Your SlideShare is downloading. ×
0
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice

597

Published on

Presented in WISA 2012 Conference, Jeju, South Korea

Presented in WISA 2012 Conference, Jeju, South Korea

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
597
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Privacy-Aware VANET Security: Putting Data-Centric Misbehavior and Sybil Attack Detection Schemes into Practice Rasheed Hussain*, Sangjin Kim**, and Heekuck Oh* *Hanyang University, **Korea University of Technology and Education, South Korea 2012-08-18 Rasheed Hussain HANYANG UNIVERSITY INFORMATION SECURITY & PRIVACY LAB
  • 2. rasheed@hanyang.ac.kr ` Agenda Main Theme Introduction Problem Statement System Model, Threat Model and Contribution Proposed Scheme Performance Evaluation Discussion and Limitations Conclusion Information Security & Privacy Laboratory @ Hanyang University 2
  • 3. rasheed@hanyang.ac.kr ` Main Theme Data-Centric Misbehavior Detection Scheme (MDS) and Entity-Centric MDS in privacy aware VANET (conditional anonymous) Incorporating both MDS and SAD (Sybil Attack Detection) PAB (Post-Alarm Behavior) in ROEI (Region of Expected Infection) Verification of position information Based on realistic road conditions (traffic regimes) Independent decision on the part of every individual node Threshold revocation scheme Information Security & Privacy Laboratory @ Hanyang University 3
  • 4. rasheed@hanyang.ac.kr ` Introduction[1/3] Security primitives in VANET Maybe different from traditional security primitives For instance, message confidentiality in VANET depends upon the type of the message. Safety-related messages may not need to be encrypted Message integrity (liability issues) Type of messages Misbehavior in VANET (selfish reason/malfunction) e.g. a vehicle might send false report on congestion, accident or road block Not everybody is malicious!! Revocation depends upon DoC (Degree of Consequences) Proceed from taking out the wrong information (revocation of message) all the way to the revocation of the node) “Trust on information rather than source of information” Information Security & Privacy Laboratory @ Hanyang University 4
  • 5. rasheed@hanyang.ac.kr ` Introduction[2/3] Are the trust-management based solutions feasible for VANET? (so many proposed schemes) NO!!!! Ephemeral nature of VANET Privacy is one of the prime security primitive in VANET Secure privacy aware beaconing Incorporate the opposite direction nodes to help in determining the soundness of information Warning/Alarm/Critical Message types maybe finite in number Nodes cross-check the subsequent actions with predefined natural actions Position consistency with virtual ears(by beacon messages) and verified with virtual eyes (Radar) Information Security & Privacy Laboratory @ Hanyang University 5
  • 6. rasheed@hanyang.ac.kr ` Introduction[3/3] Ruj et al. scheme has severe deficiencies If the reported position is not consistent with the alert raised then the message is incorrect and discarded (fig. 1) Information Security & Privacy Laboratory @ Hanyang University 6
  • 7. Problems in Ruj et al.’s scheme Pseudonyms must not change for certain time after alert is sent Privacy (?) Size of Relay messages grows by the factor of the size of MA Flooding (same alert many times) Beacon format is not defined Negation Message Attack (NMA) A node must report the event before it physically crosses the crash site Message duration (FT) may not be sound for relay messages Vehicles have to wait for beacon from both originator and relayer (?) Information Security & Privacy Laboratory @ Hanyang University ` rasheed@hanyang.ac.kr
  • 8. rasheed@hanyang.ac.kr ` Problem Statement In a privacy aware VANET architecture with privacy-aware beaconing scheme where two messages provide un-linkability; how to detect MDS and SAD with real traffic density? AS ∝ 1/P (AS denotes Sybil attack and P denotes Privacy) Privacy preserving beaconing and warning messages Decide the course of action on the basis of underlying traffic density Threshold density calculation from received beacon messages Information Security & Privacy Laboratory @ Hanyang University 8
  • 9. rasheed@hanyang.ac.kr ` Network/Threat Model, Contribution [1/4] Management hierarchy and functional hierarchy Management Hierarchy Level 1 Level 2 Functional Entities Entities Registration/ Overall Management DMV (Department of Motor Vehicles) and Cloud Infrastructure Certification Revocation RCA (Regional CA) RAs (Revocation Authorities) Level 3 Functional Assistance/Gateway Terminals to clouds RSSI (Road-side Static Infrastructure) and RSMI (Road- side Mobile Infrastru cture) Level 4 Operation Vehicular Nodes (OBUs) Information Security & Privacy Laboratory @ Hanyang University 9
  • 10. Network/Threat Model, Contribution [2/4] Threat/Attacker Model Insider who deviates from normal VANET behavior or infringes with a user ’s privacy Having more computation and communication resources Can eavesdrop on wireless channel Forges identities, tracking, and diffuse wrong information in VANET Manipulates with input data for assembling messages Information Security & Privacy Laboratory @ Hanyang University ` rasheed@hanyang.ac.kr
  • 11. rasheed@hanyang.ac.kr ` Network/Threat Model, Contribution [3/4] Functional VANET architecture RA’s V2V DMV V2I RCA’s RSSE Domain RSME Information Security & Privacy Laboratory @ Hanyang University 11
  • 12. rasheed@hanyang.ac.kr ` Network/Threat Model, Contribution [4/4] Objectives and Contribution Devise an algorithm to incorporate both MDS and SAD Agree upon a tradeoff solution for real time traffic density calculation Privacy preserving beaconing and critical warning messages Leverage location verification by virtual ears and virtual eyes Incorporate two-ways traffic and exploit the S-C-F strategy for misbehavior detection Additional Objectives Loose Authentication Conditional anonymity Non-repudiation Assumptions Beacons can be received from 1-hop neighbors Vehicles leverage TRH and omni-directional radar for position verification DMV (department of motor vehicles), RCAs (Regional CAs), RSI Beaconing Identityless (our WISA’09* Paper) Relaying mechanism (Efficient Flooding) Threshold based probabilistic vehicular density calculation *R. Hussain, S. Kim, and H. Oh, “Towards Privacy Aware Pseudonymless Strategy for Avoiding Profile Generation in VANET” In: H.-Y Yoon, M. Yung (Eds.) WISA 2009. LNCS, vol. 5932, pp. 268-280. Springer, Heidelberg (2009) Information Security & Privacy Laboratory @ Hanyang University 12
  • 13. rasheed@hanyang.ac.kr ` Proposed Scheme [1/6] Baseline Beacon format Mb= (m, Gid, σ ,δ) where m is beacon data, σ = HMAC. KV i (T||Gid||Data) and δ = HMAC. K d i(T||Gid||Data||σ) RSI are semi-trusted and Vehicles not trusted TRH are employed in RSUs and OBUs Alert message types stored in OBUs beforehand Information Security & Privacy Laboratory @ Hanyang University 13
  • 14. rasheed@hanyang.ac.kr ` Proposed Scheme [2/6] Warning Message (WM) Sensed Type EID LID Gid T lociT Sig.K TRH (EID, LID, Gid, T, lociT) 1 1 16 2 8 16 42 i Relayed Type T lociT Gid λ Sig. KTRH (T, lociT,Gid, λ) 1 8 16 2 22 42 i Where λ = (EID, LID, Gids, ΔL, ΔT) Information Security & Privacy Laboratory @ Hanyang University 14
  • 15. rasheed@hanyang.ac.kr ` Proposed Scheme [3/6] Alerts and Invalid actions List of invalid events (LIE) d is the safe distance e.g. a car moving with 80kmph and after observing alert, it will reduce to 20kmph , then it will travel less about 100m in the next 2 seconds, thus the positions sent in the beacons will be less than d=100m apart Invalid actions after alert is issued Information Security & Privacy Laboratory @ Hanyang University 15
  • 16. rasheed@hanyang.ac.kr ` Proposed Scheme [4/6] Misbehavior (Data-Centric) MW received Goal Sybil Attacks (Entity-Centric) Lx Sensed MR Observer o Hybrid Mechanism depending upon current T. density MDS (Misbehavior Detection System) SAD (Sybil Attack Detection) Dense Traffic Regime (SAD) and Sparse Traffic Regime (MDS) Privacy aware traffic density calculation ROEI (Region of Expected Infection) for MW storage and Relay Location verification Information Security & Privacy Laboratory @ Hanyang University 16
  • 17. rasheed@hanyang.ac.kr ` Proposed Scheme [5/6] • • Indicator Variable Xb, where Xb=1 if beacon received is from vehicle ahead, and Xb=0 if beacon is from behind or opposite side 𝑋𝑏 = 1 𝑖𝑓 𝑏𝑒𝑎𝑐𝑜𝑛 𝑠𝑒𝑛𝑑𝑖𝑛𝑔 𝑣𝑒ℎ𝑖𝑐𝑙𝑒 𝑖𝑠 𝑎ℎ𝑒𝑎𝑑 𝑋𝑏 = 0 𝑖𝑓 𝑏𝑒𝑎𝑐𝑜𝑛 𝑠𝑒𝑛𝑑𝑖𝑛𝑔 𝑣𝑒ℎ𝑖𝑐𝑙𝑒 𝑖𝑠 𝑏𝑒ℎ𝑖𝑛𝑑 𝑜𝑟 𝑖𝑛 𝑜𝑝𝑝𝑜𝑠𝑖𝑡𝑒 𝑑𝑖𝑟𝑒𝑐𝑡𝑖𝑜𝑛   i t k 1 D (v ) t i t k MW received Check for Freshness Check if already received Check movement trajectory X bbi fb  Wait for beacon from the same vehicle Cosine Similarity     Spatial Checks Temporal Checks Behavioral Checks Integrity Checks Calculate Density and decide whether MDS or SAD Collect beacons for certain time (tk+1-tk) and calculate Threshold density Verify position Check for PWM (PostWarning measurements) Compare the number of alarms with the no. of vehicles (only in one direction) Verify the message from opposite side vehicles Information Security & Privacy Laboratory @ Hanyang University 17
  • 18. rasheed@hanyang.ac.kr ` Proposed Scheme [6/6] Discussion Position Vs Information WPWI (Wrong Position – Wrong Information) RPWI (Right Position – Wrong Information) WPWI (Wrong Position – Right Information) RPRI (Right Position – Right Information) Target Not Likely Assume, there is one time relay minimum Sensed Vs Relayed Alarms Sensed Relayed Distinct Sensed Distinct Relayed Combine the number of senders and cross-check with the traffic D(v)t Information Security & Privacy Laboratory @ Hanyang University 18
  • 19. rasheed@hanyang.ac.kr ` Performance Evaluation [1/2] Security Message authentication Message integrity Privacy protection Anonymity revocability Message revocation and user revocation Partial brute-force strategy Non-frameability Privacy Revocation with order O(d+g) for beacons and O(d.g) for MW Since d<<g so the order of revocation in case of beacon is O(g) Information Security & Privacy Laboratory @ Hanyang University 19
  • 20. rasheed@hanyang.ac.kr ` Performance Evaluation [2/2] Computational Overhead Comparison with other schemes Computations Scheme Certificates with Beacons Profile Generation RSU as Bottleneck Privacy Mb Zhou et al.    Dependent on Pseudonym change Ruj et al.    Dependent on Pseudonym change Our scheme     MW N/A N/A Tp +3Tm + 2TH 2H 2Tp + 6Tm + 4TH Tp + 3Tm + 2TH Tp= Time of Pairing operation ,Tm=Time of point multiplication , H= Hash operation Information Security & Privacy Laboratory @ Hanyang University 20
  • 21. rasheed@hanyang.ac.kr ` Discussion Merits of proposed scheme Privacy-aware threshold-based density calculation User privacy Conditional anonymity No need for RSU support No Temporary identities are used which lead to profilation Utilized opposite traffic for SCF (store-carry-forward) Anonymous position verification Limitations Beacon frequency Flyover scenario 3D position verification (if possible) The relay mechanism may introduce some overhead temporarily Information Security & Privacy Laboratory @ Hanyang University 21
  • 22. rasheed@hanyang.ac.kr ` Conclusion HMDS: Hybrid MDS (Flexible) Privacy-aware Density-based scheme Efficient position verification Misbehavior is detected with independent position verification Immune to Sybil attacks Incorporating 2-way traffic Information Security & Privacy Laboratory @ Hanyang University 22
  • 23. rasheed@hanyang.ac.kr ` Information Security & Privacy Laboratory @ Hanyang University 23

×