Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security, privacy and protection in different VANET applications Security, privacy and protection in different VANET applications afternoon session Mario.

Published byGodfrey French Modified over 9 years ago

Similar presentations

Presentation on theme: "Security, privacy and protection in different VANET applications Security, privacy and protection in different VANET applications afternoon session Mario."— Presentation transcript:

1 Security, privacy and protection in different VANET applications Security, privacy and protection in different VANET applications afternoon session Mario Gerla

2 Vehicular security tools/techniques Outline Conventional tools, Vehicle-PKI and secure positioning; New tools (e.g., anonymous routing; routing attack; secure incentives; situation awareness; community trust; “trust cloud” of commuters - from the social net proposal) Wormholes in the urban grid Privacy v.s. security trade offs

3 Conventional techniques Tamper-proof device V-PKI Anonymous keys Secure Localization

4 Tamper-proof device Each vehicle carries a tamper-proof device Contains the secrets of the vehicle itself Has its own battery Has its own clock (notably in order to be able to sign timestamps) Is in charge of all security operations Is accessible only by authorized personnel

5 Digital signatures  Symmetric cryptography is not suitable: messages are standalone, large scale, non-repudiation requirement  Hence each message should be signed with a DS  Liability-related messages should be stored in the EDR (event data recorder)

6 VPKI (Vehicular PKI) Each vehicle carries in its Tamper-Proof Device (TPD): A unique and certified identity: Electronic License Plate (ELP) A set of certified anonymous public/private key pairs Mutual authentication can be done without involving a server Authorities (national or regional) are cross-certified

7 The CA hierarchy: two options The governments control certification Long certificate chain Keys should be recertified on borders to ensure mutual certification Vehicle manufacturers are trusted Only one certificate is needed Each car has to store the keys of all vehicle manufacturers

8 Anonymous keys Preserve identity and location privacy Keys can be preloaded at periodic checkups The certificate of V’s ith key: Keys renewed according to vehicle speed (e.g., ≈1 min at 100 km/h) Anonymity is conditional on the scenario The authorization to link keys with ELPs is distributed (say, police + court)

9 Avoiding Big Brother

10 DoS resilience  Vehicles will probably have several wireless technologies onboard  To thwart DoS, vehicles can switch channels or communication technologies  Great market for “Cognitive Radios”

11 Data verification by correlation  Bogus info attack relies on false data  Authenticated vehicles can also send wrong data (on purpose or not)  The correctness of the data should be verified  Correlation can help

12 Security analysis How much can we secure VANETs? Messages are authenticated by their signatures Authentication protects the network from outsiders Correlation and fast revocation reinforce correctness Availability remains a problem that can be alleviated Non-repudiation is achieved because: ELP and anonymous keys are specific to one vehicle Position is correct if secure positioning is in place

13 What PK cryptosystem to use? Available options: RSA Sign: most popular, but largest key size ECDSA (Elliptic Curve): most compact NTRUSign (Nth Truncated Polynomial): fastest in signing and verification… Signature verification speed matters the most Further improvements that can help: Vehicles verify only relevant content Several messages signed with same key

14 Performance comparison

15 Not to scale Performance evaluation ns-2 simulations Two scenarios drawn from DSRC The effect of message size (including the security material) on delay, number of received packets, and throughput is evaluated

16 How msg size affects Delay, …

17 …Number of received packets, …

18 …and Throughput

19 How to securely locate a vehicle

20 Positioning systems Satellites: GPS, Galileo, Glonass(Outdoor, Radio Frequency (RF) – Time of Flight (ToF)) General Systems Active Badge(Indoor, Infrared(IR)), Olivetti Active Bat, Cricket(Indoor, Ultrasound(US)-based), AT&T Lab Cambridge, MIT RADAR, SpotON, Nibble(Indoor/Outdoor, RF-Received Signal Strength), Microsoft, Univof Washington, UCLA+Xerox Palo Alto Lab Ultra Wideband Precision Asset Location System,(Indoor/Outdoor, RF- (UWB)-ToF), Multispectral solutions, Inc.

21 Positioning systems (cont) Ad hoc and sensor nets (no GPS): Convex position estimation (Centralized), UC Berkeley Angle of Arrival based positioning(Distributed, Angle of Arrival), Rutgers Dynamic fine-grained localization (Distributed), UCLA GPS-less low cost outdoor localization(Distributed, Landmark-based), UCLA GPS-free positioning (Distributed), EPFL

22 GPS

23 GPS Security –Example of attack A GPS simulator can send strong fake signals to mask authentic weak signals

24 GPS Security Other vulnerabilities Relaying attack: connects the receiver to a remote antenna Signal-synthesis attack: feeds the receiver with false signals Selective-delay attack: predicts the signal Δt earlier Security solutions Tamper-resistant hardware Symmetric crypto Problem: an authenticated receiver can hack the system Asymmetric crypto Problem: additional delay

25 Distance measurement techniques

26 Attacks on RF and Ultra Sound ToF-based techniques

27 The challenge of secure positioning Goals: preventing an insider attacker from cheating about its own position preventing an outsider attacker from spoofing the position of an honest node Our proposal: Verifiable Multilateration

28 Distance bounding RF distance bounding: – nanosecond precision required, 1ns ~ 30cm – UWB enables clock precision up to 2ns and 1m positioning indoor and up to 2km outdoor US distance bounding: – millisecond precision required,1ms ~ 35cm

29 Distance Bounding (RF) 1993 (Brands and Chaum): to prevent the Mafia fraud attack The Bound = (tr-ts)c/2 > dreal

30

31

32 Conclusion on secure positioning New research area Positioning tout court is not yet completely solved (solutions will rely on GPS, on terrestrial base stations, and on mutual distance estimation) Time of flight seems to be the most appropriate technique More information available at: http://spot.epfl.ch

33 New Tools on VANET Security and Privacy Secure Routing Security Incentives Situation awareness Trust

34 A Secure Ad-hoc Routing Approach using Localized Self-healing Communities Jiejun Kong, Xiaoyan Hong, Yunjung Yi, Joon-Sang Park, Jun Liu, Mario Gerla Computer Science Department University of California, Los Angeles University of Alabama, Tuscaloosa {jkong,yjyi,jspark,gerla}@cs.ucla.edu {jliu,hxy}cs.ua.edu

35 Problem Statement Threats to on-demand routing – Active attack: disruptive Denial-of-service attacks Packet loss, rushing attack, black-hole, gray-hole, wormhole – Passive attack: protocol-compliant Eavesdropper, traffic analyst  anonymous routing needed We will focus on active threats from non-cooperative (selfish or malicious) members (eg, INTRUDERS)

36 Typical On-demand Routing Attacks Most active attacks cause repeated RREQs Excessive RREQ repetitions exhaust network resource – Current mechanism to reduce # of allowed RREQ floods per connection: RREQ rate limit – NOT ENOUGH WHEN ACTIVE ATTACKERS ARE THE BEHIND RREQ “ FLOODS ” RREP & DATA packet DROPS – Caused by rushing attack etc. [Hu et al.,WiSe ’ 03] – THEY Trigger more RREQ floods Source will keep retrying, with repeated RREQ, causing massive congestion!!!!

37 RUSHING ATTACK Describe RUSHING ATTACK WITH ANIMATION Explain Perrig solution here.. source dest

38 Outline Review of current countermeasures Community-based secure routing approach – Strictly localized & w/ clearly-defined per-hop operation – “ Self-healing community ” substitutes “ single node ” Our analytic models – Sub-polynomial model for network security – Stochastic model for mobile networks Empirical simulation verification Summary

39 Other countermeasures (for on-demand routing against active attacks) Cryptographic protections – Cannot stop internal non-cooperative network members; they have the keys [TESLA in Ariadne, PKI in ARAN] Network-based protections – Straight-forward RREQ rate limit [DSR, AODV] Long RREQ interval causes non-trivial routing performance degradation – Multi-path secure routing [Awerbuch,WiSe ’ 02] [Haas,WiSe ’ 03] Not localized, incurs global overhead, expensive Node-disjoint multi-path preferred, but challenging – Perrig solution to rushing (is it also multi path?)

40 Our design Goal: Reduce # of allowed RREQ floods (per connection) to minimum – Ideally, 1 initial on-demand RREQ flood for each e2e connection – In spite of attacks Solution: – Build multi-node self-healing communities to counter non- cooperative packet loss – approach applies to wide range of ad hoc routing protocols

41 Community: 2-hop scenario Explain two hop path … intermediate nodes = community Community leader (to be defined later) community

42 Community: multi-hop scenario community is dynamically reconfigured (self healing) communities source dest

43 Community Based Security (CBS) End-to-end communication between ad hoc terminals Community -to-community forwarding (not node -to-node ) Challenge: adversary knows CBS is operated in the network – It would prevent the network from forming communities – Network mobility etc. will disrupt CBS 0 1 2 3 4

44 Community formation & re-configuration On demand initial configuration – Communities formed during RREP – Simple heuristics: promiscuously overheard 3 consecutive (ACKs of) RREP packets  set community membership flag for the connection Goal revisited: reduce the need of RREQ floods – In spite of non-cooperative packet loss

45 Self-healing community around V formed upon hearing RREP RREQ RREP E  V V E U Community formation around V (Potentially non-cooperative) V ’ s community must be formed at RREP – Else V drops RREP and succeeds – V 1 and V 2 need to know V ’ s “ upstream ” V1V1 V2V2 upstream

46 Protocol details (RREQ, upstream_node, …… ) (RREP, hop_count, …… ) The extra fields can be spared (in DSR or AODV)

47 ACK-based configuration Remove self healing - not an essential attribute communities (if C forwards a correct RREP) source dest C C’ C” B D E communities (C’ and C” not in transmission range & C’ wins)

48 Community Concept helps reduce RREQ in mobile networks How does this work? Proactive re-configuration Each community loses shape due to mobility  End-to-end proactive probing to maintain the shape – PROBE unicast : – PROBE_REP unicast: same as RREP

49 Reconfig in 2-hop scenario (PROBE, upstream, … ) (PROBE_REP, hop_count, … ) “ Unicast probing + take-over ” in use Old community becomes amorphous due to random node mobility etc. S D oldF newF Newly re-configured community Node D's roaming trace

50 Communities help in mobile scenario: multi-hop case Probing message can be piggybacked in data packets Probing interval T probe determined by network dynamics Simple heuristics: Slow Increase Fast Decrease source dest PROBEPROBE_REP

51 Secure Incentives for Commercial Advertisement Dissemination in Vehicular Networks Suk-Bok Lee and Seung Hyun Pan Tutor: Joon-Sang Park Professor: Mario Gerla CS 218 Class Project Fall 2006 Accepted at Mobihoc 2007

52 52/31 Presentation Outline Ad dissemination in VANET Signature-Seeking Drive – Overview – One-level advertising – Multi-level advertising Evaluations Discussion

53 53/31 Ad Dissemination in VANET Commercial Advertising via Car-to-Car communication – Very promising application – High mobility nature of vehicles – Currently proposed scenarios Electronic coupon system, FleaNet, Digital Billboards

54 Advertising in VANET Advertisement Content Ad providers use VANET for disseminating their ads

55 Advertising in VANET Vehicle-Vehicle Communication Vehicle u keeps forwarding this ad for In-N-Out Burger u

56 56/31 Ad Dissemination in VANET In the real world… – Non-cooperative behaviors Selfish users Malicious users – More serious threats… – e.g. DoS attacks (making dummy ads propagate over the network.) Even for “naïve” users – Why should they help forward those commercial ads for the benefit of the business companies?

57 57/31 Vehicular Ad System Concerns in vehicular ad system – Advertisers want to use VANET – From a vehicle users’ viewpoint, the business companies are exploiting vehicle users’ resources for their own profit. Graceful compromise – Advertisers pay for the incentives for users Charges for network resources Or advertising charges

58 58/31 Our framework Signature-Seeking Drive (SSD) – Secure incentives for cooperative nodes – No tamper-proof h/w assumptions – No game theoretic approaches – Leverages a PKI (public key infrastructure) – A set of ad dissemination designs

59 SSD: overview AD I After verifying AD I, Vehicle u may agree to disseminate the ad. Vehicular Authority (VA) Request for Ad permission Certified Ad u Ad Distribution Point (ADP)

60 Signature-Seeking Drive: Overview Vehicle-Vehicle Communication Vehicle u keeps forwarding AD I u Rv AD I v w Rw In return, receiving vehicles v, w provide signed-receipts to u. While driving its way, u may collect as many receipts as it forwards AD I.

61 Signature-Seeking Drive: Overview Rw Rv AD I...... Colleted receipts Receipts are exchangeable with virtual cash at Virtual Cashier (e.g. gas station); a small portion is reserved for each receipt-providing nodes, too. Vehicular Authority (VA) Transaction Record VA charges In-N-Out Burger such virtual cash induced by AD I ’s Charge

62 62/31 Uncooperative Model Selfish nodes – Seek to maximize their own profit Malicious nodes – Try to intentionally disrupt the system We may encourage selfish nodes to participate in the network with an incentive model, yet malicious nodes try to attack the weak point of the model.  Secure incentive !

63 63/31 Ad Dissemination Models One-level advertisement – Local advertising – Most users receive the ad, with reasonable # of forwarding nodes Multi-level advertisement –Intensive advertising over the wide area

64 Notations

65 65/31 One-level advertisement 1. Approval for advertisement ( company I  Vehicular Authority ) 2. Agreement with Ad Distribution Point ( I’s ADP  vehicle u ) Ad permit Voucher ADP provides u with a voucher for u’s exclusive use. The notion of a voucher limits the dissemination to one-level.

66 66/31 One-level advertisement 3. Advertisement Dissemination ( vehicle u  vehicle v ) 4. Receipt Redemption ( vehicle u  Virtual Cashier VC ) Signed receipt Each VC is connected with VA that maintains all the transactions. VC examines whether u has never redeemed u’s voucher for AD I at any other VC before. Voucher Collected receipts Ad permit

67 67/31 Multi-level advertisement Level-free advertisement –No vouchers, any nodes can reuse AD S and cash receipts w/o a voucher –Simple and most intensive method for advertising –Heavy outlay for advertisement, due to too much redundancy Compromise between one-level and level-free: –n-level advertising –Company S sets a limit on the number of propagation levels –Two designs: Hash-chain based, and Onion voucher based.

68 68/31 Hash chain based n-level advertising Contacting with S’s ADP # of levels S setsRandom # by S Advertisement Dissemination (u  v) Advertisement Dissemination (v  x)

69 69/31 Hash chain based n-level advertising Receipt Redemption (x  VC) VC first checks whether n-2 is non-zero and the legitimacy of the corresponding hash value. Weaknesses –No coercive measures for nodes to reduce their permissible levels by 1 –Malicious users can throw any permissible value open to the public

70 70/31 Onion voucher based n-level advertising Contacting with S’s ADP Example of onion voucher Advertisement Dissemination (u  v) Onion voucher for u Onion voucher for v

71 71/31 Onion voucher based n-level advertising Receipt Redemption (x  VC) Example of onion voucher VC checks that # of nodes included in OV is not bigger than n Onion voucher secures n-level dissemination Overhead by three-way handshake x’s Onion voucher

72 72/31 Evaluations Communication cost Storage requirement Computation overhead Analysis –Incentive perspective –Security of Signature-Seeking Drive Simulations on ns-2 –Westwood area (4Km x 4Km) with 1,000 cars –West LA (10Km x 10Km) with 5,000 cars

73 73/31 Communication cost One-level ad message format (utilizing Elliptic Curve Cryptography): –sender’s certificate (84 bytes), ad content (x bytes), ad provider ID (8 bytes), and sender’s signature (28 bytes) on ad permit Total message size = (120 + x) bytes Hash chain based n-level ad message format: –One-level message size + the permissible level value (1 byte) + its corresponding hash value (20 bytes in SHA-1) = (141 + x) bytes Onion voucher based n-level ad message format (of a node in level d): Two separate message due to three-way handshake. First message size = one-level message size = (120 + x) bytes Second message size = Onion voucher (28 bytes) + the certificates included in onion voucher (d x 84) = (d x 84 + 28) bytes Message size mainly depends on ad content size x

74 74/31 Storage requirement One-level ad model (utilizing ECC): –Ad permit (28 bytes), ad content (x bytes), voucher (28 bytes), and K collected receipts (28 bytes) and their corresponding certificates (84 bytes) Total storage requirement = (K x 112 + x + 56) bytes Hash chain based n-level ad model: –One-level storage requirement (excluding voucher) + the permissible level value (1 byte) + its corresponding hash value (20 bytes in SHA-1) = (K x 112 + x + 49) bytes Onion voucher based n-level ad model (of a node in level d): –One-level storage requirement (excluding voucher) + Onion voucher (28 bytes) + the certificates included in onion voucher (d x 84) = (d x 84 + K x 112 + x + 28) bytes Note: each car may have multiple kinds of ads at a time The storage requirement mainly depends on the number of the collected receipts

75 75/31 Computation overhead Ex. vehicle u has 100 neighbors within its communication range, and all the neighbors send out their ads at regular interval of r ms. –Hash chain based n-level ad model: Lower bound of processing time for each incoming ad = verifying time x 2 + signing time = 18.45 ms r ms / 100 > 18.45 ms  interval length > 1.845 sec –Onion voucher based n-level ad model: Due to three-way handshake ad process Lower bound of processing time for each incoming ad & receipt = ad processing time (verifying time x 2 + signing time = 18.45 ms) + receipt processing time (verifying time + signing time = 10.87 ms) = 29.32 ms r ms / 100 > 29.32 ms  interval length > 2.932 sec Note: each car may have multiple kinds of ads at a time The interval for each kind of ad may be multiple times of the above interval.

76 76/31 Upper bound of ad content size For the worst case condition, we set the maximum throughput as 6 Mbps (the minimum data rate in DSRC)

77 77/31 Simulations Running on ns-2 Mobility model from Saha et al. Two scenarios – Westwood area (4x4Km) with 1,000 cars – West LA (10x10Km) with 5,000 cars

78 78/31 Unrealistic aspects in our simulation model Mobility model – No traffic control – Always constant speed – Random starting point and destination for each node – All nodes are always moving within the target area. No parked cars, no newcomers, or cars leaving the area Number of nodes – Too few cars in our simulation model – More than 10,000 cars in Westwood area – More than 5 million cars in LA

79 79/31 Westwood area (4x4Km) with 1,000 cars Ad coverage using varying number of Level 1 nodes Ad coverage by time

80 80/31 Westwood area (4x4Km) with 1,000 cars Number of forwarding nodes Avg. received ads per vehicle

81 The END

Download ppt "Security, privacy and protection in different VANET applications Security, privacy and protection in different VANET applications afternoon session Mario."

Similar presentations

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.

Secure Location Verification with Hidden and Mobile Base Stations -TMC Apr, 2008 Srdjan Capkun, Kasper Bonne Rasmussen, Mario Cagalj, Mani Srivastava.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
FleaNet : A Virtual Market Place on Vehicular Networks Uichin Lee, Joon-Sang Park Eyal Amir, Mario Gerla Network Research Lab, Computer Science Dept.,

FleaNet : A Virtual Market Place on Vehicular Networks Uichin Lee, Joon-Sang Park Eyal Amir, Mario Gerla Network Research Lab, Computer Science Dept.,
1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.

1 Key Management for Vehicular Networks Maxim Raya and Jean-Pierre Hubaux Secure Vehicular Communications Workshop EPFL - 19/05/2015.
Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.

Network Access Control for Mobile Ad Hoc Network Pan Wang North Carolina State University.
A Secure Ad-hoc Routing Approach using Localized Self-healing Communities Jiejun Kong Mario Gerla Jiejun Kong, * Xiaoyan Hong, Yunjung Yi, Joon-Sang Park,

A Secure Ad-hoc Routing Approach using Localized Self-healing Communities Jiejun Kong Mario Gerla Jiejun Kong, * Xiaoyan Hong, Yunjung Yi, Joon-Sang Park,
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #4 Mobile Ad-Hoc Networks AODV Routing.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #4 Mobile Ad-Hoc Networks AODV Routing.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.

Secure Routing in Sensor Networks: Attacks and Countermeasures First IEEE International Workshop on Sensor Network Protocols and Applications 5/11/2003.
Secure and Anonymous Mobile Ad-hoc Routing Jiejun Kong, Mario Gerla Department of Computer Science University of California, Los Angeles August 4, 2005.

Secure and Anonymous Mobile Ad-hoc Routing Jiejun Kong, Mario Gerla Department of Computer Science University of California, Los Angeles August 4, 2005.
Centre for Wireless Communications University of Oulu, Finland

Centre for Wireless Communications University of Oulu, Finland
E-ODMRP: Enhanced ODMRP with Motion Adaptive Refresh Soon Y. Oh, Joon-Sang Park, Mario Gerla Computer Science Dept. UCLA.

E-ODMRP: Enhanced ODMRP with Motion Adaptive Refresh Soon Y. Oh, Joon-Sang Park, Mario Gerla Computer Science Dept. UCLA.
Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.

Key Distribution in Sensor Networks (work in progress report) Adrian Perrig UC Berkeley.
Routing Security in Ad Hoc Networks

Routing Security in Ad Hoc Networks

Similar presentations

Ads by Google