Malicious Vehicles Research Articles

Physically Secure and Conditional-Privacy Authenticated Key Agreement for VANETs

To avoid physically extracting secrets from the storage of devices, Physical Unclonable Function (PUF) is used in various authentication schemes. In these schemes, after the devices are registered on the Trusted Authority (TA), the subsequent authentication still must need the help of the TA. And these devices usually don't move. Due to the high mobility of vehicles, frequent involvement with the TA becomes expensive and impractical in motion. As a result, these schemes are not well suited to VANETs where devices move at high speeds. Motivated from this, we propose a physically secure and conditional-privacy authenticated key agreement scheme for VANETs. In the proposed scheme, PUF is utilized to prevent the physical extraction of secrets from vehicles and RSUs. Unlike others using PUF, the proposed scheme does not require the TA's participation during the authentication between the vehicles and RSUs. Meanwhile, the proposed scheme provides conditional-privacy with pseudonym mechanism, which enables the anonymity of legitimate vehicles and the tracking of malicious vehicles. Then, formal and informal security analysis show that the proposed scheme meets the expected goals and is secure against several known attacks in VANETs. Finally, compared with relevant studies, the proposed scheme has certain advantages in computation burden and communication burden.

Proof of Travel for Trust-Based Data Validation in V2I Communication

Previous work on misbehavior detection and trust management for Vehicle-to-Everything (V2X) communication security is effective in identifying falsified and malicious V2X data. Each vehicle in a given region can be a witness to report on the misbehavior of other nearby vehicles, which will then be added to a "blacklist." However, there may not exist enough witness vehicles that are willing to opt-in in the early stage of connected-vehicle deployment. In this paper, we propose a "whitelisting" approach to V2X security, titled Proof-of-Travel (POT), which leverages the support of roadside infrastructure. Our goal is to transform the power of cryptography techniques embedded within Vehicle-to-Infrastructure (V2I) protocols into game-theoretic mechanisms to incentivize connected-vehicle data sharing and validate data trustworthiness simultaneously. The key idea is to determine the reputation of and the contribution made by a vehicle based on its distance traveled and the information it shared through V2I channels. In particular, the total vehicle miles traveled for a vehicle must be testified by digital signatures signed by each infrastructure component along the path of its movement. While building a chain of proofs of spatial movement creates burdens for malicious vehicles, acquiring proofs does not result in extra costs for normal vehicles, which naturally want to move from the origin to the destination. The POT protocol is used to enhance the security of previous voting-based data validation algorithms for V2I crowdsensing applications. For the POT-enhanced voting, we prove that all vehicles choosing to cheat are not a pure Nash equilibrium using game-theoretic analysis. Simulation results suggest that the POT-enhanced voting is more robust to malicious data.

Toward Robust Hierarchical Federated Learning in Internet of Vehicles

The rapid growth of the Internet of Vehicles (IoV) paradigm sparks the generation of large volumes of distributed data at vehicles, which can be harnessed to build models for intelligent applications. Federated learning has recently received wide attentions, which allows model training over distributed datasets without requiring raw datasets to be shared out. However, federated learning is known to be vulnerable to poisoning attacks, where malicious clients may manipulate the local datasets or model updates to corrupt the global model. Such attacks have to be countered when federated learning is adopted in IoV systems, given that the training process is distributed among a large number of vehicles in an open environment. In addition, IoV systems present a hierarchical architecture in practice where other types of nodes sit between the cloud server and vehicles, allowing intermediate aggregation for reducing overall training latency. Yet the intermediate aggregation nodes may also pose threats. In this paper, we propose a robust hierarchical federated learning framework named RoHFL, which allows hierarchical federated learning to be suitably applied in the IoV with robustness against poisoning attacks. We develop a robust model aggregation scheme that contains a logarithm-based normalization mechanism to cope with scaled gradients from malicious vehicles. We integrate the notion of reputation into the aggregation process and develop a scheme for reputation updating. We provide a formal analysis of RoHFL’s convergence guarantees. Experiment results over several popular datasets demonstrate the promising performance of RoHFL, which is superior to prior work in the robustness against poisoning attacks.

Efficient and Trusted Data Sharing in a Sharding-Enabled Vehicular Blockchain

Data sharing is essential for future autonomous vehicles in vehicular networks. Building trust in the shared data can be challenging among mutually unknown vehicles in an open and distributed environment. Blockchain is the key to establish trusted data sharing in a decentralized vehicular environment. However, the low efficiency (e.g., transaction per second, TPS) of blockchain is the bottleneck for the efficient data sharing. Moreover, the highly dynamic topology, the imperfect wireless links, and the limited radio coverage may further slow down the blockchain consensus process. To improve the efficiency and trustworthiness of data sharing in a vehicular network, we propose a sharding-enabled vehicular blockchain system. Specifically, the blockchain-enabled vehicles are dynamically allocated to different shards based on their geographical locations so that transactions are processed in parallel. We design an efficient and trusted sharding-enabled blockchain consensus mechanism by integrating a reputation-assisted intrashard consensus and a vehicle-assisted inter-shard consensus. The reputation assistance in intra-shard consensus is designed to defend against the collusive false-block attack that may happen in a small-scale shard environment. The vehicle-assisted intershard consensus is designed to tackle the issues caused by defective roadside units (RSUs). Simulation results demonstrate the improved performance on efficiency and trustworthiness of the proposed system. In addition, trusted data sharing can be established even under the conditions of malicious vehicles or attacked RSUs.

Detection method to eliminate Sybil attacks in Vehicular Ad-hoc Networks

A Sybil attack is caused by a malicious vehicle node stealing fake identities and continuously generating fake vehicles on the road to create the illusion of congestion, which endangers normal vehicles on the road. Because Sybil vehicle nodes have trajectories and motion states similar to those of normal vehicles, they are more difficult to detect in high-density traffic environments. The real-time authentication of vehicles is impossible in the existing traffic environment; thus, malicious vehicle nodes with a high degree of stealth can continuously attack and are difficult to stop. In this paper, we propose a Sybil attack detection method based on basic security message (BSM) packets, which exploits the characteristic that BSM packets have a unique sending source and uses the spatiotemporal relationship of dynamic vehicle location changes to detect and trace Sybil attacks. A weighted integration strategy is proposed for increasing the detection precision without machine-learning model prediction. Experimental results indicated that the proposed method can detect Sybil attacks in real time and is not affected by the attack density or traffic density. Moreover, it can detect Sybil nodes and trace malicious nodes simultaneously, with precisions of ¿98% and ¿94%, respectively, resolving the difficulties of existing detection schemes.

T-PORP: A Trusted Parallel Route Planning Model on Dynamic Road Networks

Route planning over dynamic road networks is an increasingly fundamental problem of modern transportation systems for human society, especially in the field of Intelligent Supply Chain (ISC). Due to the high degree of urbanization and the high number of vehicles, longer response time caused by massive concurrent queries, as well as more attacks caused by malicious vehicles, results in low efficiency of the transportation system and huge waste of computation resources. Thus, it is necessary to provide an efficient and safe transportation service for intelligent transportation planning. To achieve it, we utilize and improve the trust model to prevent the waste of computation resources. Meanwhile, we introduce a Trusted Parallel Optimization on Route Planning (T-PORP) based on Dual-level Grid (DLG) index to continuously handle the process of route planning in parallel. Considering the evolving traffic condition, we employ an LSTM (Long Short-Term Memory) neural network to periodically predict the weights of roads. Experimental results indicate that T-PORP is effective to sorts of trust model attacks and reduces the response time by an average of about 46.7% and saves the processing time by an average of about 27.6% compared with CANDS (Continuous Optimal Navigation via Distributed Stream Processing) algorithm.

Learning Based Longitudinal Vehicle Platooning Threat Detection, Identification and Mitigation

The security of cyber-physical systems, such as vehicle platoons, is critical to ensuring their proper operation and acceptance to society. In platooning, vehicles follow one another according to an agreed-upon control law that determines vehicle separation. We show that a vehicle within a platoon and under the control of a malicious actor could cause collisions or decrease the efficiency of surrounding vehicles. This paper focuses on detecting, identifying, and mitigating so-called destabilizing attacks that could cause vehicle collisions. Our approach is decentralized and requires only local sensor information for each vehicle to identify the vehicle responsible for the attack and then deploy an appropriate mitigating controller that prevents collisions. We use a Deep Learning approach (Convolutional Neural Network) with various data preprocessing techniques to detect and identify the malicious vehicle. Results indicate that even with decent noise levels in range and relative speed data, we achieve accuracy up to 96.3%. Also, once the adversarial vehicle is localized, we derive conditions for controller gains using the Routh Hurwitz criterion to mitigate the attack and ensure the stability of the platoon. Realistic simulator CARLA and MATLAB simulation results validate the effectiveness of our proposed approaches.

A trust management model in internet of vehicles

The Internet of Things (IoT) is one of the most evolving technologies, which has a major impact on our daily life. Almost all new devices will have a feature to be connected and controlled over the Internet. Several applications are utilizing IoT to enhance routine processes and actions efficiently. The Internet of Vehicles (IoV) evolved from IoT, where vehicles communicate with each other or with other objects to have a better transportation environment to reduce the number of accidents and save people’s lives. IoV is considered new fields that need security requirements including confidentiality, integrity, availability, authentication, and trust. Trust management technique is used to validate entities behaviors automatically against well-defined policies. The major categories of trust model in IoV are based on entity, data, or a combination of both. This paper proposes a trust model which is based on a combination of entity and data to define the trust of vehicles and utilize the public key infrastructure to distribute certificates to vehicles. Based on certificate validation, messages will be trusted and accepted. This model has been tested across different simulation scenarios which showed that the proposed model detected malicious vehicles and trusted vehicles did not accept their messages.

Efficient ECC-based Conditional Privacy-preserving Aggregation Signature Scheme in V2V

Vehicular ad-hoc network system provides network communication technology and plays an important role in road safety and traffic control. Conditional privacy-preserving can safeguard privacy as well as trace malicious vehicles, which is critical in the system. However, in the restricted computing and communication resource situation, how to ensure the conditional privacy security remains a challenge. To address this issue, this research work proposes an efficient conditional privacy-preserving scheme. In this scheme, firstly, a certificateless aggregation signature has been performed on board to avoid channel conflicts, and to our best knowledge, this scheme is the first one to propose aggregation on board. Also an elliptic curve point multiplicative operation has been utilized to decrease the cost consumed in computation. Secondly, this paper gives the security proof of the proposed scheme against the existence of unforgeability under adaptively chosen message attack for Type-I and Type-II adversaries in the random oracle model. Lastly, comprehensive performance comparisons covering the computation, communication and storage costs have been done to state that the proposed scheme is more efficient than the existing solutions. Significantly, this scheme saves at least 86% in communication overhead than compared schemes.

A blockchain-based reputation system for trusted VANET nodes

Vehicular network applications, such as Local Danger Warnings (LDW), have become necessary as they provide services to drivers with warnings and instructions to ensure safe driving. However, before any vehicle reacts to an alert, it is essential to verify its veracity because an incorrect warning misleads other vehicles and causes unnecessary delays and detours in traffic. On the other hand, ignoring an alert or taking too long to verify it can cause accidents. A common way to address this problem is via a reputation system, where the veracity and plausibility of an alert message are assessed based on the reputation of the vehicle that discloses it. This paper describes a decentralized reputation system based on a consortium blockchain and smart contracts called BRS4VANETs. This system analyzes the reliability of data generated by a vehicle, detects malicious behavior, and contributes to decision-making. The complete functional architecture of the system, detailing the algorithms, evaluation metrics, communication protocol, and message formats, is described and implemented. Experiments with network and traffic simulators evaluated the risk of a false message attack, the effectiveness of the system and its overheads. The assessment demonstrates the importance of reputation systems and also shows the feasibility of having a decentralized system to store and disseminate reputation information based on blockchain technologies. Finally, the results also demonstrate that BRS4VANETs can successfully detect suspicious and malicious vehicles.

TGRV: A trust-based geographic routing protocol for VANETs

Vehicular ad-hoc networks (VANETs) consist of highly mobile and self-organized nodes that wirelessly communicate with one another and transmit a variety of information, some of which may be critical information. Due to the rapidly changing topology of VANETs and the high-speed mobility of the participating vehicles, the routing of packets in these networks is a challenging task. Moreover, the presence of malicious vehicles in VANETs makes the correct routing of packets more challenging. In this paper, we propose a trust-based geographic routing protocol for VANETs (TGRV) that limits the participation of malicious vehicles in routing. In TGRV, to select the next-hop, a sender not only considers the distance, speed, and direction of its neighbors but also evaluates their direct trust and recommendation trust. For this purpose, TGRV uses a monitoring system that allows each vehicle to monitor the correct packet forwarding rate of its next-hop. In this way, the vehicle updates its direct trust to the next-hop and retransmits the packets if the packets are lost. The vehicle also sends its observations of the next-hop to its neighbors with a push-based notification, and based on that, the neighbors can update their recommendation trust about the next-hop. The monitoring system applies distance prediction in a modified promiscuous mode to better estimate the correct packet forwarding rate of the next-hop. To enhance the accuracy of trust management, the trust values of interactions are reduced over time by using a decay factor. TGRV uses the number and trust of two-hop neighbors, which helps in selecting the next-hop that is in a more trusted zone. Our extensive simulations on OMNeT++ show that when the percentage of malicious vehicles in an urban scenario increases from 0 to 25%, the packet delivery ratio of TGRV decreases from 95.1 to 88.7%, which performs very well compared to the GPSR and PGRP protocols. Also, the end-to-end delay of TGRV increases from 3.79 to 7.07 s and the average hop count of TGRV increases from 6.7 to 9.9, which are significant increases compared to the other two protocols. These increases are acceptable because, in the other two protocols, there is no monitoring and retransmission, and the probability of packet delivery failure on longer routes is higher. The cost and security analysis also show that the memory, communication, and computational overheads of TGRV are acceptable, and TGRV is resistant and resilient to some important trust-based attacks.

Over-the-Air Software-Defined Vehicle Updates Using Federated Fog Environment

With recent advancements in software-defined vehicles, over-the-air (OTA) software updates are crucial to roll out new software and patches for connected vehicles. Traditionally, outdated vehicles are recalled by the manufacturers, however, owners are notoriously difficult to reach with recall notices. Also, organizational and procedural challenges result in many outdated vehicles with insecure and unstable software. In this paper, we propose a dissemination framework for OTA updates using a federated fog environment. Pushing the update to all vehicles via the fog nodes may congest the network, leading up to a single-point failure for update dissemination, as well as, disruption to other installed services at the fog nodes. We propose a software-defined mechanism to select a pivot, which gets the update from the fog node and streams it to other vehicles. Moreover, a timer-barrier mechanism is proposed to identify any malicious vehicles that are barred from participating in pivot selection. The experimental evaluation demonstrates that the proposed scheme improves network convergence time by 40% with 95% node trustworthiness.

SIoVChain: Time-Lock Contract Based Privacy-Preserving Data Sharing in SIoV

Social Internet of Vehicles (SIoV) is an emerging technology in the smart city environment, enabling smart vehicles to form social groups and exchange data among themselves. SIoV facilitates many applications aiming to improve driving safety and traffic monitoring by sharing data among vehicles. It ensures a safe and comfortable drive. However, privacy, data confidentiality, and data integrity are the major challenges during multi-hop data transfer that must be addressed for the wide adoption of SIoV. The existing solutions do not provide anonymity and consume more network resources. To address these issues, we propose SIoVChain, a time-lock contract-based privacy-preserving data sharing scheme with incentives for SIoV. It does not only enable data sharing between vehicles anonymously but incentivizes them also. In addition, the proposed framework imposes a penalty anonymously if a malicious vehicle disseminates false information. SIoVChain is shown to be secure against stealing processing fee attack while preserving sender-receiver privacy and path privacy. Universal Composability (UC) framework is used to verify user privacy. The feasibility and efficiency of the scheme are also demonstrated.

Detecting Sybil Attacks in Vehicular Fog Networks Using RSSI and Blockchain

Vehicular Fog Computing (VFC) is a paradigm of vehicular networks that has a set of advantages such as agility, efficiency, and reduced latency. The VFC is vulnerable to a variety of attacks, and existing security measures in traditional networks are not necessarily applicable to VFC. Among these attacks, we can find the Sybil attack that allows a vehicle to create multiple identities to perform malicious operations. In this paper, we propose a blockchain-based mechanism to detect Sybil attacks in VFC networks. The detection process consists of two levels; the first one is targeted toward the verification of the vehicle’s position by the FN using the Received Signal Strength Indicator (RSSI) technique. The FN delivers a position proof, if its position is valid, and stores it in the blockchain. At this point, the set of the obtained position proofs constitutes a trajectory. The second level is projected toward a comparison between the trajectories of the vehicles reporting an event. Two trajectories that pass through the same FNs at the same time, will be considered as Sybil trajectories. The objective of these two-level detections is to identify the Sybil attack in several attack scenarios performed by a powerful adversary. Our analysis shows that existing proposals cannot deal with such an adversary. Moreover, simulation results show the efficiency of our proposal in terms of communication, computation, and detection rate. Indeed, our system can reach a detection rate of 98% when the malicious vehicle generates several aliases simultaneously and sends position requests to the FN for each generated pseudonym.

Privacy-Protecting and Reputation-Based Participant Recruitment Scheme for IoV-Based MCS

Mobile crowdsensing (MCS) has appeared as a viable solution for data gathering in Internet of Vehicle (IoV). As it utilizes plenty of mobile users to perform sensing tasks, the cost of sensor deployment can be reduced and the data quality can be improved. However, there exist two main challenges for the IoV-based MCS, which are the privacy issues and the malicious vehicles issues. Therefore, how to protect privacy, resist malicious vehicles, and recruit trustworthy contributors are crucial to be investigated. In order to solve the challenges simultaneously, we propose a privacy-protecting and reputation-based participant recruitment scheme, including a privacy-protecting mechanism, reputation value calculation method, and reputation-based recruitment algorithm. In particular, the privacy-protecting mechanism can be executed quickly since 1) its signaling overhead is low and 2) the computation-intensive procedures are processed by the mobile edge server. The reputation value calculation method considers the vehicle’s past behaviors and Quality of Information (QoI) to guarantee the accuracy. In addition, the introduction of time fading makes the current behavior have a larger weight. The reputation value will drop rapidly once a malicious behavior is detected, so that the method can detect malicious vehicles more quickly. Moreover, we propose a reputation-based recruitment algorithm to recruit appropriate vehicles to perform sensing tasks based on the above method. Simulation results demonstrate that our method can assess the reputation value accurately and detect malicious vehicles quickly while protecting the privacy. It is shown that our recruitment algorithm can realize load balancing, improve sensing quality, and reduce the cost.

Data-Injection-Proof-Predictive Vehicle Platooning: Performance Analysis With Cellular-V2X Sidelink Communications

The increasing demand for road freight has raised tremendous attention to vehicle platooning, which reduces air resistance and improves fuel economy. To achieve a small and safe spacing between vehicles while ensuring platoon stability, wireless communication assistance is indispensable. However, the imperfection of communication brings degradation of platooning performance (i.e., spacing error) and more possibilities for adversarial attacks. This article proposes a prediction-assisted platooning mechanism from the perspective of performance optimization, wherein each vehicle establishes its local platoon model based on the information received from the communication network, thereby reducing information latency. Then, to secure the system against malicious vehicles, we carry out analysis and design of a detection algorithm for a typical attack type, i.e., the data-injection attack. The detection is based on three indicators: 1) absolute spacing error; 2) spacing prediction error; and 3) acceleration prediction error. The advantages of the novel platooning mechanism and detection algorithm are ultimately demonstrated on a road-traffic simulation platform that considers the imperfection of realistic vehicle perceptions and Cellular-Vehicle-to-Everything (C-V2X) communication.

CARES: Context-Aware Trust Estimation for Realtime Crowdsensing Services in Vehicular Edge Networks

The growing number of smart vehicles makes it possible to envision a crowdsensing service where vehicles can share video data of their surroundings for seeking out traffic conditions and car accidents ahead. However, the service may need to deal with situations like malicious vehicles propagating false information to divert other vehicles to arrive at destinations earlier or lead them to dangerous locations. This article proposes a context-aware trust estimation scheme that can allow roadside units in a vehicular edge network to provide real-time crowdsensing services in a reliable manner by selectively using information from trustworthy sources. Our proposed scheme is novel in that its trust estimation does not require any prior knowledge of vehicles on roads but quickly obtains the accurate trust value of each vehicle by leveraging transfer learning. and its Q-learning-based dynamic adjustment scheme autonomously estimates trust levels of oncoming vehicles with the aim of detecting malicious vehicles and accordingly filtering out untrustworthy input from them. Based on an extensive simulation study, we prove that the proposed scheme outperforms existing ones in terms of malicious vehicle detection accuracy.

Conditional Identity Privacy-preserving Authentication Scheme Based on Cooperation of Multiple Fog Servers under Fog Computing-based IoVs

Internet of vehicles (IoVs) is a variant of vehicular ad hoc network, which provides an efficient communication method for vehicles. However, some traffic messages usually include sensitive identity information, which is easy to bring about the leakage of vehicular identities during data communications. Further, if vehicular identities are fully protected, then it can lead to trusted authority cannot reveal the real identities of malicious vehicles, which incurs more security issues in IoVs. Therefore, in this article, we propose an efficient conditional identity privacy-preserving authentication scheme based on cooperation of multiple fog servers under fog computing-based IoVs, where fog servers are used to verify (authenticate) the legitimacy of vehicles without revealing their real identities. Further, an associated vehicular identity updating mechanism is constructed to solve the problem that some compromised fog servers may leak their stored verification information to pool real vehicular identities. Additionally, a malicious vehicular identity tracing mechanism is proposed to support related fog servers that receive signed false messages can trace the real identities of malicious vehicles. Compared with other related schemes, our scheme further improves its security. Experimental results show our scheme is efficient under fog computing-based IoVs.

ARPVP: Attack Resilient Position-Based VANET Protocol Using Ant Colony Optimization

The position-based routing of Vehicular Ad hoc Network (VANET) vulnerable to various security attacks because of dependency on computing, control, and communication technologies. The Internet of Things (IoT)-enabled VANET application leads to the challenges such as integrity, access control, availability, privacy protection, non-repudiation, and confidentiality. Several security solutions have been introduced for two decades in two categories as cryptography-based and trust-based. Due to the high computation complexity, cryptography-based solutions are outperformed by recent intelligent trust-based mechanisms. The trust-based techniques are lightweight and effective against the well-known security threats in VANET. The objective of this paper has to design a novel position-based routing in which the conduct of vehicles assessed to accomplish reliable VANET communications. Attack Resilient Position-based VANET Protocol (ARPVP) proposed to detect and prevent malicious vehicles in the network using the trust evaluation technique and artificial intelligence (AI). In the first phase of ARPVP, the periodic self-trust assessment algorithm has designed using various trust parameters to detect unreliable vehicles in the network. In the second phase of ARPVP, the position-based route formation algorithm has designed using the AI technique Ant Colony Optimization (ACO). ACO solves the problem of reliable route formation by neglecting the attacker's using a trust-based fitness function. The trust parameters of each vehicle as mobility, buffer occupancy, and link quality parameters had measured in both phases of ARPVP. Simulation outcomes of the proposed model outperformed state-of-art protocols in terms of average throughput, communication delay, overhead, and Packet Delivery Ratio (PDR).

ISC-CPPA:Improverd-Security Certificateless Conditional Privacy-Preserving Authentication Scheme With Revocation

With the development of Internet of Things, communication and computer technology, the significance of realizing vehicular ad hoc networks (VANETs) become more important. Due to wireless communication, VANETs suffer cyber attacks in practice. Many anonymous authentication schemes have been proposed in the literature. Li et al. proposed an efficient authentication scheme called CL-CPPA. However, the proposed scheme failed to realize the claimed un-linkability and anonymity. In this work, we proposed a new certificateless conditional privacy-preserving authentication scheme with an enhanced security guarantee. Specifically, a random number is selected to encrypt the unique tag to ensure anonymity. And our proposed scheme also realizes un-linkability, ensuring that attackers cannot determine whether different messages are sent by the same vehicle. Besides, we present a detailed and efficient revocation mechanism in the proposed scheme. Each RSU has its own private key, when there is a malicious vehicle, RSU will immediately update the private key of current area. Only legitimate vehicles can get the new private key, and malicious vehicle is efficiently revoked from the network. The experiment results show that the proposed scheme solves the above problems with little additional extra calculations.