Upload
foster
View
46
Download
0
Tags:
Embed Size (px)
DESCRIPTION
C hallenges in S ecuring V ehicular N etworks. Outline. Paper Information. Published in Workshop on hot topics of networks ( HotNets -IV) Year: 2005 Authors Bryan Parno , Carnegie Mellon University Adrian Perrig , Carnegie Mellon University. Motivation. Main Contribution. - PowerPoint PPT Presentation
Citation preview
CHALLENGES IN
SECURING VEHICULAR NETWORKS
2
Nile University – WINC - Ahmed Osama
Outline
Paper Information
Motivation
Main Contribution
Paper Overview
SLOW
3
Nile University – WINC - Ahmed Osama
Paper Information
• Published in– Workshop on hot topics of networks (HotNets-IV)– Year: 2005
• Authors– Bryan Parno, Carnegie Mellon University– Adrian Perrig, Carnegie Mellon University
Paper Information Motivation Main Contribution Paper Overview SLOW
4
Nile University – WINC - Ahmed Osama
Motivation
The deployment of vehicular networks is
rapidly approaching and their success and safety will depend on security solutions acceptable to
customers, manufacturers and governments.
Paper Information Motivation Main
Contribution Paper Overview SLOW
5
Nile University – WINC - Ahmed Osama
Main Contribution
(1) Analyze the security challenges specific to vehicular networks
Others…(2) Introduce a set of primitives for secure applications(3) Discuss vehicular properties that can support
secure systems.(4) Present two security techniques, entanglement and
reanonymizers, that leverage unique vehicular properties.
Paper Information Motivation Main Contribution Paper Overview SLOW
6
Nile University – WINC - Ahmed Osama
Paper Overview
Vehicular Network challenges
Adversaries
AttacksProperties supporting
security
Security primitives
Paper Information Motivation Main Contribution Paper Overview SLOW
7
Nile University – WINC - Ahmed Osama
Vehicular Network challengesAuthentication versus privacy
Availability
Low tolerance for errors
Mobility
Key Distribution
Incentives
BootstrapPaper Information Motivation Main Contribution Paper Overview SLOW
8
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Authentication versus privacy
Paper Information Motivation Main Contribution Paper Overview SLOW
We want to prevent one vehicle from claiming to be hundreds in order to create the illusion of a congested road “So need to assign a single identity” But Most drivers would reject a system that reveal their privacy
9
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Availability
Paper Information Motivation Main Contribution Paper Overview SLOW
For many applications, vehicular networks will require real-time, or near real-time, responses as well as hard real time guarantees
But attempts to meet real-time demands typically make applications vulnerable to Denial of Service (DoS) attacks
I am decelerating
Dummy
Packets
“Prevent real packet from being processed”
10
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Low tolerance for errors
Paper Information Motivation Main Contribution Paper Overview SLOW
Many applications use protocols that rely on probabilistic schemes to provide security
However, given the life-or-death nature of many proposed vehicular applications, even a small probability of error will be unacceptable
11
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Mobility
Paper Information Motivation Main Contribution Paper Overview SLOW
For vehicular networks, mobility is the norm, and it will be measured in miles, not meters, per hour.
Since two vehicles may only be within communication range for a matter of seconds, we cannot rely on protocols that require significant interaction between the sender and receiver.
Transient neighborhoodMany neighbors will only be encountered once, everMakes reputation-based systems difficult
12
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Key Distribution
Paper Information Motivation Main Contribution Paper Overview SLOW
First, vehicles are manufactured by many different companies, so installing keys at the factory would require coordination and interoperability between manufacturers
Unfortunately, in the U.S., most transportation regulation takes place at the state level, again complicating coordination.The federal government can impose standards, but doing so would require significant changes to the current infrastructure for vehicle registration, and thus is unlikely to occur in the near future; What about Egypt?
13
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Incentives
Paper Information Motivation Main Contribution Paper Overview SLOW
Law-enforcement agencies would quickly embrace a system in which speed-limit signs broadcast the mandated speed and vehicles automatically reported any violations. What about Customers?
Conversely, consumers might appreciate an application that provides an early warning of a police speed trap. Manufacturers might be willing to meet this demand. What about authorities?
14
Nile University – WINC - Ahmed Osama
Vehicular Network challenges
o Bootstrap
Paper Information Motivation Main Contribution Paper Overview SLOW
Initially, only a small percentage of vehicles will be equipped with DSRC radios and little infrastructure will exist to support them. Thus, in developing applications for vehicular networks, we can only assume that a few other vehicles are able to receive our communications, and the applications must provide benefits even under these limited conditions
15
Nile University – WINC - Ahmed Osama
Adversaries• Greedy drivers
16
Nile University – WINC - Ahmed Osama
Adversaries• Greedy drivers• Snoops• Pranksters• Industrial Insiders• Malicious Attackers
17
Nile University – WINC - Ahmed Osama
Attacks
• Denial of Service (DoS)– Overwhelm computational or network capacity– Dangerous if users rely on the service
• Message Suppression Attacks– Drop congestion alerts
• Fabrication– Lie about congestion ahead or lie about identity
• Alteration Attacks– Replay transmissions to simulate congestion
18
Nile University – WINC - Ahmed Osama
Some Vehicular Properties Support Security
• Controlled Access– Toll roads and many bridges have controlled entry
and exit points.• Regular Inspections
– Most states require annual inspection– Download updates, CRLs, new certificates– Use software attestation to verify vehicle
• Honest Majority– Most drivers prefer not to tinker with their cars
• May void warranty or violate the law– Must protect against worms
• Leverage existing work for PCs• Trusted hardware (e.g., TPMs) may help eventually
19
Nile University – WINC - Ahmed Osama
Some Vehicular Properties Support Security
• Additional input– Presumed intelligent operator at each node– Cannot distract driver, but can still gather or infer data
• E.g., ignored deceleration warning may indicate a false positive• Existing enforcement mechanisms– For many attacks, attacker must be in close physical
proximity– May be sufficient to identify the attacker
20
Nile University – WINC - Ahmed Osama
Security Primitives
• Additional Primitives– Message Authentication – Key establishment
• Secure Aggregation Techniques– Example: counting cars.
• Anonymization Service– Reanonymizers
• Authenticated Localization of Message Origin– Entanglement
21
Nile University – WINC - Ahmed Osama
SLOW
• Strengths– Very Organized
• Limitations• Opportunities– Authentication vs. privacy with group signers
• Weaknesses
Paper Information Motivation Main Contribution Paper Overview SLOW
22
Thank you
ANY QUESTIONS?
F o r w a r d r a d a r
C o m p u t in g p l a t f o r m
E v e n t d a t a r e c o r d e r ( E D R )P o s i t i o n i n g s y s t e m
R e a r r a d a r
C o m m u n i c a t i o n f a c i l i t y
D i s p l a y
(GPS)
Human-Machine Interface