Upload
others
View
7
Download
0
Embed Size (px)
Citation preview
What is AD HOC network?
Introduction to VANET’S
Existing Work
VANET Security Requirements
Attacks and Countermeasures in VANET’S
Conclusion
▪ A type of decentralized network which does not rely on any infrastructure like routers or access points.
▪ Hierarchy of Wireless Ad-hoc Network
Types of nodes:
▪ Roadside Units(RSUs)
▪ Onboard Unit(OBU)
▪ In the last decade, VANETS have attracted a lot of attention in research community because of their varied value added services.
▪ The Researchers mainly focused on three areas.
1)Security Vulnerabilities
2)Classification of Attackers
3)Classification of Attacks
Security Vulnerabilities:
▪ Anonymity
(Hiding physical identity from unauthorized components view).
▪ Key Management
(Key agreement, Key Exchange & management Infrastructure).
▪ Privacy
(Ability of drivers to protect sensitive Information).
Classification of Attackers:
▪ Insider vs. Outsider(Probability of attack)
▪ Malicious vs. Rational(Any aim of attack)
▪ Active vs. Passive (Creating new Packets)
▪ Local vs. Extended(Attacks local or whole network)
Classification of Attacks:
▪ Monitoring Attacks(monitors and tracks)
▪ Social Attacks(Changes the mood of driver.)
▪ Timing Attacks(Adding time slots)
▪ Application Attacks(Applications that provide added services)
▪ Network Attacks(High danger and affects the whole network)
▪ Confidentiality(Only actual receiver can decrypt )
▪ Integrity(Authenticating no msg change by others)
▪ Availability(Available even attacked).
▪ Privacy(Personal information).
▪ Traceability and revocability(able to trace attacker and revoke it).
▪ Non-repudiation(identify problem causing, accident)
▪ Real-time constraints (dynamic)
▪ Low Overhead(time critical)
Sybil Attack:
Vehicle declares to be several vehicles either at the same time or in succession.
Defense against Sybil attack:
Traditional – Registration, Position Verification and Radio Resource Testing - Not appropriate
Public Key Cryptography - Deployment of VPKI is a heavy and must be tested to asses possible utilization in reality.
Localization and detection – Signal detection and knowing the position.
Time Stamp Series:
Main idea is the fact that two vehicles rarely pass through a few different RSUs far apart from each other at the same time.
ROBSAD- (Robust Method Of Sybil Attack Detection):
Idea is based on the differences between the normal and abnormal motion trajectories of legitimate vehicles and malicious vehicles respectively.
Bogus Information and Bush Telegraph:
Defense for Bogus and Bush Telegraph:
▪ ECDSA (Elliptic Curve Digital Signature
Algorithm) – Message authentication scheme
that uses hashing technique to keep messages
more secured and provides strong authentication
for destination vehicles.
▪ The source vehicles hashes the message,
encrypts with secured hashing algorithm and
sent to the destination vehicle and it is
decrypted at the destination.
Impersonation and Masquerade Attack:
The attacker uses MAC and IP spoofing in order
to get identity of other nodes and hide.
Privacy- Conditional Privacy
SPECS- Secure and Privacy Enhancing
Communications Schemes
To protect the identity of each vehicle it uses pseudo-identity and a shared secret key between a vehicle and RSU.
▪ Uses PKI and a Trusted Authority(TA)
Timing Attack:
Adding time slots to the original message.
Defense against timing attack:
TPM(Trusted Platform Module) – Secure hardware with cryptographic abilities and abilities to protect and store data in shielded location.
But it can negatively affect to the performance of network.
GPS Spoofing, Hidden vehicle:
Tunnel Attack:
Defense: Same as Sybil attack
Illusion Attack:
▪ Adversary deceives purposefully the sensors on his car to produce wrong sensor readings and thus incorrect traffic information.
▪ Corresponding system reaction is invoked and then incorrect traffic warnings messages are broadcasted- Illusion Condition created.
Defense for Illusion attack:
▪ Message Authentication and message integrity verification cannot totally defend against illusion attacks.
▪ Plausibility Validation Network (PVN) can be used.
ID Disclosure:
▪ It is a passive attack.
▪ A node in the network discloses the identity of the neighbors, tracks the current location of a target node.
Denial of Service(DOS):
▪ This attack prevent the legitimate user from accessing the network services and from network resources.
▪ DOS attack will occur by jam the channel system so no authentic vehicle will access it
Overwhelm the Node Resources:
Extend level Jamming the Signal:
Distributed Denial of Service Attack(DDOS):
▪ It’s more severe than DOS.
▪ As the number of malicious cars attack on a legitimate car in a distributed manner from different locations and timeslots.
Black Hole Attack:
▪ A black hole is an area where the network traffic is redirected.
▪ It basically means that a node refuses to participate in the network or when an established node drops out.
Wormhole Attack:
▪ It’s a variation of black hole attack.
▪ Here two or more malicious nodes create a tunnel for transmitting data packets
Malware and Spam:
▪ This kind of attack is normally executed by malicious insiders rather than outsiders.
Man in the Middle Attack (MIMA):
▪ The attacker sits in the middle of the two communicating vehicle and launch this attack.
▪ In this type of attacker control all the communication between the sender and the receiver
▪ Safety oriented
▪ Commercial oriented
▪ Convenience oriented
▪ Productive applications.
▪ Risks caused by security attacks are one of the major issues for the VANETS that are hindering the deployment of vehicular ad hoc networks in real time.
▪ We need people in the VANETS community to come up with better security solutions.
▪ We not only need secured communication frameworks but also powerful routing algorithms which can help in detection of malicious vehicles in networks and mitigate them.