weaknesses. Open research directions have been highlighted as potential new research themes in CAV cyber security area

T-VNets: a novel Trust architecture for Vehicular Networks using the standardized messaging services of ETSI ITS

In this paper we propose a novel trust establishment architecture fully compliant with the ETSI ITS standard which takes advantage of the periodically exchanged beacons (i.e. CAM) and event triggered messages (i.e. DENM). Our solution, called T-VNets, allows estimating the traffic density, the trust among entities, as well as the dishonest nodes distribution within the network. In addition, by combining different trust metrics such as direct, indirect, event-based and RSU-based trust, T-VNets is able to eliminate dishonest nodes from all network operations while selecting the best paths to deliver legal data messages by taking advantage of the link duration concept. Since our solution is able to adapt to environments with or without roadside units (RSUs), it can perform adequately both in urban and highway scenarios. Simulation results evidence that our proposal is more efficient than other existing solutions, being able to sustain performance levels even in worst-case scenarios. © 2016 Published by Elsevier B.VThis work was partially supported by both the Ministerio de Economia y Competitividad, Programa Estatal de Investigacion, Desarrollo e Innovacion Orientada a los Retos de la Sociedad, Proyectos I+D+I 2014, Spain, under Grant TEC2014-52690-R, and the Ministere de l'enseignement superieur et de la recherche scientifique, Programme National Exceptionnel P.N.E 2015/2016, Algeria.Kerrache, CA.; Lagraa, N.; Tavares De Araujo Cesariny Calafate, CM.; Cano Escribá, JC.; Manzoni, P. (2016). T-VNets: a novel Trust architecture for Vehicular Networks using the standardized messaging services of ETSI ITS. Computer Communications. 93:68-83. https://doi.org/10.1016/j.comcom.2016.05.013S68839

Mobile Ad-Hoc Networks

Being infrastructure-less and without central administration control, wireless ad-hoc networking is playing a more and more important role in extending the coverage of traditional wireless infrastructure (cellular networks, wireless LAN, etc). This book includes state-of the-art techniques and solutions for wireless ad-hoc networks. It focuses on the following topics in ad-hoc networks: vehicular ad-hoc networks, security and caching, TCP in ad-hoc networks and emerging applications. It is targeted to provide network engineers and researchers with design guidelines for large scale wireless ad hoc networks

Trust Management for Vehicular Networks: An Adversary-Oriented Overview

© 2016 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more informationCooperative Intelligent Transportation Systems, mainly represented by vehicular ad hoc networks (VANETs), are among the key components contributing to the Smart City and Smart World paradigms. Based on the continuous exchange of both periodic and event triggered messages, smart vehicles can enhance road safety, while also providing support for comfort applications. In addition to the different communication protocols, securing such communications and establishing a certain trustiness among vehicles are among the main challenges to address, since the presence of dishonest peers can lead to unwanted situations. To this end, existing security solutions are typically divided into two main categories, cryptography and trust, where trust appeared as a complement to cryptography on some specific adversary models and environments where the latter was not enough to mitigate all possible attacks. In this paper, we provide an adversary-oriented survey of the existing trust models for VANETs. We also show when trust is preferable to cryptography, and the opposite. In addition, we show how trust models are usually evaluated in VANET contexts, and finally, we point out some critical scenarios that existing trust models cannot handle, together with some possible solutions.This work was supported by the Ministerio de Economia y Competitividad, Programa Estatal de Investigacion, Desarrollo e Innovacion Orientada a los Retos de la Sociedad, Proyectos I+D+I 2014, Spain, under Grant TEC2014-52690-R.Kerrache, CA.; Tavares De Araujo Cesariny Calafate, CM.; Cano Escribá, JC.; Lagraa, N.; Manzoni, P. (2016). Trust Management for Vehicular Networks: An Adversary-Oriented Overview. IEEE Access. 4:9293-9307. https://doi.org/10.1109/ACCESS.2016.2645452S92939307

Design Models for Trusted Communications in Vehicle-to-Everything (V2X) Networks

Intelligent transportation system is one of the main systems which has been developed to achieve safe traffic and efficient transportation. It enables the road entities to establish connections with other road entities and infrastructure units using Vehicle-to-Everything (V2X) communications. To improve the driving experience, various applications are implemented to allow for road entities to share the information among each other. Then, based on the received information, the road entity can make its own decision regarding road safety and guide the driver. However, when these packets are dropped for any reason, it could lead to inaccurate decisions due to lack of enough information. Therefore, the packets should be sent through a trusted communication. The trusted communication includes a trusted link and trusted road entity. Before sending packets, the road entity should assess the link quality and choose the trusted link to ensure the packet delivery. Also, evaluating the neighboring node behavior is essential to obtain trusted communications because some misbehavior nodes may drop the received packets. As a consequence, two main models are designed to achieve trusted V2X communications. First, a multi-metric Quality of Service (QoS)-balancing relay selection algorithm is proposed to elect the trusted link. Analytic Hierarchy Process (AHP) is applied to evaluate the link based on three metrics, which are channel capacity, link stability and end-to-end delay. Second, a recommendation-based trust model is designed for V2X communication to exclude misbehavior nodes. Based on a comparison between trust-based methods, weighted-sum is chosen in the proposed model. The proposed methods ensure trusted communications by reducing the Packet Dropping Rate (PDR) and increasing the end-to-end delivery packet ratio. In addition, the proposed trust model achieves a very low False Negative Rate (FNR) in comparison with an existing model

5G-based V2V broadcast communications: A security perspective

The V2V services have been specified by the 3GPP standards body to support road safety and non-safety applications in the 5G cellular networks. It is expected to use the direct link (known as the PC5 interface), as well as the new radio interface in 5G, to provide a connectivity platform among vehicles. Particularly, vehicles will use the PC5 interface to broadcast safety messages to inform each other about potential hazards on the road. In order to function safely, robust security mechanisms are needed to ensure the authenticity of received messages and trustworthiness of message senders. These mechanisms must neither add significantly to message latency nor affect the performance of safety applications. The existing 5G-V2V standard allow protection of V2V messages to be handled by higher layer security solutions defined by other standards in the ITS domain. However having a security solution at the 5G access layer is conceivably preferable in order to ensure system compatibility and reduce deployment cost. Accordingly, the main aim of this paper is to review options for 3GPP access layer security in future 5G-V2V releases. Initially, a summary of 5G-V2V communications and corresponding service requirements is presented. An overview of the application level security standards is also given, followed by a review of the impending options to secure V2V broadcast messages at the 5G access layer. Finally, paper presents the relevant open issues and challenges on providing 3GPP access layer security solution for direct V2V communication

RITA: RIsk-aware Trust-based Architecture for collaborative multi-hop vehicular communications

This is the pre-peer reviewed version of the following article: Kerrache, C. A., Calafate, C. T., Lagraa, N., Cano, J. C., & Manzoni, P. (2016). RITA: RIsk‐aware Trust‐based Architecture for collaborative multi‐hop vehicular communications. Security and Communication Networks, 9(17), 4428-4442, which has been published in final form at http://onlinelibrary.wiley.com/doi/10.1002/sec.1618/abstractTrust establishment over vehicular networks can enhance the security against probable insider attackers. Regrettably, existing solutions assume that the attackers have always a dishonest behavior that remains stable over time. This assumption may be misleading, as the attacker can behave intelligently to avoid being detected. In this paper, we propose a novel solution that combines trust establishment and a risk estimation concerning behavior changes. Our proposal, called risk-aware trust-based architecture, evaluates the trust among vehicles for independent time periods, while the risk estimation computes the behavior variation between smaller, consecutive time periods in order to prevent risks like an intelligent attacker attempting to bypass the security measures deployed. In addition, our proposal works over a collaborative multi-hop broadcast communication technique for both vehicle-to-vehicle and vehicle-to-roadside unit messages in order to ensure an efficient dissemination of both safety and infotainment messages. Simulation results evidence the high efficiency of risk-aware trust-based architecture at enhancing the detection ratios by more than 7% compared with existing solutions, such as T-CLAIDS and AECFV, even in the presence of high ratios of attackers, while offering short end-to-end delays and low packet loss ratios.This work was partially supported by both the Ministerio de Economia y Competitividad, Programa Estatal de Investigacion, Desarrollo e Innovacion Orientada a los Retos de la Sociedad, Proyectos I+D+I 2014, Spain, under Grant TEC2014-52690-R, and the Ministere de l'enseignement superieur et de la recherche scientifique, Programme National Exceptionnel P.N.E 2015/2016, Algeria.Kerrache, CA.; Tavares De Araujo Cesariny Calafate, CM.; Lagraa, N.; Cano Escribá, JC.; Manzoni, P. (2016). RITA: RIsk-aware Trust-based Architecture for collaborative multi-hop vehicular communications. Security and Communication Networks. 9(17):4428-4442. https://doi.org/10.1002/sec.1618S4428444291

A Trust Management Framework for Vehicular Ad Hoc Networks

The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a user’s trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driver’s future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These “untrue attacks” are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driver’s truthfulness is influenced by their trust score and trust state. For each trust state, the driver’s likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers