Está en la página 1de 6

Proceedings of the 8

th
INDIACom; INDIACom-2014
2014 International Conference on Computing for Sustainable Global Development, 5
th
7
th
March, 2014
Bharati Vidyapeeths Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA)


Overview on Vehicular Ad hoc Network and Its Security Issues
Ankit kumar
*,
Dr. Madhavi Sinha
**
Research scholar* Associate Professor**
Dept. Department of Computer Science & Engineering
Birla Institute of Technology, Mesra
Jaipur campus,
iita.ankit@gmail.com
*
, madhavisinha@bitmesra.ac.in
**


Abstract Vehicular ad-hoc networks (VANETs) provides
infrastructure less, rapidly deployable, self-configurable
network connectivity. The network is the collection vehicles
interlinked by wireless links and willing to store and forward
data for their peers. As vehicles move freely and organize
themselves arbitrarily, message routing is done dynamically
based on network connectivity. Compared with other ad-hoc
networks, VANETs are particularly challenging due to the
part of the vehicles high rate of mobility and the numerous
signal-weakening barrier, such as buildings, in their
environments. Due to their enormous potential, VANET have
gained an increasing attention in both industry and
academia. Research activities range from lower layer protocol
design to applications and implementation issues. A secure
VANET system, while exchanging information should protect
the system against unauthorized message injection, message
alteration, eavesdropping. The security of VANET is one of
the most critical issues because their information
transmission is propagated in open access (wireless)
environments. A few years back VANET has received
increased attention as the potential technology to enhance
active and preventive safety on the road, as well as travel
comfort. Safekeeping and privacy are mandatory in vehicular
communications for a grateful acceptance and use of such
technology. This paper is an attempt to highlight the problems
occurred in Vehicular Ad hoc Networks and security issues.
I ndex Terms Vehicular ad-hoc networks (VANET),
security, authentication, privacy, non-repudiation,
confidentiality, availability, data trust, attacks, Position based
routing
I. INTRODUCTION

Wireless ad hoc networks (i.e., decentralized networks created
on the fly by hosts located in proximity of one another is no
longer just a research concept. Due to their aptitude to require
minimum effort to setup, ad hoc networks are appropriate for a
wide range of applications, including battlefields
communications and disaster recovery operations. In recent
years, most new vehicles had come already equipped with GPS
receivers and navigation systems. Most of the major car
manufacturer company has already announced efforts to
include significant computing power inside their cars [5, 6] and
Chrysler became the first car manufacturer to include Internet
access in a few of its 2009 line of vehicles [7]. This trend is
expected to be continued in the near future, the number of
vehicles equipped with computing technologies and wireless
network interfaces will increase significantly. These vehicles
will be able to run network protocols that will exchange
messages for safer, entertainment and more fluid traffic on the
roads. Standardization has been already underway for
communication to and from vehicles. Dedicated Short Range
Communication (DSRC) is used as a communication medium
and it operates in the 5.9 GHz frequency band. DSRC is based
on IEEE 802.11a standard and IEEE1609 working group is
being standardized as IEEE802.11p used for vehicular
communication [1]. Nowadays, road traffic activities are one of
the most essential daily routines worldwide. Passenger and
goods transport are crucial for human development. Thus, new
improvements in this area are achieved day by day for better
safety mechanisms, greener fuels, etc. Driving is required
factor of traffic safety, so there is an unambiguous need to
make it safer.
Roadside
base station
Inter-vehicle
communications
Vehicle-to-roadside
communications
Emergency
event


The main goal of VANET is providing safety assurance and
comfort for passengers. Each vehicle installed with VANET
device will be a node in the Ad-hoc network and can accept &
transmit other messages through the wireless network.
Collision alert message, Road signal arms and in place traffic
view will give the driver necessary tool to decide the best path
along the way. VANET or Intelligent Vehicular Ad-Hoc
Networking provides an intellectual way of using vehicular
Networking. With the sharp increase of vehicles on roads in the
Proceedings of the 8
th
INDIACom; INDIACom-2014
2014 International Conference on Computing for Sustainable Global Development, 5
th
7
th
March, 2014


recent years, driving has become more challenging and
dangerous.
II. IMPORTANCE OF SECUIRTY IN VANET AND
ATTACKS

A secure VANET network should have the following
attributes: authentication, availability, confidentiality, data
integrity, non-repudiation, and Access Control.

AUTHENTICATION: It is the verification of a vehicle's
identity prior to granting access to the vent network. It can be
considered as the first line of defense against intruders. In
safety application, trust is important. Authentication ensures
that a message is testable by correctly identifying the sender of
the message. With ID authentication the receiver is able to
verify a unique ID of the sender. The ID is to be the license
plate or the chassis identifier of the vehicle. In other cases,
receivers are not interested in the actual identity of nodes. They
are satisfied if they are able to verify that the sender has a
certain property. Property authentication is a security
requirement that allows verifying properties of the sender, e.g.
that the sender is a car, a traffic sign etc. For applications using
location information, location authentication allows to verify
that the sender is actually at the claimed position, or that the
message location claim is valid.
Threat to authentication:
1. SYBIL ATTACK
In Sybil attack, the attacker sends multiple messages to
other vehicles and each message contains the different
fabricated source identity (ID). It provides an illusion to
another vehicle by sending some wrong messages like traffic
jam message [3, 4]. Fig 5 explains Sybil attack in which the
attacker creates multiple vehicles on the road with the same
identity. The objective is to enforce other vehicles on the road
to leave the road for the benefit of the attacker.








Fig:2.0 Sybil Attack
1. Node Impersonation attacks:
In VANET all vehicles have the unique identification based on
which they are identified in the VANET network. It becomes
more important when an accident happens. In node
impersonation attack, an attacker can change his/her identity
and acts like a real originator of the message. An attacker
receives the message from the originator of the message and
changes the contents of the message for his/her benefits. After
that an attacker sends this message to the other vehicles [2].



Fig 2.0: Node Impersonation Attack

3. Message suppression
In this attacker can selectively caste the packet from the
network, which may contain significant information required
by the receiver [6]. An attacker might remove the congestion
alerts it receives in order to prevent the nodes to select an
alternative path to the destination and force them to wait in
traffic. Later this could be more lucrative for the attacker. The
attacker may use these packets again later to get. The main
objective of the attacker is being to prevent the authorities and
RSU to know about the collision.
Availability: It is the proportion of time that a system is in a
functioning state. In safety applications as post-crash warning,
the wireless channels availability is mandatory so that
approaching vehicles can still receive the warning messages. If
the radio channels go out (e.g. Jamming by an attacker), then
the warning cannot be broadcast and the application itself
becomes useless. Hence a high availability of communication
systems is critical.
THREATS TO AVAILABILITY:
1. Denial of service (dos) attack:
In DOS the main objective is to prevent the legitimate users
from accessing the network services and from network
resources. VANETs consist of numerous key elements the most
important of them is road-side units (RSUs) positioned on the
sides of the road and on-board units (OBUs) with which
vehicles are equipped with. The distribution of safety-related
information (such as turn warnings, speed limit information
and so on) is a splendid application of VANET. Since safety
information may contribute to the survival of people driving
the vehicles participating in VANET, security is of crucial
importance to the system.









Fig 2.0 shows the whole scenario when the attacker A
Overview on vehicular Ad-hoc Network and Its Secuirty Issue

launches DOS attack in vehicular network and Jams the whole
communication medium between V2V and V2I. As a result,
authentic users (B, C, and D) cannot communicate to each
other as well as with infrastructure [8].
2. Distributed denial of service (ddos) attack:
DDOS attack is more severe than DOS attack as it is
distributed in a manner to launch the attack. In this the attacker
uses at a different location to launch the attack. The user may
launch different time slot to launch the attack. The time slot
and the attack nature of the vehicle may be different in nature,
it totally depends on the vehicle the main objective is to down
the network so the network will not be available for the users
[2]. There are two types of DDOS attacks which are given
below:
A. VEHICLE TO VEHICLE











Fig. 3 explains the vehicle to vehicle (V2V) DDOS attack
scenario in which attackers (B, C, D) launch DDOS on vehicle
A.
B. VEHICLE TO INFRASTRUCTURE (RSU)












Fig. 4: DDOS ATTACK
DDOS attack for infrastructure where three attackers (B, C, D)
in the network and launch attacks on the infrastructure from
different locations. Vehicles (A, E) in the network want to
access the network, then the infrastructure is overloaded.
Black Hole:
In this attack vehicle refuses to participate in the network or
when an established vehicle connection drops out to form a
black hole. In this attack all the data and packet are redirected
to a specified vehicle while existence is not available. Attacker
vehicle may choose the malicious code to whether to drop a
packet to perform a denial-of-service attack or to use its place
on the route as the first step in a man-in-the-middle attack.

Malware attacks:
Malware attacks are just like viruses as viruses in VANET
which hampers the normal operation of the network. VANET
gets infected by these attacks normally when there is software
updates in VANET units or RSU [1].

CONFIDENTIALITY
Confidentiality is the assurance that the data could not have
been accessed by any other vehicles than the designated
recipient for whom it was meant; thus insuring that the data
was untouched until the reception. Confidentiality is generally
achieved by cryptography techniques in VANET network.

ATTACK ON CONFIDENTIALITY:
Eavesdropping:
It is the most important attack over the VANET network
against confidentiality. To perform this attack, attackers can be
a vehicle (stopped or in movement) or in a false RSU they
show that they are the part of the network. Their goal is to
illegally get access to confidential data.
Man in the middle attack:
As the name suggests the attacker sits in the midst of the two
communicating vehicles and launch this attack. In this attacker
control all the communication between the sender and the
receiver, but communicating vehicles assume they are directly
communicating with Each other [3]. In mime attacker listen the
communication between the vehicles and inject false or
modified message between the vehicles.
Home attack
In this attacker take control of the user vehicle by connecting to
the internet. The three different approaches the attacker can use
for home attack [3].
a. In this attacker take over the control of software (AU or
OBU) of the used vehicle. Then he can generate some wrong
message to the network.
b. In this attacker take over the control of sensor of the used
vehicle. Then he can change the behavior of the sensor
according to his need.
c. In this attacker take over the control of hardware (ECU) of
the used vehicle. Then he can change increase or decrease the
speed of the vehicle.

Social attack
The basic idea of the attack is to confuse and bedazzle the
victim by sending unethical and unmoral message so that the
driver gets disturbed. The legitimate user reacts in an annoyed
manner after getting such kind of messages which is the main
objective of the attacker [9]. It affects the driving of the vehicle
which indirectly creates the problem in the network.
Data integrity:
It is the assurance that the content of the data was not modified
while in transit. It differs from confidentiality in the sense that
it allows for detection of data modifications.

Attack to Data Integrity:-
Proceedings of the 8
th
INDIACom; INDIACom-2014
2014 International Conference on Computing for Sustainable Global Development, 5
th
7
th
March, 2014


Bogus information:
In this attack, the attacker belongs to outsider/intruder or
insider/legitimate user. The attacker broadcast false
information on the vehicle network to affect the decisions of
other vehicles by spreading the false information in the
network [11].
Non-repudiation: It is the verification that the data was sent
with vehicle credentials so that without denial or repute the
data can be associated with the senders vehicles. Non-
repudiation aims to avoid one entity to deny having done some
action. The most common examples in computer networks are
related to sending some information (NRO, Non-repudiation of
Origin) or receiving it (NRR, Non-repudiation of Receipt).
However, both services are different by nature and so are their
implementing mechanisms in VANETs.
Access Control: it means that vehicles can access which type
of resource and what permission user has. Access control is
necessary for applications that distinguish between different
access levels a node or infrastructure component [7]. This is
established through specific system-wide policies, which
specific what each node is allowed to do on the network. For
instance, an authorized garage may be allowed to fully access
wireless diagnostics, whereas other parties may only be granted
limited access. Another form of access control can be the
exclusion of misbehaving nodes (e.g. by an intrusion detection
system using a trust management scheme) from the VANET by
certificate revocation or other means.
Attack to Access Control:-
ID Disclosure
It is a passive attack. In this attacker send the malicious code to
the neighbors of the target node and collects the required data.
They take the ID of the target node and its current location.
Due to this target vehicles ID will be disclosed and they lose
their privacy [1]. In this global observer can access their data
by monitoring the route of the target vehicle. For this purpose
attacker can use the RSU (Road Side Unit). E.g. rental
companies use this approach to keep track of their vehicle
movement. Each of these attributes brings its network
requirements whose balance and compromises make network
security challenging.

Table: 1-Analysis of different attack possible in VANET
network by different researcher

Table: 2-Analysis of need of Security In VANET Network

THE PROPOSED FRAMEWORK TO PROVIDE
SECURITY IN VANET NETWORK
In a life critical situation like an accident a particular vehicle
can communicate with another vehicle and infra to inform them
that there is an accident occurred in a particular way or the
path. The problems with this type (V2V) communication are
following:
There may be an attacker who can send false alert messages to
another car or Infra.
Integrity of the message
Latency of the message (large amount of time taken in a
message communication)
There may be a condition of privacy attack (drivers path,
confidential information etc.)
Let there is a car A which wants to send a message in an
accidental condition. The steps are:
It will create the dual signature by using SHA-1 (for hashing).
Since SHA-1 is irreversible so no one can retrieve the messages
in reverse processing and then encrypt the message with the
private key of A.



Overview on vehicular Ad-hoc Network and Its Secuirty Issue


3. After creation of dual signature the four Accidental
message + Message digest of the Drivers Privacy
(DPMD) + Dual Signature + Pub key certificate of A
is again encrypted with AES-128 bit keys. The result is
an encrypted message.
4. AES-128 keys are encrypted with Public Keys of B
(Receivers Car). The result is key envelop.
5. At the side B got the AES-128 bit keys by decrypting
the key envelop with the help of its private key. Then
again decrypt the encrypted message with AES-128 bit
keys and got the four Accidental message + Message
digest of Drivers privacy (DPMD) + Dual Signature +
Pub key certificate of A. Then it will again hash the
accidental message and perform a combined hash with
DPMD the result is DPAMD.
6. Dual signature is decrypted with a Public key
certificate of A and the result is DPAMD.
7. Compare both DPAMD.

A. If they match means there is no alteration of
the message. The integrity of the message is
achieved.
B. There is no leakage of drivers private
information because we are using SHA-1
which is irreversible.
C. Since the messages are using public key and
private key for sign so there is no such fake
attack because these keys are assigned by a
trusted certification authority.
D. All operations are performed on On Board
Units (OBU). So there is no latency.
ALGORITHM FOR CALCULATING THE DPAMD
VALUE

Generating keys have two phases. The first phase of the
algorithm is in choosing parameters:
Choose a hash function H. Output hash function application
can be truncated to size chosen pairs of keys.
We have taken the length of the key are L and N.
We have taken a prime number of N bits.
N the value of N must be equal or less than to the length of
g.The result of applying the hash function.
Choose a prime number p of L -bit MOD e so that p -1 to be a
multiple of q
We have chosen g in such a way that, a number whose
multiplicative order MODULO p is q. It is set by choosing g =
h (p -1) / q MOD p for arbitrary h (1 < h <p -1) (check again if
the result is equal to 1). Usually h = 2.
The second phase of the algorithm computes the public key and
private key for a user specifically:
Choose a random number x with the property 0 < x < q.
Calculate y = POW (g, x) MOD p
The public key is equal to the (p, q, g, y).
Now we take the private key x.

ALGORITHM FOR SIGNING THE MESSAGE
CONSISTS OF THE FOLLOWING:

Consider the hash function H and m message
Generate a random value k for each post
0 <k < q Compute r = (POW (g, k) MOD p) MOD q
Calculates = (k-1 (H (m) + x * r)) MOD q
Recalculate signature if r = 0 and s = 0 the signature is (r, s)
Signature accepting if at least one of the conditions 0 <r <q
and 0 <s <q is not being satisfied
Compute w = (s) -1MOD q
Compute u1 = (H (m) *w) MOD q
Calculate u2 = (r*w) MOD q
Compute v = ((POW (g u1) * by u2) MOD p) MOD q signature
is valid if v = are
The proof of correctness of the algorithm can be done as
follows: first time, if g = h (p-1) / q MOD p then it follows that
g q h (p-1) 1 (MOD p) according to Little Fermat
Theorem
Fermat. How g> 1 and q is prime, g have the same order of q

ALGORITHM USED FOR CREATING THE DIGITAL
SIGNATURE:

N=P*Q, where P & Q are two large different prime Numbers.
(P, Q) = (P-1) * (Q-1)., where is a function. , it's the
number of numbers less than or equal to x which are also co-
prime to it. For any given prime p, every number less than itself
is co-prime to it, which means (P) =P1. If you're
wondering about why (1) =1, well, GCD (X, 1) =1 is the
definition of co-prime, including for 1 itself
GCD (E, (P, Q)) =1, where value of E: 1<E< (P,Q).
Proceedings of the 8
th
INDIACom; INDIACom-2014
2014 International Conference on Computing for Sustainable Global Development, 5
th
7
th
March, 2014


Calculate Value of D, such that D*E=1MOD (P, Q).
Encryption; C= (T*E) MOD N and T=C*D MOD N.
Fermat's little theorem states that A*P=A*MOD (P) an
alternative, equivalent definition is that AP1=1MOD (P).
A (N) =1 MOD N

CONCLUSION:
Securing VANETs is becoming increasingly important given
universal deployment and adoption by the transportation sector.
Many security challenges still remain to be solved to support
and enable a highly secure VANET infrastructure and secure
VANET communications. In this work we have analyzed the
attacks that VANETs can be subjected to. We have focused on
the different security issues.We have identified that may be
launched on VANETs and the corresponding security solutions
in the VANET to mitigate those attacks.



REFERENCES
[1] Carlos J. Bernardos, Ignacio Soto, Maria Calderon,
VARON: Vehicular Ad hoc Route Optimisation for NEMO,
Computer Communication 30 (2007) 1765-1784

[2] D. Boone, M. Franklin, Identity-based encryption from the
Weil pairings, Advances in Cryptology-Crypto 2001, LNCS
2139, pp. 213-229.

[3] Manik Lal Das, Ashutosh Saxena, Ved P. Gulati and
Deepak B. Phatak, A novel remote user authentication scheme
using bilinear pairings, Computers & Security, Volume 25,
2006, pp. 184-189.

[4] Churn-Ta Li, Min-Shiang Hwang, Yen-Ping Chu, A
Secure and Efficient Communication Scheme with
Authenticated Key Establishment and Privacy Preserving for
Vehicular Ad Hoc Networks, Computer Communications 31
(2008), pp. 2803-2814.

[5] Chih-Yin Lin, Tzong-Chen Wu, Fangguo Zhang, Jing-Jang
Hwang, New identity-based society oriented signature
schemes from pairings on elliptic curves, Applied
Mathematics and computation 160 (2005) 245-260
[6] Yi-Wei Lu, L Wu, Electronic payment systems by group
blind signatures, . ethesys.yuntech.edu.tw, 2003.
[7] KG Paterson, ID-based signatures from pairings on elliptic
curves, Electronics Letters, Volume 38, Issue 18, 29 Aug
2002 Page (s): 1025 1026

[8] Klaus Pll, Hannes Federrath, A privacy aware and
efficient security infrastructure for vehicular ad hoc networks,
Computer Standard & Interfaces, Volume 30, Issue 6, August
2008, Pages 390-397

[9] M. Raya, J. P. Hubaux, Security aspects of inter-vehicle
communications, Proceedings of the 5th Swiss Transport
Research Conference (STRC), 2005.

[10] M. Raya, J. P. Hubaux, The security of vehicular ad hoc
networks, Proceedings of the 3rd ACM workshop on Security
of ad hoc and sensor networks, 2005, pp. 11-21.

[11] M Raya, D Jungels, P Papadimitratos, I add, JP,
Certificate Revocation in Vehicular Networks, Laboratory
for Computer Communications and Applications (LCA),
School of Computer and Communication Sciences, EPFL,
Switzerland, LCA-Report-2006-006

[12] Maxim Raya, Jean-Pierre Hubaux, Securing vehicular ad
hoc networks, Journal of Computer Security, 15, 2007, pp. 39-
68

[13] Narn-Yih Lee, Chien-Nan Wu, Chien-Chih Wang,
Authenticated multiple key exchange protocols based on
elliptic curves and bilinear pairings, Computers and Electrical
Engineering, Volume 34, Issue 1, January 2008, Pages 12-20.

[14] Neng-Wen Wang, Yueh-Min Huang, Wei-Ming Chen, A
novel secure communication scheme in vehicular ad hoc
networks, Computer Communications, Volume 31, Issue 12,
30 July 2008, Pages 2827-2837.