Security in Vehicular Networks
Description
This book serves as a guide for students, developers and researchers who are interested in vehicular networks and the associated security and privacy issues. It facilitates the understanding of the technologies used and their various types, highlighting the importance of privacy and security issues and the direct impact they have on the safety of their users. It also explains various solutions and proposals to protect location and identity privacy, including two anonymous authentication methods that preserve identity privacy and a total of five schemes that preserve location privacy in the vehicular ad hoc networks and the cloud-enabled internet of vehicles, respectively.
More details
Other editions
Additional editions
Persons
Leila Benarous is an associate professor in the Computer Science department and a researcher at LIM Laboratory, University of Laghouat, Algeria. She is also an associate member of UPEC-LiSSi-TincNET Research Team, France.
Salim Bitam is a professor of Computer Science and vice rector responsible for post-graduation training and scientific research at the University of Biskra, Algeria. His main research interests include vehicular networks, cloud computing and bio-inspired methods.
Abdelhamid Mellouk is currently the director of IT4H High School Engineering Department, a professor at the University of Paris-Est Créteil (UPEC) and Head of UPEC-LiSSi-TincNET Research Team, France. He is the founder of the Network Control Research and Curricula activities in UPEC, the current co President of the French Deep Tech Data Science and Artificial Intelligence Systematic Hub, member of the Algerian High Research Council (CNRST) and an associate editor of several top ranking scientific journals.
Content
Preface xi
List of Acronyms xiii
Introduction xix
Chapter 1 Vehicular Networks 1
1.1 Introduction 1
1.2 Motivation by numbers 2
1.3 Evolution 3
1.4 Architecture 4
1.5 Characteristics 5
1.6 Technical challenges and issues 6
1.7 Wireless technology 7
1.8 Standards 7
1.8.1 IEEE WAVE stack 8
1.8.2 ETSI standards 9
1.8.3 The 3GPP standard 9
1.9 Types 10
1.9.1 The autonomous vehicle (self-dependent) 10
1.9.2 VANET 11
1.9.3 Vehicular clouds 11
1.9.4 Internet of vehicles 12
1.9.5 Social Internet of vehicles 14
1.9.6 Data named vehicular networks 15
1.9.7 Software-defined vehicular networks 15
1.10 Test beds and real implementations 16
1.11 Services and applications 17
1.12 Public opinion 19
1.13 Conclusion 20
Chapter 2 Privacy and Security in Vehicular Networks 21
2.1 Introduction 21
2.2 Privacy issue in vehicular networks 22
2.2.1 Types 23
2.2.2 When and how it is threatened? 24
2.2.3 Who is the threat? 24
2.2.4 What are the consequences? 24
2.2.5 How can we protect against it? 25
2.3 State-of-the-art location privacy-preserving solutions 28
2.3.1 Non-cooperative change 28
2.3.2 Silence approaches 28
2.3.3 Infrastructure-based mix-zone approach 28
2.3.4 The cooperation approach (distributed mix-zone) 36
2.3.5 Hybrid approach 36
2.4 Authentication issues in vehicular networks 49
2.4.1 What is being authenticated in vehicular networks? 49
2.4.2 Authentication types 50
2.4.3 How does authentication risk privacy? 51
2.5 Identity privacy preservation authentication solutions: state of the art 52
2.6 Conclusion 54
Chapter 3 Security and Privacy Evaluation Methodology 55
3.1 Introduction 55
3.2 Evaluation methodology 58
3.2.1 Security 58
3.2.2 Privacy 66
3.3 Conclusion 74
Chapter 4 The Attacker Model 75
4.1 Introduction 75
4.2 Security objectives 76
4.3 Security challenges 78
4.4 Security attacker 79
4.4.1 Aims 80
4.4.2 Types 80
4.4.3 Means 81
4.4.4 Attacks 82
Contents vii
4.4.5 Our attacker model 85
4.5 Conclusion 90
Chapter 5 Privacy-preserving Authentication in Cloud-enabled Vehicle Data Named Networks (CVDNN) for Resources Sharing 91
5.1 Introduction 91
5.2 Background 92
5.2.1 Vehicular clouds 92
5.2.2 Vehicular data named networks 94
5.3 System description 94
5.4 Forming cloud-enabled vehicle data named networks 95
5.5 Migrating the local cloud virtual machine to the central cloud 97
5.6 Privacy and authentication when using/providing CVDNN services 97
5.6.1 The authentication process 98
5.6.2 The reputation testimony 100
5.7 The privacy in CVDNN 102
5.8 Discussion and analysis 103
5.8.1 The privacy when joining the VC 103
5.8.2 Privacy while using the VC 106
5.9 Conclusion 106
Chapter 6 Privacy-preserving Authentication Scheme for On-road On-demand Refilling of Pseudonym in VANET 109
6.1 Introduction 109
6.2 Network model and system functionality 111
6.2.1 Network model 111
6.2.2 The system functionality 113
6.3 Proposed scheme 114
6.4 Analysis and discussion 119
6.4.1 Security analysis 119
6.4.2 Burrows, Abadi and Needham (BAN) logic 124
6.4.3 SPAN and AVISPA tools 126
6.5 Conclusion 129
Chapter 7 Preserving the Location Privacy of Vehicular Ad hoc Network Users 131
7.1 Introduction 131
7.2 Adversary model 133
7.3 Proposed camouflage-based location privacy-preserving scheme 133
7.3.1 Analytical model 135
7.3.2 Simulation 136
7.4 Proposed hybrid pseudonym change strategy 141
7.4.1 Hypothesis and assumptions 141
7.4.2 Changing the pseudonyms 142
7.4.3 The simulation 145
7.5 Conclusion 148
Chapter 8 Preserving the Location Privacy of Internet of Vehicles Users 151
8.1 Introduction 151
8.2 CE-IoV 153
8.3 Privacy challenges 156
8.4 Attacker model 157
8.5 CLPPS: cooperative-based location privacy-preserving scheme for Internet of vehicles 158
8.5.1 Simulation 159
8.5.2 Comparative study and performance analysis 163
8.6 CSLPPS: concerted silence-based location privacy-preserving scheme for Internet of vehicles 166
8.6.1 The proposed solution 166
8.6.2 Simulation results 167
8.6.3 Comparative study performance analysis 169
8.7 Obfuscation-based location privacy-preserving scheme in cloud-enabled Internet of vehicles 171
8.7.1 The proposition 171
8.7.2 Study of feasibility using game theoretic approach 173
8.7.3 The simulation 174
8.7.4 Analytical model 177
8.7.5 Comparative study 178
8.8 Conclusion 180
Chapter 9 Blockchain-based Privacy-aware Pseudonym Management Framework for Vehicular Networks 181
9.1 Introduction 181
9.2 Background 183
9.2.1 Public key infrastructure (PKI) 183
9.2.2 Vehicular PKI 185
9.2.3 Blockchain technology 185
9.2.4 Blockchain of blockchains 190
9.3 Related works 191
9.3.1 Blockchain-based PKI 191
9.3.2 Privacy-aware blockchain-based PKI 191
9.3.3 Monero 191
9.3.4 Blockchain-based vehicular PKI 192
9.4 Key concepts 192
9.4.1 Ring signature 192
9.4.2 One-time address 194
9.5 Proposed solution 195
9.5.1 General description 195
9.5.2 Registration to the blockchain 196
9.5.3 Certifying process 196
9.5.4 Revocation process 197
9.5.5 Transaction structure and validation 197
9.5.6 Block structure and validation 200
9.5.7 Authentication using blockchain 201
9.6 Analysis 202
9.7 Comparative study 206
9.8 Conclusion 206
Conclusion 211
References 215
Index 229
Introduction
I.1. Introduction
Vehicles are continuously evolving, from a simple means of transport to a powerful computer on wheels. The overwhelming concerns about reducing road causalities and protecting the environment are pushing researchers and the industry to develop smart vehicles that are safer and more eco-friendly. Extending the Internet and networking concepts to the road is becoming a necessity rather than a luxury.
Vehicular networks (VNs) are formed by vehicles, road infrastructures, on-road devices and sensors. They were originally created to safeguard on-roads users and reduce the number of accidents and casualties. They are now developed to provide high-quality infotainment services. The broadcast of real-time road information such as construction work, traffic, accidents, weather and road conditions helps road users to easily and safely plan their trips. VNs offer various applications, including autonomous driving. In fact, autonomous driving can be achieved by smart vehicles independently, and can also be realized via VNs, where road data is exchanged over the network to make automatic adaptive driving decisions. The vision of researchers and the industry is not limited to offering on-road safety-related applications, but also aims to extend the Internet infotainment to road-edge. As VNs manage vehicular traffic in a smooth way, they result in reducing fuel consumption and emitted toxins and gases. Therefore, they help in protecting the environment.
However, although VNs are developed to save users' lives and offer them various on-road services, and despite the benefits they bring in protecting the environment, they result in breaching the privacy of road users. This is due to their nature that requires the broadcast of real-time spatio-temporal identifying data. This identifying data can be used to perform profiling and tracking attacks on users. Therefore, security and privacy are two fundamental issues that must be preserved and ensured to safely deploy these networks.
I.2. Motivation
The damage caused by cyber-system security breaches is significant in terms of moral and financial implications, as well as the impact on human life. The technology news reports devastating security violation launched against top high-tech corporations yearly. VNs extend computers and the cyber world to roads. Therefore, fatalities resulting from security and privacy violation on-road are even more tremendous because they are directly related to the user safety.
A vehicle should not be tracked via its on-road cyber activity. Its user's identity should not be known nor extracted from the vehicle's exchanged messages. If a vehicle is successfully tracked from its cyber activity by an attacker, they may learn its driver's routines, parsed trajectories, hideouts and frequented places. The attacker may track (stalk) the vehicle to trade its user's data for profit, out of personal interest or to blackmail the vehicle owner using collected secrets. The consequences of leaking trajectory data about the user may give rise to serious risks, such as planning traffic congestion or accidents along frequented routes. Even worse, a malicious attacker may even execute on-road assassination. To avoid these serious consequences and ensure the safe use of VNs, we concentrated our research on developing security and privacy solutions. These solutions reduce the tracking risks for VN users.
I.3. Objectives
Our research aims to preserve the privacy and security of VN users. More precisely, our interest lies in protecting identity and location privacy as they are interconnected. Exposure of one results in the violation of the other, leading to the aforementioned fatalities. The cause of privacy vulnerability in VNs is the broadcast of periodic state messages needed for safety applications, which are sent wirelessly in clear with high frequency. Moreover, they contain accurate, real-time identity and spatio-temporal information. Their easy interception results in vehicle trajectory tracking. Furthermore, VNs also demand the assurance of non-repudiation (accountability), authentication and revocation of mischievous nodes to maintain their reliability. In fact, these requirements go against privacy demands. Therefore, when developing a solution, both privacy and security requirements should be guaranteed in a balanced way. The existing solutions to protect location privacy use temporal identities known as pseudonyms. These pseudonyms are frequently updated through change strategies aiming to reduce their inter-linkability. Unlinkability between updated pseudonyms also protects location (trajectory) privacy. Moreover, the use of pseudonyms ensures anonymity. Therefore, the majority of existing solutions are designed to protect anonymity and limit linkability to prevent tracking.
Identity privacy may be further exposed if repeatedly used to authenticate the vehicle to infrastructures, authorities and service providers. Consequently, we concentrate on developing privacy-preserving authentication schemes, also known as anonymous authentication methods. While designing these solutions, we intended to make them resilient to security attacks that target VNs, such as Sybil attacks, and authentication systems.
Currently, VNs are authority-based, i.e. vehicle registration and the issuance of certificates are done by the authority. This authority ensures the correct functionality of the network through the revocation of misbehaving nodes and the tracing of honest nodes. This means that privacy is conditional in VNs; it is preserved from other vehicles and exposed to the authority when the vehicle misbehaves and disrupts the functionality of the network. Moreover, the authority provides the vehicle with security parameters, keys, certificates and algorithms. The authority-based system is known as the vehicular public key infrastructure (VPKI). The VPKI is preferred over the self-generated key system because it satisfies the main requirements needed in VNs, such as preventing Sybil attacks, guaranteeing conditional privacy, ensuring non-repudiation and revocation, etc. Therefore, most of the existing solutions for safeguarding privacy in VNs are built over the VPKI.
In the following, we explain the aims of this book:
- - Our first objective is to understand VN characteristics and types, alongside a review of their security issues and sources. Our focus is on authentication and privacy issues.
- - Our second objective is to ensure authentication without any violation of identity privacy. Nevertheless, privacy-preserving authentication methods, also known as anonymous authentication methods, may instigate other security infringements. Being anonymous may enable untraceable network exploitation. It may also disrupt network functioning. Furthermore, it contradicts non-repudiation and revocation requirements. Consequently, when developing anonymous authentication methods, we first thought of how to resolve the issues mentioned above.
- - Our third objective relates to the development of infrastructure, crowd and road-map independent location privacy-preserving schemes for vehicular ad hoc networks. The solutions discussed are pseudonym update strategies, which maintain correct network functionality while reducing linkability. The solutions are designed to protect location privacy, even when used on low density roads where tracking is likely to occur.
- - Our fourth objective is to design location privacy-preserving schemes for Internet of vehicles (IoV) road users. Our target is to reduce the linkability achieved from matching IoV location-based service queries with periodic beacon safety applications. Reducing linkability in turn reduces tracking. Developed solutions must not negatively interfere with network functionality nor cause service interruption.
- - Our final objective is to propose a potential replacement for the central-based VPKI. The VPKI is secure and most of the existing solutions discuss its robustness from the researcher's perspective. However, certificate issuance is most likely to be a paid service. Furthermore, the fact that it is centralized makes it prone to a single point of failure and the target of attacks. Lastly, VPKI deployment costs to cover and satisfy all the needs of the network vehicles' pseudonyms are extremely high. We therefore design a distributed, cost-free blockchain-based pseudonym management framework as a potential replacement for VPKI. This framework ensures the security requirements of authenticity, privacy, non-repudiation, integrity and revocation. It relies on the network nodes (vehicles and infrastructures) to self-generate the pseudonyms and add them to the blockchain. The aim is to decrease the cost of the VPKI, provide a secure, distributed pseudonym management framework and prevent the single point of failure problem.
I.4. Book structure
This book is organized into nine chapters. The first four chapters are dedicated to a literature review. The remaining five chapters are based on some of our past contributions. A brief outline of each chapter is given below.
Chapter 1 aims to clarify the basic concepts related to VNs: their evolution, technology, architecture, characteristics and challenges. It also lists their standards, applications and real-world implementations. This chapter also includes public opinions about these networks. Most importantly, it enumerates the various types of VNs and highlights the key differences between them.
Chapter 2 introduces the reader to the privacy and security issues in VNs;...
