Skip to content

`# Paper reviews

Title: A survey on internet of vehicles: Applications, security issues & solutions

Authors: Surbhi Sharma, Baijnath Kaushik

Institution: Shri Mata Vaishno Devi University, Katra, India

Absract

IoV (Internet of Vehicles) 的几个特性:

  • Dynamic topological structures
  • Huge network scale
  • Reliable internet connection
  • Compatibility with personal devices
  • High processing capability

相关研究的 topics 包括:

  • Security requirements
  • Security challenges
  • Security attacks

本文着重讨论与 IoV 相关的应用,包括 IoV 与 VANETs 的比较。并提出一个轻量级认证方案 (lightweight authentication protocol) for RFID (Radio-Frequency Identification devices)。

1. Introduction

VANETs assists the drivers about real-time traffic by transmitting warning and information message as well as by generating alerts for hazards.

Two kinds of communication are possible in VANETs-vehicle to vehicle (V2V) and vehicle to road-side units (V2R).

Main aim:

  • Provide traffic safety and efficiency
  • Recude time, cost and pollutant emission

Issues:

  • Unreliable internet service
  • Incompatibility with personal devices
  • Less commercialization
  • Limited processing capability
  • Singleton network architecture
  • Unavailability of cloud computing services

Technologies used in IoT:

  • Real-time localization
  • Short-range wireless communications
  • RFID
  • Sensor networks
  • Smart transport, smart industry, smart energy, smart home, smart health ... 1

Inter-vehicular communication, intra vehicular communication, and vehicular mobile Internet are the three main communication components of IoV2.

Five types:

  1. Vehicle-to-Vehicle (V2V)
  2. Vehicle-to-Roadside Units (V2R)
  3. Vehicle-to-Personal devices (V2P)
  4. Vehicle-to-Sensors (V2S)
  5. Vehicle-to-Infrastructure of cellular networks (V2I)

Three kinds of wireless technologies:

  1. Vehicular communications (DSRC/CALM)
  2. Cellular mobile communication (4G/LTE, WiMax and Satellite)
  3. Short-range static communication (Zigbee, Bluetooth, and Wi-Fi)

Four layers:

  • Environment sensing and control layer
  • Application layer
  • Network access and transport layer
  • Coordinative computing control layer

... but there are still various challenges that exist in VANETs which is not desirable in modern transportation systems. VANETs lacks the infotainment features like online vedio streaming, gaming, etc. which may hamper the driving experience and thus it have commercialization issues 3.

2. Comparison of IoV and VANETs

IoV is considered as a superset of VANETs.

  • Goal, IoV 的目标更广,关注的问题更多
  • Communication types, VANETs 中只有 V2I 和 V2V 两种
  • Compatibility, IoV 可以连接个人设备 (personal devices)
  • Range of usage, global vs local
  • Processing competence
  • Market attention, IoV 更受欢迎4
  • Specification of network, collaboration (more flexibility) vs singleton network
  • Internet facility
  • Data size, global data vs limited data
  • Network connectivity
  • Decision making
  • Utility of application
  • Cognizance of network
  • Cloud computing
  • Self-reliant cloud

Note

注: 这里提到 IoV 可以提供娱乐功能,这一点在 VANETs 中是没有的。

3. Applications in VANETs and IoV

粗略分为四类5

  • Safety-related applications
  • Comfort and infotainment
  • Traffic efficiency and management
  • Health-care applications

Safety application is designed with the intention to act proactively and to provide the driver with beforehand warning, and thus, eventually avoiding the mishap from occurring in any case.

  • Intersection collision avoidance
  • Public safety related applications
  • Sign extension
  • Vehicle diagnostics and maintenance
  • Information from other vehicles

Note

  • RSU 可以起到主动提醒的作用,比如红绿灯信息原本是由司机“被动”看到的,但 RSU 可以通过主动广播发送信息来提醒附近车辆。
  • 急救车可以通过发送信息来获得没有拥堵的道路

3-2 Comfort and infotainment applications

  • Peer to peer file-sharing applications
  • Intelligent parking navigation system
  • Internet service provisioning
  • Car pooling

Note

  • P2P 共享系统已经在 VANETs 上有相应的研究,如 CarTorrent6, Fleetnet7

3-3 Traffic efficiency and management

  • Intersection management
  • Road congestion management
  • Electronic toll collection
  • Digital map downloading

3-4 Health-care applications

Personal Health Information (PHI) of a patient like blood pressure, pulserate, and body temperature, etc. are provided by body sensors while environmental conditions around the patient are provided by ambient sensors.

e.g. VehiHealth 8

4. Security aspect of VANETs and IoV

Security if one of the challenging issues in IoV and VANETs because if a vehicle is controlled by a hacker with the ulterior intention, it will result in traffic accidents.

4-1 Security requirements in VANETs and IoV

  • Authentication
  • Confidentiality
  • Availability
  • Data integrity
  • Non-repudiation
  • Access control
  • Privacy
  • Data verification
  • Real-time guarantees
  • Anti-Jamming
  • Impersonation
  • Forgery
  • Liability identification
  • Scalability

4-2 Security challenges in VANETs and IoV

  • Low errors tolerance
  • Key management Key Revocation
  • High mobility
  • Paradox between seruciry and privacy
  • Cloud stability, security, and privacy

Key Revocation

传统的撤销方式是使用 certification revocation lists (CRLs),这个方法在 VANETs 中不可行。最主要的原因就是处理撤销的时间会随着列表的长度线性增加。

5. Security attacks and threats in IoV and VANETs

  • Sybil attack
  • Denial of Service (DoS) attack
  • Distributed Denial of Service (DDoS) attack
  • Black Hole attack
  • Grey Hole attack
  • Worm Hole attack
  • Sink Hole attack
  • Bogus Information attack
  • Node Impersonation attack
  • Man in the Middle attack
  • Replay attack
  • Spamming attack
  • Illusion attack
  • Snooping attack
  • Masquerading attack
  • ID Disclosure attack
  • Message tampering attack
  • Brute force attack
  • Social attack
  • Timing attack
  • Home attack
  • Repudiation attack
  • Session hijacking attack
  • Key and/or certificate revocation attack

6. Security solutions for attacks in IoV

6-1 Security Solutions to Sybil Attack

Obfuscated neighbor relationship of roadside unites (DMON) 9 使用环签名的方法来对证书进行签名并作为短期的身份凭证,并利用相邻节点的关系来检测恶意节点:

  • Advantages: has a higher detection rate and lower computational overhead
  • Disadvantages: has information synchronization of all RSUs in signature verification

Event-based reputation system (EBRS) 10 基于 unique reputation

  • Advantages: preserves the privacy, ensures the integrity of the message

Received signal strength indicator (RSSI) 11

  • Advantages: using voiceprint
  • Disadvantages: power control is still a complicated problem

Spider-Monkey Technique 12 : bosst the synchronization of packet delivery time

  • Advantages: measurement precision, intrusion detection rate and energy efficiency
  • Disadvantages: Simulator's name and node density are not mentioned

Privacy Preserving Detection of Abuses of Pseudonyms (P2DAP) 13

  • Advantages: distributes the computation overload from DMV to RSB thus the simulation result detect sybil nodes at low overhead and delay
  • Disadvantages: node density not mentioned

Note

上面大部分使用的 simulator 是 NS-2

6-2 Security sollutions to DoS attack

Enhanced Attacked Packet Detection Algorithm (EAPDA) 14, each RSU is verified with EAPDA algorithm, malicious nodes will be detected if RSUs observe unusual vehavior of transferring more packets than normal behavior.

  • Advantages: avoids the delay as it performs early detection of malicious nodes, boosts the false positive rate

Privacy-preserving mutual authentication framework with denial-of-service attack resistance (MADAR) 15, relies on two authentications: vehicle-roadside authentication and vehicle-vehicle authentications.

..., each vehicle needs to register itself to a regional trusted authority (RTA) to get a set of RSU IDs.

It is based on the existing combination of identity-based signature (IBS) schemes and ID-based online/offline signature (IBOOS) scheme to increase efficiency.

  • Advantage: Security objectives are attained with moderate computation and communication overheads.

Two-phase signature-based authentication scheme 16, phase-1 is entity authentication which is designed to mitigate the outsider attackers by using HMAC, phase-2 is the detection of inside attackers and is performed once the communication entity assumed to be authentic in the first phase while message authentication fails at the receiver side.

  • Advantages: experimental results show that it performs better
  • Disadvantages: proposed system cannot detect attackers if the system is flooded with bogus information and valid signatures

P-secure approach 17, in the first phase, required information of vehicles is retrieved like vehicles location, speed, number of sent packets, etc. and threshold values are set manually for each parameter and if received information exceeds the threshold value then it is assumed that malicious vehicle is involved which in turn leads to the possibility of an attack.

Phase 2 of P-secure approach is to address the new requests from the vehicles that want to join the network.

  • Advantages: Results outperforms the other existing methods

Puzzle-based co-authenticaton (PCA) scheme 18, i.e., design hash puzzles against DoS attacks as well as to speed up certificates authentication by co-authentication based on mutual trust cluster.

  • Advantages: improves the real-time ability and practicality of distributed pseudo certificate authentication schemes
  • Disadvantages: function of the puzzle may be affected as generated hash puzzle values are not concentrated in the same given time distributed pseudo certificate authentication

6-3 Security solutions to DDoS attack

Cellular automata-based improved ant-colony based optimization algorithm (CA-IACOA) 19 , adopts dynamic nature by relying on pheromone adaptive adjustment strategy which is based on negative feedback concepts for achieving an optimal solution.

  • Advantages: efficiency is greatly increased due to global search dimension and pheromone adaptive adjustment strategy

20 aims to diferentiate between legitimate user and malicious attacker based on the comparison of the communication time period.

  • Advantages: has minimumoverhead on the network

A novel approach 21 employed local protection nodes (LPN) to detect DDoS attacks.

  • Advantages: is simple and efficient
  • Disadvantages: is not compared with any other existing method

Group controlled analysis model 22 focusses on group formation based on parameters like node speed, direction, and load limit and after this, the group leader is identified to control the entire communication.

  • Advantages: group specific restricted region analysis helps in identifying the attacker easily

23 aims to detect the routing misbehavior of an attacker against traffic congestion.

  • Advantages: Performance is improved by the proposed scheme in the presence of attack

24 analyzed synchronization based DDoS attacks and proposed different techniques to deal with it. The focus is to randomize the schedule of periodic broadcasts in order to prevent the random time guessing by attackers.

  • Advantages: are supported by mathematical analysis as well as simulation results
  • Disadvantages: results are not compared with other existing methods

Roadside management traffic unit (RTMU) 25, all nodes keep on sharing their location with RTMU as well as all nodes can communicate with each other through RTMU.

  • Advantages: simple and efficient
  • Disadvantages: results not compared with other approaches

Location-based technique (LICBM) 26, is based on determining the frequency of message sent by the source node.

  • Advantages: proposed approach has many advantages over more sophisticated statistical instruments

6-4 Security solutions to Black-Hole attack

6-5 Security solutions to Gray Hole attack

6-6 Security solutions to Worm Hole attack

6-7 Security solutions to Sink Hole attack

6-8 Security solutions to Node Impersonation attack

6-9 Security solutions to Man-in-the-middle attack

6-10 Security solutions to GPS spoofing

6-11 Security solutions to Masquerading attack

END

  1. L. Atzori, A. Iera, G. Morabito, The Internet of things: a survey, Comput. Netw. 54 (15) (2010) 2787–2805. 

  2. M. Priyan, G.U. Devi, A survey on Internet of vehicles: applications, technologies, challenges and opportunities, Int. J. Adv. Intel. Paradig. 12 (1–2) (2019) 98–119. 

  3. C.T. Barba, et al., Smart city for VANETs using warning messages, traffic statistics and intelligent traffic lights, in: 2012 IEEE Intelligent Vehicles Symposium (IV), IEEE, 2012. 

  4. Y. Fangchun, et al., An overview of Internet of vehicles, China Commun.11 (10) (2014) 1–15. 

  5. L.C. Hua, et al., Social networking-based cooperation mechanisms in vehicular ad-hoc network—a survey, Veh. Commun. 10 (2017) 57–73. 

  6. K.C. Lee, et al., First experience with cartorrent in a real vehicular ad hoc network testbed, in: 2007 Mobile Networking for Vehicular Environments, IEEE, 2007. 

  7. H. Hartenstein, et al., Position-aware ad hoc wireless networks for intervehicle communications: the Fleetnet project, in: Proceedings of the 2nd ACM International Symposium on Mobile Ad Hoc Networking & Computing, ACM, 2001. 

  8. S.K. Bhoi, P.M. Khilar, Vehihealth: an emergency routing protocol for vehicular ad hoc network to support healthcare system, J. Med. Syst. 40 (3) (2016) 65. 

  9. X. Feng, J. Tang, Obfuscated RSUs vector based signature scheme for detecting conspiracy sybil attack in VANETs, Mob. Inf. Syst. (2017). 

  10. X. Feng, et al., A method for defensing against multi-source Sybil attacks in VANET, Peer-to-Peer Netw. Appl. 10 (2) (2017) 305–314. 

  11. Y. Yao, et al., Multi-channel based Sybil attack detection in vehicular ad hoc networks using RSSI, IEEE Trans. Mob. Comput. (2018). 

  12. C. Iwendi, et al., On Detection of Sybil Attack in Large-Scale VANETs Using Spider-Monkey Technique, IEEE Access (2018). 

  13. T. Zhou, et al., P2DAP—Sybil attacks detection in vehicular ad hoc networks, IEEE J. Sel. Areas Commun. 29 (3) (2011) 582–594. 

  14. A. Singh, P. Sharma, A novel mechanism for detecting DOS attack in VANET using Enhanced Attacked Packet Detection Algorithm (EAPDA), in: 2015 2nd International Conference on Recent Advances in Engineering & Computational Sciences (RAECS), IEEE, 2015. 

  15. C. Sun, et al., A privacy-preserving mutual authentication resisting dos attacks in VANETs, IEEE Access 5 (2017) 24012–24022. 

  16. B. Pooja, et al., Mitigation of insider and outsider DoS attack against signature based authentication in VANETs, in: 2014 Asia-Pacific Conference on Computer Aided System Engineering (APCASE), IEEE, 2014. 

  17. R. Fotohi, Y. Ebazadeh, M.S. Geshlag, A new approach for improvement security against DoS attacks in vehicular ad-hoc network, Int. J. Adv. Comput. Sci. Appl. 7 (7) (2016) 10–16. 

  18. P. Liu, et al., Mitigating DoS attacks against pseudonymous authentication through puzzle-based co-authentication in 5G-VANET, IEEE Access 6 (2018) 20795–20806. 

  19. K.D. Thilak, A. Amuthan, Cellular automata-based improved ant colony-based optimization algorithm for mitigating DDoS attacks in VANETs, Future Gener. Comput. Syst. 82 (2018) 304–314. 

  20. M. Shabbir, et al., Detection and prevention of distributed denial of service attacks in VANETs, in: 2016 International Conference on Computational Science and Computational Intelligence (CSCI), IEEE, 2016. 

  21. P. Bansal, S. Sharma, A. Prakash, A novel approach for detection of distributed denial of service attack in VANET, Int. J. Comput. Appl. 120 (5) (2015). 

  22. S. Grover, P. Mittal, A novel model based on group controlled observation for DDOS attack detection and prevention in VANET, Indian J. Inf. Sci. Technol. 9 (36) (2016). 

  23. A. Pathre, C. Agrawal, A. Jain, A novel defense scheme against DDOS attack in VANET, in: 2013 Tenth International Conference on Wireless and Optical Communications Networks (WOCN), IEEE, 2013. 

  24. S. Biswas, J. Mišić, V. Mišić, DDoS attack on WAVE-enabled VANET through synchronization, in: 2012 IEEE Global Communications Conference (GLOBE-COM), IEEE, 2012. 

  25. M. Kaur, P. Kumar, R. Gang, Location base technique for efficient transmission under DDOS attack in VANET, 2016. 

  26. M. Kaur, P. Kumar, R. Gang, Location base technique for efficient transmission under DDOS attack in VANET, 2016.