survey of vehicular network security
Download
Skip this Video
Download Presentation
Survey of Vehicular Network Security

Loading in 2 Seconds...

play fullscreen
1 / 21

Survey of Vehicular Network Security - PowerPoint PPT Presentation


  • 134 Views
  • Uploaded on

Survey of Vehicular Network Security. Jonathan Van Eenwyk. Contents. Design Issues Certificate-Based Solution Privacy Concerns Data Validation. 1. 2. 3. 4. Design Issues. The Security and Privacy of Smart Vehicles IEEE Security and Privacy, May/June 2004: Hubaux, Čapkun, Luo

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Survey of Vehicular Network Security' - johnna


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
contents
Contents
  • Design Issues
  • Certificate-Based Solution
  • Privacy Concerns
  • Data Validation
design issues
1

2

3

4

Design Issues
  • The Security and Privacy of Smart Vehicles
    • IEEE Security and Privacy, May/June 2004: Hubaux, Čapkun, Luo
  • Attacks on Inter-Vehicle Communication Systems-an Analysis
    • Aijaz, et al (supported by industry)
  • Challenges in Securing Vehicular Networks
    • HotNets-IV: Parno and Perrig
  • Security Issues in a Future Vehicular Network
    • European Wireless, 2002: Zarki, et al
design issues1
1

2

3

4

Design Issues
  • The Security and Privacy of Smart Vehicles
    • IEEE Security and Privacy, May/June 2004: Hubaux, Čapkun, Luo
    • System model
      • Ad-hoc communication between vehicles and base stations
      • Base stations provide services
      • Vehicles provide sensor data
      • Vehicles have more resources than most ad-hoc networks
    • Applications
      • Traffic and safety alerts
      • Travel tips
      • Infotainment (including Internet access)
design issues2
1

2

3

4

Design Issues
  • The Security and Privacy of Smart Vehicles
    • IEEE Security and Privacy, May/June 2004: Hubaux, Čapkun, Luo
    • Challenges
      • Authentication and data encryption
      • Auditing sensor data
      • Privacy (avoid tracking)
      • Infrastructure boot-strapping
      • Negative perception of smart vehicles
design issues3
1

2

3

4

Design Issues
  • The Security and Privacy of Smart Vehicles
    • IEEE Security and Privacy, May/June 2004: Hubaux, Čapkun, Luo
    • Key Features
      • Context sensors (front-end radar, ultra-sound, etc)
      • Event data recorder (i.e., “black box”)
      • Tamper-proof device to handle encrypted transmissions
      • Location detection (GPS or distance bounding)
      • Communication with road-side base stations
certificate based solution
1

2

3

4

Certificate-Based Solution
  • The Security of Vehicular Networks
    • EPFL Technical Report, March 2005: Raya, Hubaux
  • Certificate Revocation in Vehicular Networks
    • LCA Report 2006: Raya, Jungels, Papadimitratos, Aad, Hubaux
certificate based solution1
1

2

3

4

Certificate-Based Solution
  • The Security of Vehicular Networks
    • EPFL Technical Report, March 2005: Raya, Hubaux
    • Attacks
      • Bogus information
      • Message tampering
      • Cheating (data manipulation, impersonation)
      • Identity disclosure for vehicle tracking
      • Denial of service
certificate based solution2
1

2

3

4

Certificate-Based Solution
  • The Security of Vehicular Networks
    • EPFL Technical Report, March 2005: Raya, Hubaux
    • Security Mechanisms
      • Electronic License Plate (post-mortem auditing)
      • Asymmetric encryption using public key infrastructure
        • Large number of anonymous keys (no identity information)
        • Vehicles frequently change keys to avoid tracking
        • Keys can be revoked (more later)
      • Physical layer protection against denial of service
        • Channel switching
        • Implement more than one communication technology
certificate based solution3
1

2

3

4

Certificate-Based Solution
  • Certificate Revocation in Vehicular Networks
    • LCA Report 2006: Raya, Jungels, Papadimitratos, Aad, Hubaux
    • Revocation using Compressed Certificate Revocation Lists (RC2RL)
      • Large number of vehicles, so potentially huge revocation list
      • Lossy compression using Bloom filter
        • Configurable rate of false positives
        • Definitely no false negatives
      • Bit vector of length m
      • Hash a with k hashing functions
      • Each function sets one bit
      • Later, verify membership if all k bits are set as expected
certificate based solution4
1

2

3

4

Certificate-Based Solution
  • Certificate Revocation in Vehicular Networks
    • LCA Report 2006: Raya, Jungels, Papadimitratos, Aad, Hubaux
    • Revocation of the Tamper-Proof Device (RTPD)
      • Send message to vehicle’s TPD to revoke all activity
        • Send to base stations nearest last known location
        • Broadcast over low-bandwidth radio (AM/FM) or satellite
      • Lower overhead approach as long as TPD is reachable
      • Send localized revocation list to surrounding area
certificate based solution5
1

2

3

4

Certificate-Based Solution
  • Certificate Revocation in Vehicular Networks
    • LCA Report 2006: Raya, Jungels, Papadimitratos, Aad, Hubaux
    • Distributed Revocation Protocol (DRP)
      • Vehicles that detect malicious nodes can warn others
      • Requires an honest majority
      • Warnings have lower weight if sending node has also been condemned by other nodes
      • Node 4 condemns node 2
      • But this warning has less weight because node 4 has itself been condemned by nodes 1 and 3

1

4

2

3

privacy concerns
1

2

3

4

Privacy Concerns
  • Balancing Auditability and Privacy in Vehicular Networks
    • Q2SWinet '05: Choi, Jakobsson, Wetzel
  • CARAVAN: Providing Location Privacy for VANET
    • ESCAR '05: Sampigethaya, Huang, Li, Poovendran, Matsuura, Sezaki
privacy concerns1
1

2

3

4

Privacy Concerns
  • Balancing Auditability and Privacy in Vehicular Networks
    • Q2SWinet '05: Choi, Jakobsson, Wetzel
    • Provide privacy
      • From peer-to-peer vehicles
      • From infrastructure authorities
    • Support auditability
      • Linkability between anonymous handles and owner identity
      • Requires off-line permission granting (court order, etc)
privacy concerns2
1

2

3

4

Privacy Concerns
  • Balancing Auditability and Privacy in Vehicular Networks
    • Q2SWinet '05: Choi, Jakobsson, Wetzel
    • Two-Level Infrastructure
      • Back-end (ombudsman)
        • Creates long-term “handle” from node identities
        • Nodes initialized with set of handles
        • Off-line approval can grant identity from pseudonym
      • Front-end (road-side base stations)
        • Uses short-term pseudonyms created from long-term handles
        • Pseudonym and shared key created from handle and timestamp
privacy concerns3
1

2

3

4

Privacy Concerns
  • CARAVAN: Providing Location Privacy for VANET
    • ESCAR '05: Sampigethaya, Huang, Li, Poovendran, Matsuura, Sezaki
    • Provide privacy from vehicle location tracking
    • Proposed Techniques
      • Update pseudonym after random silence period
        • Fixed-interval updates can be tracked by estimating trajectory
        • Silence period obscures nodes if other nodes are present
      • Designate group leader to proxy communications
        • Avoids redundant transmissions
        • Extends length of time to use each pseudonym
data validation
1

2

3

4

Data Validation
  • Probabilistic Validation of Aggregated Data in Vehicular Ad-hoc Networks
    • VANET '06: Picconi, Ravi, Gruteser, Iftode
  • Detecting and Correcting Malicious Data in VANETs
    • VANET '04: Golle, Grenne, Staddon
data validation1
1

2

3

4

Data Validation
  • Probabilistic Validation of Aggregated Data in Vehicular Ad-hoc Networks
    • VANET '06: Picconi, Ravi, Gruteser, Iftode
    • Allow sensor data to be aggregated
    • Use signing certificates to validate data
    • Randomly force one complete record to be included
      • Relies heavily on tamper-proof device
data validation2
1

2

3

4

Data Validation
  • Detecting and Correcting Malicious Data in VANETs
    • VANET '04: Golle, Grenne, Staddon
    • Nodes attempt to identify malicious data via information sharing
      • Nodes detect neighbors and contribute to global database
      • Malicious nodes may contribute invalid or spoofed data
        • May try to fake a traffic jam
      • Friendly nodes build models to explain database observations
        • Is there one malicious node attempting to spoof three other nodes?
        • Are all four nodes malicious?
        • Possible heuristic: choose scenario with fewest bad and spoofed nodes
data validation3
1

2

3

4

Data Validation
  • Detecting and Correcting Malicious Data in VANETs
    • VANET '04: Golle, Grenne, Staddon
    • Example
      • Actual Scenario
      • Possible Explanations
questions
1

2

3

4

Design Issues

Certificate-Based Solution

Privacy Concerns

Data Validation

Questions?
ad