25
CHAPTER 2
LITERATURE REVIEW
2.1 INTRODUCTION
This chapter discusses in detail about the settings involved in
vehicular ad-hoc network with numerous works concentrated by different
authors. A Vehicular Ad-Hoc Network (VANET) is a technology that has
attracted several industries. Security parameters in VANET are now receiving
popularity in the research community. In VANET environment, significant
decision format has to be determined with the problems related to attack
modeling, optimizing response and allotment of defense resources in a wide
manner. However, a single defense mechanism cannot provide solution to the
attack models that are affecting the VANETs. The game theory model is used
as a defense mechanism against sophisticated and complex type of attacks
arising in VANET. With game-theoretic framework, suspicious procedures are
optimized based on the optimal exploitation of traffic organizes and security
framework is investigated both in the urban and rural scenarios regarding
threats posed by malicious nodes.
The security applications help to keep lives move smoothly and
recover traffic conditions during problematic cases. VANET plays a major
role in networks due to their application of ad hoc network technology.
Vehicles are the best part of those networks and their capability is to be
efficiently handled in self organizing networks with no previous knowledge
about the nodes in the network. Their safety altitude is very low and they are
26
highly susceptible components of the network which can be targeted easily.
Hence to provide security in any of the existing methods can also be used by
solving the drawbacks mentioned or noticed in them and the following section
describes the existing methods.
2.2 HEURISTIC-BASED ANT COLONY OPTIMIZATION TO
ENHANCE SECURITY IN VANETs
Security is always denoted with price regarding performance
degradation and it should be determined carefully. Wireless ad hoc networks
(WANETs) normally offer communication among the shared wireless
channel, by not considering or not employing any preceding infrastructure.
Creation of end-to-end secure paths in such WANETs is more demanding
because of lack of central authorities. Its impact on network performance is
not noticed. Chi Zhang et al (2011), depending on common random network
model, the asymptotic behaviors of secure throughput and delay with the
common transmission range are determined. The possibility of neighboring
nodes having a primary security association is also determined when the
network size is adequately large. Normally security has a cost: because all the
communications normally function on secure links and hence there is
deprivation in the network performance. Even when the throughput is zero,
because of the network size is randomly large; there is still a possibility to
form throughput-order-optimal secure WANETs. Thus another author
suggests a different way to provide security.
In wireless networks, wandering of mobile users is high and
authentication to be provided to them is difficult. Daojing He et al (2011)
designed a privacy-preserving universal authentication protocol, named
Priauth. It provides authentication for eavesdroppers and foreign servers;
authentication efficiency is high when session keys are authorized. The
attacker has control against overall communication channels (among user,
27
foreign server, home server), i.e., attacker can intercept, insert, delete, or
modify any message running through the channel. Four types of threats are
normally present in user authentication namely; message en route threat, false
mobile user threat, DoS attack and deposit-case attack. In Priauth, a roaming
user, a foreign server and a home server is engaged to present a demo in order
to contribute authentication. In Priauth, a session key is presented to the
roaming user by the foreign server, in prior to the authentication of roaming
user. In Priauth foreign servers can be verified based on the revocation list
(RL) i.e., whether the roaming user moved from the home server is revoked or
not.
Normally all nodes in the network introduces two forms of traffic,
namely private and open, at rates selected in order to exploit a global utility
function which are subjected to network stability and secrecy constraints. The
secrecy limitation imposes a randomly low mutual information leakage from
the source to all nodes in the network, excluding the sink node. C. Emre
Koksal et al (2013) presented a method to find the obtainable rate regions for
the problem of single and multi-user systems that are to be attained by
considering the nodes having full Channel State Information (CSI) of their
neighbors. A combined flow control namely, scheduling and private encoding
method is also provided. The downside is that no results are found for partial
CSI that are available at each node hence necessary steps are to be taken.
More security problems are handled by wireless networks and the successive
part explains about the security issues in mobile ad hoc networks.
Secure communication in Mobile Ad hoc Networks (MANETs) can
be obtained based on the applications that are running in the networks and
they must be synchronized by correct communication policies. Policy
enforcement in MANETs is a great issue because they are in need of the
infrastructure and believed that entities meet in traditional distributed systems.
28
Hence, Gang Xu et al (2011) presented a plan and execution of a policy
enforcing mechanism is done using Satem, a kernel-level trusted execution
monitor was formed based on Trusted Platform Module. Two different
applications running on diverse nodes may involve in communication only if
those nodes implement the same set of policies for the application and the
fundamental protocols used by the application. Nodes are able to model
trusted application-centric networks by following the above mentioned way.
In accordance to allowing a node to mingle in such a network, Satem checks
for its honesty of enforcing the required set of policies. Satem safeguards the
policies and the software enforces the policies from being damaged. If any of
the policies are compromised, then Satem detaches the node from the
network. Authentication can be provided to user specifically, so there will be
minimized security problems.
High securities MANETs are to be secured and for that a
prevention-based method called continuous user authentication are employed.
Intrusion detection systems (IDSs) are also vital in MANETs to successfully
detect mischievous activities. The optimal method can be gained by
combining continuous user authentication and IDSs in a distributed manner,
but the difficulty caused is denoted as a Partially Observable Markov
Decision Process (POMDP) multi-armed bandit problem. So, Shengrong Bu
et al (2011) proposed a structural result method to crack the problem for a
large network with a variety of nodes. The policies resulting from structural
outcomes are simple to execute in practical MANETs. The system
performance from the structural results method is equal to the value iteration
algorithm which is calculated on the basis of lower computational complexity.
More node states such as mobility and wireless channels are to be considered
in making the scheduling decisions in MANETs and it has not happened in the
proposed method.
29
Thus methods used in MANETs to provide security are more
refreshing and the security problem is also faced by Vehicular Ad hoc
Networks (VANETs), hence necessary steps are needed to be taken to provide
full security. Vehicular communication networking is mostly important to aid
road safety, to handle traffic and infotainment propagation for drivers and
passengers. Xiaodong Lin et al (2008) made a review on the current
standardization process that denotes the approaches which offer security
services and safeguard driver privacy for Wireless Access in Vehicular
Environments (WAVE) applications. Two primary problems namely,
certificate revocation and conditional privacy preservation are addressed by
the author to make the standards practical. Protected certificate revocation and
provisional privacy preservation can be obtained by employing a group of
new security methods as well as by using a Public Key Infrastructure (PKI).
Congestion control problems may also lack in providing security in VANET.
The cooperative vehicular ad-hoc networks needs the design of
efficient congestion control policies that assure for stable and reliable
communications among vehicles and infrastructure nodes. The policy must
decrease the load on the communications channel, while fulfilling the strict
application’s reliability requirements. Hence, Miguel Sepulcre et al (2011)
designed and estimated a contextual cooperative congestion control policy
that utilizes the traffic context information of each vehicle to decrease the
channel load, while satisfying the vehicular applications requirements. Three
different operational modes are examined with increasing cooperation and
usage of traffic context information. They are: autonomous mode (AM),
cooperative mode (CM), and contextual cooperative modes (CCM). A
framework is to be designed to extend the policy to multi-application
scenarios via the development of a new communication adaptation layer.
30
Dusit Niyato et al (2011) examined the difficulty of accessing an
optimal channel, basically to offer quality of service (QoS) for data
transmission in cognitive vehicular networks. In such networks, the vehicular
nodes are able to opportunistically access the radio channels named as shared-
use channels, which are allotted to licensed users. They are also able to keep a
channel for dedicated access named as exclusive-use channel for data
transmission. A structure for channel access management is designed for
cluster-based communication within vehicular nodes. The structure contains
three factors namely: for shared-use channels an opportunistic access, an
exclusive-use channel reserved, for cluster size control. A hierarchical
optimization model is also designed for the framework to attain the optimal
policy. The hierarchical optimization method includes two constrained
Markov decision process (CMDP) formulations for the above mentioned
factors.
Location privacy is also to be considered to offer authentication.
The privacy quality among vehicular ad hoc networks (VANETs) is based on
location privacy which is crucial for VANETs to flourish completely. Frequent
pseudonym changing presents a capable solution for location privacy in
VANETs, if changes are made to the pseudonyms in an improper time or
location, the solution may become invalid. Hence, Rongxing Lu et al (2012),
to overcome the problem, proposed a valuable pseudonym changing at social
spots (PCS) strategy to attain the provable location privacy. The social spot
where numerous vehicles may meet was introduced first of all, e.g., a road
junction when the traffic light turns red or a open parking lot near a shopping
mall. The anonymity set size is considered as the location privacy metric and
two anonymity set analytic models are developed to significantly examine the
location privacy that is obtained by the PCS strategy. The current model
tracks a vehicle in a spatial–temporal way; hence advanced technique is to be
considered which should use more character factors to track a vehicle and to
31
discover new location-privacy-enhanced techniques under such a stronger
threat model. Still an enhanced method is needed to provide safety for
vehicular communication.
IEEE and ASTM accepted the dedicated short-range communication
(DSRC) standard which is the primary method for the next generation of
vehicular safety communications. Communication services based vehicle
safety normally needs dependable and quick message delivery which
generally appeals broadcast communications in vehicular ad hoc networks
(VANETs). Xiaomin Ma et al (2012) designed and approved a distributive
cross-layer method for the plan of the control channel in DSRC and three
levels of broadcast services are involved that are serious to most possible
vehicle-safety-related applications. The network parameters based on current
traffic load and network conditions are to be identified using IEEE 802.11p
for better performance and reliability, because that is not processed by the
proposed method. Signature based privacy is to be provided for VANETs.
Kyung-Ah Shim (2012) designed a Conditional Privacy-Preserving
Authentication Scheme (CPAS), with the help of pseudo identity based
signatures to provide a safe vehicle-to-infrastructure (V2I) communications in
VANETs. Each message sent by a vehicle is mapped to a distinct pseudo-
identity, and a trust authority can constantly regain the actual identity of a
vehicle from any pseudo-identity which is the functionality of CPAS. A
roadside unit (RSU) is employed to validate multiple collected signatures and
2540 signed-messages, thus significantly minimizing the total verification
time. The pseudo- identity (ID)-based signature (IBS) method is proposed for
capable batch verification which is more appropriate for the vehicle-to-
infrastructure (V2I) communications than the vehicle-to-vehicle (V2V)
communications. The estimation of CPAS on a large-scale VANET testbed
32
with changing vehicle mobility models are to be performed which are not
considered in CPAS.
Jaehoon (Paul) Jeong et al (2012) presented a Trajectory-based
Statistical Forwarding (TSF) method, customized for the multihop data
delivery from infrastructure nodes (e.g., Internet access points) to moving
vehicles in VANET. The author made the first attempt to examine the way to
forcefully exploit the packet destination vehicle’s trajectory for that type of
infrastructure-to-vehicle data delivery. The data delivery is achieved through
the computation of a target point based on the destination. Vehicle’s trajectory
is a best meeting point of the packet and the destination vehicle. Packets are
forwarded up in multihop to a chosen target point by TSF, where, the vehicle
is about to pass. These forms of target points are chosen optimally to reduce
the packet delivery delay while fulfilling the necessary packet delivery
probability. The trajectories of vehicles are to be utilized completely which
are used as packet forwarders or carriers for the more capable data forwarding
in vehicular networks.
Francisco Javier Ros et al (2012) designed a broadcast algorithm
which is appropriate for a numerous vehicular situations and it utilizes only
the local information obtained through a periodic beacon messages, enclosing
affirmation of the circulated broadcast messages. The vehicle may or may not
belong to a connected dominating set (CDS). Hence a decision is to be made
by the vehicle. A shorter waiting period is offered to the vehicles in the CDS
in prior to the achievable retransmission. At time-out termination,
retransmission by the vehicle is possible only if it is alert about at least one
neighbor in need of the message. Intermittent connectivity and form of new
neighbors are located by reestablishing the evaluation timer. Investigation is
in progress in order to further minimize the protocol overhead during the
presence of multiple simultaneous broadcasting tasks. The protocol must be
33
suitable for delay-critical safety application. Hence usage of retransmission
time-out is to be investigated which has given a delay constraint from the
applications.
Traffic monitoring with examination vehicles along with GPS
receivers promises important improvements in cost, coverage, and accuracy
over devoted infrastructure systems. Privacy concern problems are more in
existing systems. Baik Hoh et al (2011) depicted a system based on virtual trip
lines and an associated cloaking method. Another system design is also made
in which the privacy requirements are relaxed to increase the accuracy of real-
time traffic evaluation. Virtual trip lines are represented as geographic
markers that denotes where vehicles are allowed to contribute speed updates.
These markers are used to avoid exact privacy sensitive locations. The system
is demonstrated with GPS smartphone clients and performs a controlled
research with more phone-equipped drivers rotating a highway segment. Key
based secrecy can also be provided for VANETs.
Vehicular Ad Hoc Networks (VANETs) involves the Public Key
Infrastructure (PKI) and Certificate Revocation Lists (CRLs) to provide
security for them. In PKI system, the verification of a received message is
achieved by examining whether the certificate of the sender is integrated in
the current CRL, and confirming the authenticity of the certificate and
signature of the sender. Albert Wasef et al (2010) designed an Expedite
Message Authentication Protocol (EMAP) for VANETs that alters the time-
consuming CRL checking method with capable revocation checking method.
The revocation checking method in EMAP utilizes a keyed Hash Message
Authentication Code (HMAC), where the key involved in evaluating the
HMAC is common among non-revoked On-Board Units (OBUs). EMAP also
involves in new probabilistic key distribution, which facilitates non-revoked
OBUs to firmly share and revise a secret key.
34
Numerous security architectures are designed for Vehicular
Communication (VC) systems, with an agreement of using public key
cryptography for secure communications. But none of them has been
examined and mentioned the problem of Certificate Revocation List (CRL)
distribution. P. P. Papadimitratos et al (2008) proposed a design that is
scalable and efficient to deliver flawlessly CRLs to all nodes within a region.
The source for the design of such CRL distribution systems is placed,
displaying how to configure them to attain more stringent requirements. The
difficulty of CRL distribution in VC systems is examined. The way in which
the CRL transmissions occur with very low bandwidth is considered and all
vehicles can gain the latest CRL within a delay of minimum minutes of drive,
e.g., the duration of a travel. The trade-offs are displayed and the way the
system is to be configured to minimize the delivery delay is also investigated.
Certification concept along with key authority can also be employed.
The certificate authority provides keys and certificates to vehicles
for safety in VANET. Each vehicle assigns these certificates to other VANET
members and then signs messages against these certificates. If the certificate
authority wants to cancel a certificate (e.g. due to a break in trust), it generally
distributes a certificate revocation list (CRL). Kenneth Laberteaux et al
(2008) designed a system for car-to-car epidemic distribution of certificate
revocation lists that is normally rapid and resourceful. Large-scale emulations
based on sensible mobility traces that the epidemic model considerably
outperforms methods that only utilize road side unit distribution points. The
vehicles are used to spread CRL updates in an epidemic manner. Only the
necessary CRL update sections can be communicated, there by reducing the
communication bandwidth usage.
Jason Haas et al (2009) designed a lightweight device for revoking
security certificates that are suitable for the limited bandwidth and hardware
35
cost constraints of a VANET. The author proposed the mechanisms that attain
the goals of minimized CRL size, a computationally resourceful mechanism
for resolving if a certificate is on the CRL, and a lightweight mechanism for
exchanging CRL updates. A proper verification of the security of the
mechanism is also presented for minimizing the size of CRLs. Two
contributions are employed by the author, first, a certificate organization
scheme is proposed where certificates for a single vehicle are connected by a
single, secret revocation key. Without the key, certificates are tedious to
group, by which the privacy of a vehicle is preserved. Analysis is also made
on the certificates and enhanced the practicality of distributing CRLs. A
method for passing CRL updates is proposed, rather than the complete CRL,
which minimizes the forced network overhead and is analogous to delta
CRLs.
Albert Wasef et al (2010) designed a capable Distributed Certificate
Service (DCS) method for vehicular networks. For certificate service among
varied administrative authorities, a flexible interoperability is provided by the
designed method. A capable way for any On-Board Units (OBUs) to revise its
certificate from the present infrastructure Road-Side Units (RSUs) in an
appropriate manner is also proposed. The DCS scheme proposes an aggregate
batch verification method for authenticating certificate-based signatures,
which considerably minimizes the verification overhead. Security
examination and performance assessment reveals that the DCS scheme can
minimize the complexity of certificate management, and realizes brilliant
security and effectiveness for vehicular communications. The only drawback
is that the revocation problem under the context of the DCS scheme is to be
considered and solved.
Security is important for the dependable operation of vehicular ad
hoc networks (VANETs). The most serious security problem is the revocation
36
of misbehaving vehicles, which is necessary for the avoidance of malicious
vehicles from risking the safety of other vehicles. So Nang-Wen Wang et al.
(2009) designed an efficient decentralized revocation (EDR) procedure
depending on a new pairing-based threshold method and a probabilistic key
distribution technique. The EDR protocol develops the safety levels in
VANETs as it reduces the revocation susceptibility window presented in
conventional certificate revocation lists (CRLs). The downside is that focus is
to be made on categorizing the received messages in accordance to their
correctness degree and activate the revocation process for a misbehaving
vehicle which will transmit malicious messages.
Some malicious attacks may result in lack of security, especially the
Denial of service attacks are more problematic and hence necessary steps are
to be taken to avoid them. Many researches have accomplished for message
authentication in wireless networks; especially VANETs handle different
objection, such as real-time constraints, processing restrictions, memory
restraint, etc. Analysis is made on the requirements for feasible VANET
authentication. Ahren Studer et al (2008) designed a customized version of
Timed Efficient Stream Loss-tolerant Authentication (TESLA) and
TESLA++. TESLA and TESLA++ offer the same computationally capable
broadcast authentication and TESLA with minimized memory requirements.
A new hybrid authentication mechanism is designed in order to mention the
scope of needs among VANET and the new mechanism is VANET
Authentication using Signatures and TESLA++ (VAST). VAST joins the
advantages of Elliptic Curve Digital Signature Algorithm (ECDSA) and
TESLA++.
Grossklags et al (2008) analyzed security issues of VANET and
observed the user behavior of weak security link. Mostly allowed attack in
VANET is distributed. Distributed denial-of-service (DDoS) and spam
37
distribution also continue to be unabated. Examination is made based on the
way the motivations move between investment in protection and insurance,
and subjects to factors such as network size, type of attack, loss probability,
loss magnitude, and cost of technology. Nash equilibrium is also characterized
and social optimality for diverse classes of attacks and defenses are presented.
In the weakest-target game for all parameter contexts, more attempts are made
at Nash equilibrium rather than at the social optimum. A security game is
defined as a game-theoretic model that confines necessary characteristics of
decision making to protect and self-insure resources within a network.
Centrality based security can also be provided to VANETs. Jens
Grossklags et al (2008) concentrated on the traffic dynamics than the static
road system and involved the centrality metrics of the traffic in each elements
of the map. The consideration of individual security decision-making is to be
enhanced by merging formal and behavioral analysis. For security decision-
making, a game-theoretic model is identified that simplify the “weakest link”
game, and an experiment is conducted to expose dissimilarities among
predicted and observed user behavior. The author explored the relationship
among economic and psychological-behavioral considerations for enhanced
or declined system security. The focal point is made on a weakest-link
security scheme and convergence to Nash equilibrium was not able to be
attained within a limited period of time. The data collected still now in the
work didn’t notice convergence to any of the expected equilibrium at all.
Betweenness centrality depending on shortest paths is a normal
measure of control employed in many studies and executed in all applicable
software tools for network analysis. Ulrik Brandes (2008) presented a paper in
which a number of variants to be analyzed are placed into context and it
predicts to be assessable with simple variants of the algorithm normally used
for the standard case. Several variants of betweenness centrality is discussed,
38
in which either the interest is moved (e.g., to edges), or the range of
applicability is elongated (e.g., to valued networks). Unlike associated
measures such as network-flow betweenness, current-flow betweenness, or
load, these do not modify the underlying model of transportation along
geodesic trajectories. For the variants, small alteration of the normally used
algorithm for the normal case resulted in algorithms with the same asymptotic
time complexity (except for length-valued edges), and with similar structure
of computation.
Thus with centrality concept a new security game has been proposed
to provide complete security for VANET. Tansu Alpcan & Sonja Buchegger
(2011) designed a security game for vehicular network to avoid attacks. The
security games involve zero sum game and fuzzy game by computing
centrality measures. Using traffic engineering systems, the game theoretic
method is designed. Markov Chains (MC) for designing the game model in
the quantitative assessment is also presented. The security games designed for
vehicular networks uses centrality measures that are figured out by mapping
the car networks centrality values to the fundamental road topology. The
vehicular network model has three levels: data traffic, vehicular traffic, and
road network. Data and vehicular traffic are dynamic while road network is
naturally fixed.
In Vehicular Ad Hoc Networks (VANETs), there are no end-to-end
connections and nodes taking that as the advantage to forward messages, to
make messaging possible. Thus it is vital to make sure that nodes have
motivations to forward messages for others, regardless of that the routing
protocols in VANETs are diverse from traditional end-to-end routing
protocols. Tingting Chen et al (2010) made a study in a way to activate
message forwarding in VANETs and the approach depends on coalitional
game theory. The incentive method is to control the storage space required in
39
containing details of each node. Depending on the testbed an incentive
method is designed for message broadcasting in vehicular communication.
Initially the architecture of the incentive method is presented. A payoff
allocation technology is introduced which is utilized in the incentive method.
Later an overall architecture of incentive method is presented depending on
the payoff allocation. Finally, the incentive method is formed using payoff
allocation that solves the cheating i.e., inter-vehicle communication of
incentive method with errors.
Ghassan Samara et al (2010) presented a vehicular network with
secured communication and provide preservation against the adversary which
is denoted as attacker interruption. The secured VANET provides a
satisfactory level in broadcasting messages by comforting the level of drivers
and manufactures for a smooth and safe life. The strength of VANET is
required to provide security and privacy characters. An analysis on the
different forms of security complications and challenges of VANET are made.
Also a solution is provided to the security problems and challenges based on
the analysis. The solution provided for VANET security ensures the message
received is valid. A huge analysis for the VANET security challenges is made.
Limitation for the analysis is carried out along with the simulation test to
maintain a secure VANET network.
2.3 ENHANCED GAME THEORY APPROACH USING NASH
EQUILIBRIUM INTEGRATED WITH MARKOV CHAINS
FOR VANET SECURITY
Up to date network programming protocols contributed a significant
way to modernize program images that are functioning on sensor nodes
without admitting physical access to them. Securing the updates is the major
problem, because of the open environment in which the sensor nodes are
always set up. Many methods are presented to solve the issues, but when
40
cryptographically energetic protocols are used; their computational costs
(power consumption and communication costs) become comparably high. So,
Hailun Tan et al (2011) designed a new cost-effective security method mainly
for network programming. A protocol called multihop network programming
has to be secured and for that the designed method was employed by
considering the multiple one-way hash chains. The method reduces the
computational cost, minimizes power consumption and also holds less
communication costs by protecting multihop propagation of a program
images. Performance evaluation of the method is also presented, which is
executed in TinyOS regarding latency and energy consumption. Steps are to
be taken to provide security using the presented scheme in hierarchical
topologies for enhanced scalability and especially for DoS attack.
Thus, an opponent can capture and compromise sensor nodes to
form replicas of them and then increase the attacks with these replicas and
these all happens because of the neglected nature of wireless sensor networks.
These replica node attacks are critical because they permit the attacker to
leverage the concession of few nodes to apply control over the network.
Several replica node detection schemes are proposed earlier and those
schemes rely on fixed sensor locations and hence not worthy for mobile
sensor networks (sensors are normally in motion). Jun-Won Ho et al (2011)
designed a fast and efficient mobile replica node detection method along with
the usage of Sequential Probability Ratio Test. The communication between
the detector and the opponent is modeled as a repeated game and Nash
equilibrium was also found. The Nash equilibrium represents that even the
attacker’s best gains are still limited due to the grouping of detection and
quarantine. The proposed method rapidly detects mobile replicas only when
small numbers of location claims are present and is not applicable for large
number of location claims. So, necessary steps have to be taken to solve it.
41
Congestion control has also to be considered because they may also inject
attacks.
The event-driven environment of wireless sensor networks (WSNs)
points to erratic network load. Accordingly, congestion happens at sensors
which receive more data than usually forwarded those results in wastage of
energy, reduction in throughput and loss of packets. Xiaoyan Yin et al (2009)
designed a rate-based fairness-aware congestion control (FACC) protocol is
presented on the basis of performance rate, which controls congestion and
gains almost fair bandwidth allocation for diverse flows. In FACC, central
relaying sensor nodes are classified as near-source and near-sink nodes. Near-
source nodes preserve a per-flow state which is controlled by it and almost
fair rate to all passing flow is allotted. Regarding packet loss, FACC becomes
constant over a particular time period during the increase in allowed traffic
load. No congestion control concludes in rising packet loss as the allowed
traffic load increases or as time elapses. There are chances for intrusion of
attacks and it is mostly affected by Ad hoc low power wireless network.
Security has to be provided in ad hoc low power wireless networks
basically for denial of communication at the routing levels. Eugene
Vasserman et al (2013) made an analysis on resource reduction attacks at the
routing protocol layer that forever damage networks by rapidly exhausting
nodes’ battery power. The “Vampire” attack does not rely on any special
protocol, but they mostly depend on the property of various classes of routing
protocols. The reviewed protocols are vulnerable to Vampire attacks that are
mostly destructive and hard to detect. Increase in the network-wide energy
usage by a single Vampire occurs at the worst case. Also fully acceptable
solution for Vampire attacks in the topology discovery phase is not found.
Similarly, the mobile network is also to be considered.
42
In addition to vampire attacks, in wireless sensor networks (WSNs)
the most vulnerable attacks are compromised node and denial of service.
Tao Shu et al (2010) made a review on data delivery methods, which avoids
the black hole creation by these attacks. Classic multipath routing schemes are
also susceptible to such attacks because of their deterministic nature. In the
proposed designs the routes are collected by the “shares” of diverse packet
changes in accordance with the time. Hence, when the opponents find the
routing algorithm, they cannot identify the routes that are employed for
transmitting each packet. An optimization technique is used to decrease the
end-to-end energy consumption with provided security constraints. The black
holes block every path of the source and the sink. The cut around sink attack
does not allow any secret share from the source even when disturbed by the
adversary. Hence steps to be taken to address these attacks.
Attacks are not only applicable in WSN but also plays major role in
MANETs basically while routing. Mike Burmester & Breno de Medeiros
(2009) mentioned that the protection verification of the route discovery
algorithm is very effective. The algorithm is susceptible to a hidden channel
attack and investigations are made for the security framework that was used
for route discovery. There are excess of additional hidden channels that are
available through concurrent implementation of route discovery protocols. In
addition to the background of mobility, route discovery take place
concurrently with data communication. Huge additional bandwidth is
obviously caused and available to adversarial nodes. Consequently,
adversarial nodes will partition the routes by inserting non-existing links in
the work, which is unfeasible to avoid. To tackle the shortcoming, either
additional flexible definitions of routes must be engaged (e.g., redundant
routing) or it is necessary to tackle global threats directly, and more
commonly man-in-the-middle attacks.
43
An enhanced way to provide secure routing is to be considered and
hence different ways are adapted in MANET. In ad hoc network privacy-
preserving routing is wanted which has stable privacy protection. Data
packets and control packets are linkable and distinguishable in the proposed
method and none of the old methods show complete unlinkability or
unobservability property. Hence, Zhiguo Wan et al (2012) presented
Unobservable Secure On-Demand Routing (USOR) protocol which
contributes absolute unlinkability or unobservability property. USOR is well-
organized and consolidates group signature and ID-based encryption for route
discovery. The protocol runs on NS2 and reviews the performance of USOR,
which displays that USOR has acceptable performance regarding the packet
delivery ratio, latency and normalized control bytes. But the downside is that
USOR is still affected by wormhole attacks, black hole attacks and DoS
attacks which is a challenging task, needs in-depth investigation.
A malicious node forms a black hole attack on MANET. It finds the
route from a source to a destination and modifies sequence number and hop
count of the routing message. Ming-Yang Su (2011) designed IDS (intrusion
detection system) nodes that are employed in MANETs in order to detect and
avoid black hole attacks. The IDS nodes are set to sniff node to perform ABM
(Anti-Blackhole Mechanism) function. ABM is used to find a suspicious
value of a node regarding the difference among the routing messages which
are routed from the node. Ad hoc On-Demand Distance Vector (AODV)
provides a network connection when the number of IDS cannot cover most of
the area, because of less processing loads and memory consumption.
Malicious node executes BAODV (Black hole AODV) routing algorithm to
avoid black hole attacks. Normal node implements a little bit modified
AODV, called MAODV (Modified AODV), to conduct normal routing.
44
There is no main infrastructure for Mobile ad hoc networks
(MANETs). Hence they are susceptible to malicious network attacks.
Basically security is a more important problem in infrastructure-based
wireless networks. In MANETs, identification of malicious hosts is tedious
because the topology of the network gets changed dynamically and it
interrupts a route that forms a communication path. Hence, many methods
were proposed earlier but they fail to overcome the issue, even they tried with
training data, which usually verifies the identity and topology of the network,
but could not provide a safe routing because of the topology changes.
Hidehisa Nakayama et al (2009) designed a novel anomaly-detection
approach which depends on a dynamic learning process that permits the
training data to get updated at appropriate time intervals. The dynamic
learning method computes the projection distances depending on
multidimensional statistics with the help of weighted coefficients and a
forgetting curve.
In addition to MANET, intra-session network coding is also
naturally unsafe regarding pollution attacks. Anh Le & Athina Markopoulou
(2012) presented a new homomorphic MAC method called SpaceMac, which
permits a central node to confirm whether received packets reside to a exact
subspace or not. A cooperative defense system against pollution attacks was
proposed which was developed based on SpaceMac. Then by using SpaceMac
as a building block a cooperative method that affords entire defense against
pollution attacks is developed. It identifies polluted packets initially at central
nodes and it also finds the appropriate location of all (colluding, attackers)
and makes it probable to remove them. The method is cooperative: corrupted
packets can be identified by the node, with the help of node’s parents and
children. The correct location of all attackers can be detected by the nodes in
the network which is helped with a central controller.
45
Security is the most vital issue that not only affects the MANET but
also affects the VANET. Strong network is needed and must rely on their
security and privacy features. VANETs are facing more problems and
addressed by Ghassan Samara et al (2010). The authors made a study on a set
of solutions proposed for the problems. More attention is made on attacks
executed against the message itself rather than the vehicle. Vehicular Ad Hoc
Networks is a promising technology and it is an abundant region for attackers.
Certificates based safety messages are carried out to provide a safe VANET.
A Trajectory-based Statistical Forwarding (TSF) method is used for
the multihop data delivery from infrastructure nodes (e.g., Internet access
points) to moving vehicles in vehicular ad hoc networks. Jaehoon (Paul)
Jeong et al (2012) made an investigation about the usage of the packet
destination vehicle’s trajectory for such infrastructure-to-vehicle data delivery.
The data delivery is achieved via the computation of a target point with the
help of destination vehicle’s trajectory that is a best meeting point of the
packet. TSF transmit packets with multihop to a chosen goal point where the
vehicle is likely to pass over. The downsides are; the deployment cost has to
be minimized to get better performance by expanding the infrastructure nodes
and efficient way has to be found for better data forwarding in vehicular
networks. The location or position is also affected greatly by VANET.
Vehicle position is important piece of information in a Vehicular
Adhoc NETwork (VANET). Gongjun Yan et al (2007) proposed a new
method to improve position security in VANETs. Local security is obtained by
admitting the support of on-board radar to identify neighboring vehicles and
to verify their declared coordinates. Local security is enhanced to obtain
global security with the usage of preset position-based groups. The radar
performs as the “eye” of the system and confirms the information got from
46
the vehicles within its transmission range. The downside of the method is;
attackers can fire some Sybil attacks whenever the radars sight is blocked.
The attacks also affect the vehicular communications. Generally
vehicular communication troubles combines’ network architecture, protocols
of physical and link layers, routing algorithms and security problems. A.
Singaravelan & Manikandan (2013) presented a study with the various
difficulties in the vehicular ad hoc network communications and provided
solutions for those problems. Most VANET messages are transmitted by
adapting safety messages which must have a broad saturation and must be
delivered in a short time. The messages should be safe and should not leak
personal identification, or linkable information to unapproved parties. Attacks
may involve in sending false information, tracking a location of a vehicle and
jamming the channel for Denial of Service. VANETs security system holds
the features of Authentication & Data Integrity, Anonymity & Availability,
and Low Overhead & Privacy. Nash equilibrium is an important portion and
by using it an efficient VANET is obtained in accordance with cost.
Gireesh Shrimali et al (2010) proposed an advanced method for
interdomain traffic engineering which depends on the ideas of Nash
bargaining and dual decomposition. ISPs employ an iterative method to
jointly enhance a social cost function, denoted as the Nash product. The
global optimization problem is detached into sub problems by offering
suitable shadow prices on the interdomain flows. The sub problems are then
solved separately in a distributed form by the individual ISPs. The presented
technique considerably outperforms unilateral approaches like the generally
employed hot-potato or shortest path routing as well as the Nash equilibrium
setting. Using Nash Equilibrium, ISPs myopically enhance local objectives
when iteratively playing finest feedbacks to each other. Nash equilibrium
routing takes active load-based costs on the links rather than the static weight-
47
based optimization of the hot-potato routing. The Nash equilibrium routing is
an active method; hence it takes numerous iterations to converge which is its
main drawback.
Hao Yu et al (2010) took into account regarding the open-loop
network MIMO system with multiple Base Station (BSs) helping, private
multiple Mobile Station (MSs) and general MS depends on a new partial
cooperation overlaying method. In the network MIMO systems, to alter the
forceful and heterogeneous MIMO configurations, an open-loop overlaying
method is designed. The results obtained when heterogeneous paths employed
among multiple cells are to be determined, so the author designed a
distributive low complexity long-term power allocation algorithm. The
algorithm is designed with verifiable convergence property which only
calculates on local channel statistics. The long-term distributive power
allocation dilemma with the private MSs and the common MSs at all BSs are
also developed with the help of a partial cooperative game. The long-term
power allocation game uses rare Nash Equilibrium (NE) but normal finest
feedback update does not regularly converge to the NE.
Fu-Wen Chen & Jung-Chun Kao (2012) mentioned about the
minimum transmission broadcast issue in wireless networks and presented
efficient solutions which includes an optimal broadcast method and
distributed game-based algorithm. The author considered the problems of
least transmission broadcasting against the reliable and unreliable wireless
links as two mixed integer linear programming (MILP) problems,
respectively. Optimal broadcast method is used in an easier way with the help
of pre existing MILP solver mainly to involve in small-scale networks. For
large-scale networks, a distributed game-based algorithm named Game-Based
Broadcast Tree Construction Algorithm (GB-BTC) algorithm is employed and
it has proved that the game-based algorithm attains better Nash Equilibrium.
48
The broadcast tree construction game meets the Nash Equilibrium in a finite
number of iterations. GB-BTC algorithm behaves extremely well regarding
delivery ratio and the number of transmissions and convergence speed are
also very fast.
Wavelength division multiplexing (WDM) is a technology in optical
networks and it also faces many security related issues. Thus, security
troubles and attack organization in the WDM optical networks is most critical
one to network operators because of the high data rates that are concerned and
the vulnerabilities associated with transparency. Physical-layer attack namely
high-powered jamming damages or reduces the network performance and
must be handled efficiently. Nina Skorin-Kapov et al (2010) had an idea to
route lightpaths in order to reduce the possible damage formed by a variety of
physical-layer attacks. A novel objective standard was proposed for the
routing and wavelength assignment (RWA) difficulty, generally known as
Maximum Lightpath Attack Radius (MaxLAR). MaxLAR has been defined
for the routing subproblem like an integer linear program (ILP). For larger
networks, tabu search algorithm is employed for attack-aware lightpath
routing, along with the usage of preexisting graph-coloring algorithm for
wavelength assignment. Here more cost is involved for LAR and hence
minimum cost with reduced LAR has to be developed.
Thus key based security can also be provided to VANET. Chan
Chen & Michael Jensen (2011) established secret keys to pay attention on the
spatial and temporal interrelationship of the channel coordinates in the simple
wireless channel. An easy single-input single-output channel (SISO) model
generates key size to bind the channel correlation. A multiple-input multiple-
output channel (MIMO) considers decorrelation of the channel coordinates.
Trusted network security is improved on the creation of practical key
generation protocol which is developed on the basis of presented channel
49
coefficient quantization method. In authenticated public channel, the key
agreement in an authenticated public channel is enhanced by involving the
transfer of the correlation eigenvector matrix, flexible quantization levels and
LDPC coding. Channel quantization is effective only on simple channel
model and performance falls short of the achievable bound, hence necessary
steps have to be taken to work with heavy channel model.
The distance-based localization algorithm provides security on
transmission but still the attackers can able to detect the secret data.
Information-theoretic security limitations lower the connectivity of wireless
networks in the existence of listener. The listener existence stimulates a better
modeling of wireless networks. A development of techniques is required to
provide robust security against overhearing. Using physical-layer security
constraints, Xiangyun Zhou et al (2010) formulated the local connectivity of
wireless networks in fading channels. A vital connectivity improvement from
multi-antenna transmission with only two antennas is demonstrated. In
addition, the connectivity degradation from eavesdropper collusion is
quantified. The connectivity is worked locally but a global connectivity is
required.
In cognitive radio networks, an opponent broadcasts signals; their
characteristics should be similar to that of the primary users, basically to stop
secondary users from transmitting. These forms of attack are denoted as the
primary user emulation (PUE) attacks. Primary users normally involve in two
categories of white space and they are; TV towers and wireless microphones.
Shaxun Chen et al (2011) designed a new technique to spot out the PUE
attack that affects the mobile primary users. The correlations among RF
signals and acoustic information are exploited to confirm the presence of
wireless microphones. The correlation among the RF signal and acoustic
signal are presented to distinguish the attackers from absolute wireless
50
microphones. The only downside is that the detection time has to be
minimized when healing white-space devices are present.
Gustavo Marfia et al (2007) proceeded with the study which
depends on realistic vehicular mobility hints of downtown Portland, Oregon,
that are got from particularly accurate large scale traffic simulations
(Los Alamos National Laboratories (LANL)) which was already mentioned
by G. Marfia et al. The mobility model is employed to demonstrate flat and
opportunistic infrastructure routing. The work done by G. Marfia is extended
to determine the impact of a range of mobility models on network
performance. It explains the performance trend that is supposed to happen
during the day as urban mobility patterns get modified. Adjusting the
significance of accurate vehicle density modeling on performance is also
carried out in the work. A uniform vehicle traffic input model (in urban map)
is used to demonstrate the proposed work. The distributions of vehicles
present in the urban map are not very accurate.
Centrality is also to be noted to provide an efficient network.
Betweenness centrality normally depends on shortest paths and it is a normal
measure of control involved in many studies and worked out in all appropriate
software tools for network analysis. Ulrik Brandes (2008) idea was little
different, i.e., quantity of variants which are to be analyzed are stored in the
context and it is significant with easy variants of the algorithm that are
generally employed in the standard case. Different types of betweenness
centrality are considered in which the interest may be in motion, e.g., the
edges, or the range of applicability is elongated to valued networks. For the
variants, small alteration of the used algorithm is employed. The results for
the normal case is the algorithms that are with the similar asymptotic time
complexity (except for length-valued edges), and with similar structure of
computation.
51
Thus, the above said problems can be solved by providing a key
based security. The secret encryption key is not applicable for larger networks
but works well in simpler network but not in a vehicular network; it needs a
greater secure transmission. Tansu Alpcan & Sonja Buchegger (2011) took the
issue into account and proposed an upgraded transportation safety,
consistency, and management in vehicular networks (VANETs). Hence,
within a game-theoretic framework, the security approach of VANETs is
measured. The threats that are caused by malicious attackers are reduced with
the help of defensive measures. The centrality values are in use to find the
centrality measures of the trusted network to the underlying topology. An
optimal formation of security infrastructure and traffic control is measured
both in the static (i.e. fixed roadside units) and dynamic case (i.e. mobile law
enforcement units) states. Multiple categories of security games are proposed
under varying information probability assumptions. Three specific forms of
security games are mentioned under diverse information possibility
hypothesis for the players and they are: payoff is known, payoff is
approximately known and payoff is not known when considering both the
players.
With some advanced method better security is provided by allowing
the vehicles to communicate. Emerging vehicular ad hoc networks (VANETs)
provides facility for the vehicles to talk to all vehicles and it is expected to
improve safety and efficiency in transportation systems. Traffic security and
driver privacy in a large-scale VANET (i.e., metropolitan area) are mostly
affected by attacks which results in scalability and organizational issues. So,
Bo Qin et al (2011) developed an identity-based group signature (IBGS) to
isolate a large-scale VANET into an easily manageable group and create
obligation in vehicular communications while preserving privacy. Human-
recognizable identity of all party’s is used as its public key and no need of any
further certificate which avert the difficult certificate management of present
52
protocols. Further investigation on selfish verification method is carried out in
order to quicken message processing in VANETs.
Thus, Tiffany Hyun-Jin Kim et al (2010) designed a security model
for Vehicular Ad-hoc Networks (VANETs) to distinguish false messages from
real messages. The information present in a VANET environment allows the
vehicles to remove malicious messages that are transmitted by a misbehaving
vehicle. A message filtering technique is also used to control the information
of multiple complementary sources to build a multi-source detection model.
The designed filtering model depends on two factors: a threshold curve and a
Certainty of Event (CoE) curve. A threshold curve denotes an event to a driver
regarding the relative position, and a CoE curve denotes the assurance level of
the received messages.
2.4 REINFORCING SECURITY IN VANET FOR GAME
THEORETIC APPROACH USING VEHICLE MODE
ANALYSIS
As the complexity of commercial cellular networks growth becomes
more automated methods for detecting and diagnosing cells with degraded
performance are needed. Detected anomalies, and root cause analysis are
tedious to identify. P´eter Szil´agyi & Szabolcs Nov´aczki (2012) designed a
new integrated detection and diagnosis framework and it can detect
anomalies, even its root cause is also found. Depending on radio
measurements observation and other performance indicators the anomalies
can be detected. Diagnosis depends on the reports of earlier fault cases by
analyzing and learning their feature impact on diverse performance indicators.
The system must be further evaluated with more Key Performance Indicators
(KPIs) and complex faults.
53
The joint computing environment faces risk in users’ security and
privacy due to the diverse attack routes. Hyun-A Park et al (2010) proposed a
connected authentication and multilevel access control to tackle those
problems and it accords with cryptographic methods in a private database of
“MyLifeBits” system. A method has been proposed which is flexible in
dynamic access authorization, safe against all the attacks from different
routes, a least round of protocol, access control based on privacy security, and
multifunctional. Combination of converging technology and collaborative
computing are the main worry for researchers in network systems and its
environments. In social computing development processes, users play a major
role because they enlarge their requirements to take faultless collaborative
supporting services in their life.
The privacy issue has not left any of the wireless networks and that
includes multihop wireless networks too. Privacy threat is the major difficulty
in multihop wireless networks due to the open wireless medium, in which
traffic analysis and flow tracing are fired effortlessly by a malicious attackers.
Yanfei Fan et al (2011) designed a privacy-preserving method which depends
on network coding that is regarding traffic investigation/flow tracing like size
correlation, time correlation, and message content correlation. Size correlation
is protected by trimming all messages to be of the similar length as same as in
network coding method. Using intrinsic buffering method of network coding,
time correlation can be opposed. Using “mixing” feature of network coding,
message content correlation can be avoided. Two efficient privacy-preserving
techniques are designed namely; intractability of packet flow and
confidentiality of message content. They are employed to prevent traffic
analysis attacks along with homomorphic encoding on Global Encoding
Vectors (GEVs). Computation on incoming messages is achieved by
intermediate nodes with the permission of Network coding. Avoiding attacks
is not sufficient; security must also be enhanced to the traffic analysis.
54
Security has to be provided in ad hoc low power wireless too and
basically for denial of communication at the routing levels. Eugene
Vasserman et al (2013) made an analysis on resource depletion attacks which
occurs mostly at the routing protocol layer which forever exhaust networks by
rapidly exhausting the battery power of the nodes. Among various types of
attacks, vampire attack is most vulnerable attack. The “Vampire” attacks are
always not specialized to any protocol and it mostly depends on the properties
of various forms of routing protocols. Vampire attacks are too hard to identify
and all the protocols are mostly vulnerable to Vampire attacks. A single
vampire utilizes more energy and there is a development in the network-wide
energy usage only at the worst case. But a fully acceptable solution for
Vampire attacks during the topology discovery phase is not found as well as
handling mobile networks is also to be considered.
Security is really crucial in wireless sensor networks. Various
methods have already been presented but they are not to that extend in
contributing security. Hence, a pairwise key distribution is mandatory for
wireless sensor networks because sensor nodes are vulnerable to be
constrained in resources. Taekyoung Kwon et al (2009) proposed a pair wise
key pre-distribution method which is location based. The scheme obtains
higher connectivity and is flexible in resources consumption even in the
presence of errors. Full and random pair wise key predistribution (FRP) uses
deployment knowledge and path key offering method. Key predistribution
with Deployment Knowledge is processed first. Secondly, Shared Key
Discovery (SKD) is employed. Once pair wise keys are not found by SKD,
then extra key establishment is mandatory. After SKD, Path Key
Establishment with Path Key Offering is employed. However, sensor node’s
constrained capabilities are major problems, because public key cryptography
is tough. Achieving higher connectivity is still a great problem because large
55
resources are accompanied and deployment errors can disturb the connectivity
severely.
Providing key based security is not applicable for denial of service
attack. In wireless sensor networks (WSNs) the most vulnerable attacks are
compromised node and denial of service. Review on data delivery technique
has to be made and it is done by Tao Shu et al (2010), which avoid the black
hole creation by these attacks. Classic multipath routing schemes are also
susceptible to these attacks, because of their deterministic nature. The end to
end energy consumption is to be reduced and hence an optimization problem
is used provided with security constraints. Cut around sink attack and source
attack are also involved in the work. The black holes block all paths within
the source and the sink. The cut around sink attack does not allow any secret
share from the source even when disturbed by the adversary. Hence steps are
to be taken to address these attacks.
Thus, encryption based keying concept has to be designed for
providing security against the above mentioned attacks. Developing Cost-
competent, protected network protocols for Wireless Sensor Networks
(WSNs) are a difficult issue as sensors are resource-limited wireless devices.
With the combined protocol in the WSNs, a rekeying transmission is also
required to protect data. Arif Selcuk Uluagac et al (2010) designed an energy-
capable Virtual Energy-Based Encryption and Keying (VEBEK) scheme for
wireless sensor network to extremely decrease the transmission rate that are
necessary for rekeying to prevent false keys. VEBEK controls the transaction
control messages for key renewals and is able to recover more energy by
providing less chat. VEBEK employs single key for one message so
consecutive packets of the stream employs diverse keys. VEBEK unbundled
key generation from security services by supporting a flexible modular
56
architecture for an easy adoption of various key-based encryption or hashing
schemes. VEBEK is unable to identify the dynamic paths and insider threats.
Hence, security is mandatory for contributing the communication
within the sensor node which belongs to the same network and not from
outside intruder or attacker. Many protocols are designed to provide security
in WSN but no one offered a better result. So, Mojtaba Ghanaat Pisheh Sanaei
et al (2013) selected the recent two protocols named Secure Real-Time with
Load Distribution (SRTLD) and Biological Inspired Self-Organized Secure
Autonomous Routing Protocol (BIOSARP) for critical analysis and
investigation. In WSN environment circumstance which is already attacked,
under eight malicious nodes and four source nodes with heavy network load,
BIOSARP utilized less energy than SRTLD. BIOSARP delivery ratio is better
and high. The delivery ratio of SRTLD is reduced because of the huge
broadcast at every hop. Hence, BIOSARP performance in heavily loaded
WSN is high and lessens the attack that affects the real time WSN because of
its autonomous and self-optimized functionality.
In a MANET there is no presence of devoted routers and all network
nodes are committed for routing. MANETs are greatly affected by the attacks
mostly by passive and active attacks. The passive attacks deal with retrieval of
information, while the active attack deals with malicious nodes. Active attacks
normally depend on modification, impersonation/spoofing, fabrication,
wormhole, and selfish behavior. An overview is made on them by Jonny
Karlsson et al (2012). The significance of cryptography and trust in secure
MANET routing is also mentioned with the help of appropriate security
extensions of existing routing protocols for MANETs.
Security will get spoiled not only because of attacks but also due to
cheating beacon nodes. Secure distance-based localization in the existence of
cheating beacon nodes is a vital complication in mobile wireless ad hoc and
57
sensor networks. Murtuza Jadliwala et al (2010) presented a localization
algorithms based on distance that belong to the group of bounded error
localization algorithms. The proposed algorithm promises a bounded
localization error when the quantity of cheating beacons is lower than the
threshold. As the quantity of cheating beacon nodes is higher than or
equivalent to a specified threshold then there is no chance of existence of two-
dimensionality of proposed algorithms and may lead to a bounded error.
Alternatively when the quantity of cheating beacons is lower than the
threshold, a class of proposed algorithms is identified that always lead to a
bounded localization error.
Game based approach is not only applicable to provide security in
VANET but also for accessing spectrum in CR networks. Dapeng Li
et al (2011) used a new context for Cognitive Radio (CR) networks to allow
multiple operators to include secondary users (SUs) as cooperative relays for
their primary users. Hence, SUs get a chance to access spare channels for their
own data transmission. Initially, assumption is made that the CR network
supports payment transfer. Then, the system is defined as a transferable utility
coalitional game. There is the presence of operating point which increases the
sum utility against all operators and SUs, when share is provided for all
players. Hence no subset of operators and SUs has a motivation to split away
from the grand coalition. The operating points exist only during the solution
set of the game (the core) is nonempty. An interesting situation mentioned as;
in the network, there is no payment technique was investigated by the usage
of nontransferable utility coalitional game model. A joint action is used to
make the core nonempty.
Denial of service attack is an important issue and it affects the
wireless mesh networks (WMN) too. Devu Manikantan Shila et al (2010)
took into account the denial of service (DoS) attack in WMN denoted as
58
selective forwarding attack (gray hole attacks). In the presence of the attack, a
mischievous mesh router forwards a subset of the packets received and drops
the others. The author considered that a packet dropping occurs because of an
attack or regular loss events (average access clash or worst channel quality). A
channel aware detection (CAD) algorithm is proposed which adequately
detected the selective forwarding misdeed from the standard channel losses.
The CAD algorithm depends on two approaches namely; channel evaluation
and traffic observation. The loss rate was observed at specific hops and when
it goes beyond the expected normal loss rate, then those nodes that are
included was recognized as attackers. The downside of the work is that when
an attacker proposes noise to reproduce a noisy channel, it further affects the
sensing process and that leads to mistaken threshold. Hence, these attacks are
to be avoided by extending CAD or by development of some other efficient
method.
Next, secured communication and protection against the adversary
attacker interruption have to be provided in vehicular network too. Ghassan
Samara et al (2010) provided it. The secured VANET provides a satisfactory
level in broadcasting messages by comforting the level of drivers and
manufactures for a smooth and safe life. An analysis on the numerous
categories of security difficulties and challenges of VANET are made. Also a
solution is provided to the security problems and challenges based on the
analysis. The solution provided for VANET security ensures the message
received is valid. A huge analysis for the VANET security challenges is
solved. Limitation for the analysis is carried out in future along with the
simulation test to maintain a secure VANET network. Public key based
security can also be provided in VANET along with the revocation list.
Vehicular Ad Hoc Networks (VANETs) involves Public Key
Infrastructure (PKI) and Certificate Revocation Lists (CRLs) to consistently
59
secure the network. In PKI system, the authentication of a received message is
achieved by inspecting the certificate of the sender i.e., the certificate should
not be present in the current CRL. Albert Wasef & Xuemin (Sherman) Shen
(2009) designed a Message Authentication Acceleration (MAAC) protocol for
VANETs that alters the time-consuming CRL checking process with a capable
revocation check process. A keyed Hash Message Authentication Code
(HMAC) is used by the revocation verify method, where the key computes
whether the HMAC is shared merely among non-revoked On- Board Units
(OBUs) or not. The MAAC protocol also involves a new probabilistic key
distribution, which permits non-revoked OBUs to securely share and update a
secret key. Furthermore, the downsides of the MAAC are challenging to
attacks regarding to authentication methods that are employing the
conventional CRL. Certificate and message signature authentication are also
needed to be provided. Some other authors took into account the mentioned
drawback and provided a better result.
A better mechanism is needed for Vehicular Ad Hoc Networks
(VANETs) to provide an authenticated message, to detect valid vehicles, and
eliminate malicious vehicles. A Public Key Infrastructure (PKI) can be
employed to obtain this functionality with the help of certificates and fixed
public keys. But fixed keys permit a listener to relate a key with a vehicle and
a location, which will oppose the drivers’ privacy. Ahren Studer et al (2008)
presented a VANET key management method that depends on Temporary
Anonymous Certified Keys (TACKs). Temporary Anonymous Certified Keys
(TACKs) is a capable method that satisfies the security and privacy
properties. They are important for key management in Vehicular Ad Hoc
Networks (VANETs). In TACKs, On-Board Units (OBUs) use short-lived
keys for signing the messages for VANET communication and those short-
lived keys are authorized by Regional Authorities (RAs).
60
VANET is a scheme of Mobile Ad-Hoc Network (MANET).
VANET has high mobility of nodes and the huge scale of networks. The
increasing amount of promising applications is in association with intelligent
transportation systems (ITSs) and involves many investigators to the area of
vehicular networks (VNs). The applications have been provided with security,
scalable, protection, and knowledge about traffic and service location
applications. Rajadurai & Jayalakshmi (2013) made a discussion on the
challenges and attacks to vehicular networks and solutions afforded to some
of the challenges. Two groups of protocols namely LocVSDPs and GeoVCom
are established and recommended a group of resolution to the development of
security in VANET. Hence to provide security, the vehicle behaves like a
communication node that swaps data to protect the collision prevention and
accident warning, and offers services like traffic information, breakdown, fuel
services and office locations. The protocol improves the scalability in VANET
and security is provided with the usage of Vehicular Public Key Infrastructure
(VPKI), Group Signature, and Regional trusted authority.
Thus, safety must not only be provided to vehicles but also to
passenger and that is also to be considered. Intelligent Transportation Systems
(ITS) enhance passenger safety and transportation efficiency by the usage of
vehicle-to-vehicle and vehicle-to-roadside wireless communication
technologies. Communication protocols in these environments meet delay
conditions because of the high moving speed of the vehicles. Shan-Hung Wu
et al (2010) designed an energy conservative MAC layer protocol, denoted as
Dedicated Short Range Communications Asymmetric and Asynchronous
wakeup (DSRC-AA), based on IEEE 802.11. DSRC-AA saves the power for
ITS communication modules like On Board Units, portable devices, and Road
Side Units, while establishing the bounded delay. DSRC-AA, an overview of
the Asynchronous Quorum-based Power-Saving (AQPS) protocols, exploits
61
the clustering nature of moving vehicles and allocates diverse wake-up/sleep
schedules to the cluster head and the representatives of a cluster.
Neng-Wen Wang et al (2008) made a analysis on the secure
infrastructures that are proposed earlier for VANET, which has possible
applications and motivating security challenges. A new secure method for
vehicular communication on VANETs is also proposed to overcome the
security challenges. The presented method safeguards the privacy and also
controls the liability in the secure communications with the help of session
keys. The robustness of the method is also analyzed. Inter-Vehicular
Communication (IVC) is a basic characteristic of the forthcoming intelligent
transportation systems and its vital permissive component of IVC is its
security services.
Many novel applications are predicted, which will enhance traffic
management and safety in VANET. These applications have demanding
security requirements; they also alter road traffic safety. VANETs face
numerous security threats. VANETs offer some different features like high
mobility of nodes, geographic extension, etc., and conventional security
techniques are not frequently applicable. Hence, José María de Fuentes et al
(2010) planned to define and evaluate the most representative VANET
security developments. A general underlying model for the above mentioned
type of network has been introduced with the use of its main settings. The
security requirements which are present in all VANET setting have been
identified. Apart from typical security needs like confidentiality, other
context-specific ones are also present for e.g. trust assurance over reported
data.
From VANET the security issue has traversed in Vehicular sensor
networks too and they are shared environments where mobile vehicles are
supplied with sensors of diverse nature and inter-work to execute monitoring
62
applications. Proactive urban monitoring is an emerging trend where vehicles
steadily sense events from urban streets and separately process sensed data
e.g., recognizing license plates, and perhaps route messages to vehicles in
their neighborhood to attain the common objective. Thus, the challenging
environment needs new solutions along with the traditional wireless sensor
nodes. So, Uichin Lee et al (2009) gave a description about MobEyes, an
efficient middleware purposely designed for proactive urban monitoring,
which makes use of node mobility to opportunistically spread sensed data
analysis among neighbor vehicles.
Then it also attacked the Vehicular Ad hoc Network, which is an
assemblage of mobile hosts establishing a temporary network without the help
of any traditional infrastructure. VANETs are mostly subjected to attacks
because of their susceptibilities. Sybil nodes attack is the most compromising
attack among various attacks. Mohamed Salah Bouassida et al (2009)
proposed a Sybil detection method depending on received signal strength
variations, i.e., permitting a node to identify the authenticity of other
communicating nodes, according to their localizations. A predictable metric of
the distinguish ability degree among two nodes that are permitting to resolve
Sybil and mischievous ones within VANET are also defined.
Hence an enhanced method is proposed for Sybil attacks by some
other author and he proposed it for all system to avoid intrusion of Sybil
attack. Open-access distributed systems like peer-to-peer systems are mainly
susceptible to Sybil attacks, where a malicious user develops multiple fake
identities (called Sybil nodes). The SybilGuard protocol has an influence on
social networks to bind the number of Sybil nodes are acknowledged.
SybilGuard permits a large number of sybil nodes that are to be accepted.
Furthermore, SybilGuard consider that the social networks are fast-mixing
and that is not confirmed in the real world. Haifeng Yu et al (2010) designed a
63
novel SybilLimit protocol that influences the same as SybilGuard, but
provides dramatically enhanced and near-optimal guarantees. Three large-
scale real-worlds public networks are present and the evidence for such
networks are indeed fast-mixing. Validation for the fundamental statement
after SybilLimit’s and SybilGuard’s method has been proved.
Security and Privacy are most vital matters in Vehicular Ad-hoc
Networks (VANET). Usage of pseudonyms is the extensively approved
privacy preserving communication method in VANET. Pseudonyms have
provided great solutions for security problems like Sybil attack. Reza
Mortazavi Maryam Rahbari (2011) designed an efficient method to detect
Sybil attack during the privacy preserving of vehicles in the network.
Distributed and hierarchical method has also been developed that meets all
security requirements of VANET. The proposed method is more efficient and
robust against probable attacks when compared with other similar methods.
The number of attackers has got much more limited, and a global privacy
attack is approximately infeasible.
Privacy-preserving methods in VANET are mostly susceptible to
Sybil attacks, where a malicious user can act as if a multiple (other) vehicle.
Tong Zhou et al (2011) proposed a lightweight and scalable protocol called
Privacy Preserving Detection of Abuses of Pseudonyms (P2DAP) to identify
Sybil attacks. In the proposed protocol a malicious user acts as multiple
(other) vehicle is detected in a distributed manner by the help of passive
overhearing by a group of fixed nodes denoted as road-side boxes (RSBs).
The discovery of Sybil attacks by the above mentioned form does not
necessitate any vehicle in the network to reveal its identity by which privacy
is safeguarded at all times. The downside in P2DAP is that the ratio and
activities of mischievous vehicles are not predicted; hence for that a machine
64
learning algorithm has to be developed. If the attackers are found, then
P2DAP can identify attackers with more minimized overhead and delay.
Besides the security and privacy in VANET, usage of Nash
equilibrium is most important as it provides an efficient VANET. Gireesh
Shrimali et al (2010) proposed a novel method for interdomain traffic
engineering and it depends on Nash bargaining and dual decomposition. The
Nash product is a social cost function and it is enhanced by ISPs which use an
iterative method. The global optimization problem is partitioned into sub
problems by offering suitable shadow prices on the interdomain flows. The
sub problems are then solved separately in a distributed form by the
individual ISPs. The proposed method considerably outperforms than the
commonly used hot-potato or shortest path routing as well as the Nash
equilibrium setting. Nash equilibrium routing takes active load-based costs on
the links rather than the static weight-based optimization of the hot-potato
routing. The Nash equilibrium routing is an active method; it takes numerous
iterations to converge which is the drawback.
The above said problem can be solved by the usage of centrality
measures but there is no guarantee for good result. Vehicular network is a
simpler network and needs more secured transmission. Tansu Alpcan & Sonja
Buchegger (2011) proposed an upgraded transportation security, reliability,
and management in vehicular networks (VANETs). A game-theoretic
framework is employed and by which the security approach of VANETs is
measured. The threats caused by malicious attackers are reduced with the help
of defensive measures. In the underlying topology the centrality measures of
the trusted network is found with the help of centrality values. A best
development of security infrastructure and traffic control is measured both in
the static (i.e. fixed roadside units) and dynamic (i.e. mobile law enforcement
units) states. Under differing information probability assumptions, different
65
categories of security games can be proposed. Three specific forms of security
games are mentioned and they are; payoff is known, payoff is approximately
known and payoff is not known when considering both the players.
Thus one of the mentioned forms of security games has been
utilized for better end to end messaging. Because of no end-to-end
connections in VANET, nodes utilize the chance and starts to forward
messages in order to make end-to-end messaging efficient. Thus it is
important that nodes must have motivation to forward messages to others.
Tingting Chen et al (2010) presented a study to activate message forwarding
in VANETs and the approach depends on coalitional game theory. The
incentive method controls the storage space that contains the details of each
node. The architecture of the incentive method is designed first and a payoff
allocation technique is introduced which is utilized in the incentive method.
The incentive method formed using payoff allocation gave a solution for the
cheating of inter-vehicle communication of incentive method with errors.
Security can also be employed in VANET with the usage of
cryptography schemes which may provide better results. In Vehicular Ad-hoc
Networks (VANETs) for secure data broadcasting, solutions are to be
employed and for that robust cryptography methods are used. It is used better
than more lightweight, trust-based methods because they face severe
problems such as illusion, collusion and Sybil attacks. Esther Palomar
et al (2011) presented a paper that shows the possibility to hinder the diffusion
of false warning events in VANETs. It reduces the amount of messages a node
can transfer within a specified time period by applying well-known
cryptographic techniques. The proposed method depends on two easy
concepts in order to provide accountability and to conflict with spam and
denial of service attacks. They use certificates and Proof-of-Work (POW)
systems correspondingly. The method also provides an effective non-
66
repudiation confirmation for diverse types of dishonest behavior of nodes
within a VANET.
2.5 RESEARCH GAP
In Distributed Certificate Service (DCS) method the only drawback
is that the revocation problem is to be considered and solved. Mostly the
security problem is due to the revocation of misbehaving vehicles. Steps are
to be taken for the avoidance of malicious vehicles from risking the safety of
other vehicles. The other issue in wireless networks is that security is to be
provided for the received messages with respect to their correctness degree
and activate the revocation process for a misbehaving vehicle that is
transmitting malicious messages.
A better solution for Vampire attacks during the topology discovery
phase is not found as well as handling mobile networks are also to be
considered. The cut around sink attack is a most crucial attack which is
disturbed by the adversary, so steps are to be taken to address these attacks.
Unobservable Secure On-Demand Routing (USOR) protocol is employed to
provide security from attacks, but the downside is that USOR is still affected
by wormhole attacks, black hole attacks and DoS attacks which is a
challenging task.
The deployment cost will be mostly high and it has to be minimized
to get the expected performance by expanding the infrastructure nodes. An
efficient way has to be found for better data forwarding in vehicular networks.
The location or position is also affected greatly by VANET. Location based
security is also to be provided for secure VANET and it has been provided by
earlier method but the downsides in that are; attackers normally launches
some Sybil attacks whenever the radars sight is blocked.
67
The Nash equilibrium routing is an active method; but it takes
numerous iterations to converge which is its drawback. Achieving higher
connectivity is still a great problem because large resources are accompanied
and deployment errors can disturb the connectivity severely. The major
drawback in vehicular sensor network is that when an attacker proposes noise
to reproduce a noisy channel, it further affects the sensing process and that
leads to mistaken threshold. The downside in P2DAP is that the ratio and
activities of mischievous vehicles are not predicted.
2.6 CONTRIBUTIONS OF THESIS
Security lacks in VANET because of the attack, and hence effective
method has to be proposed to provide a secure VANET. Thus, in our proposed
method security is provided based on game theoretic approach. The Heuristic-
based Ant Colony Optimization technique is proposed and it has greatly
improved the game theoretic approaches for VANET security. The centrality
measures are employed in security games in order to provide more security.
The attacker’s behavior is reduced by the usage of proposed technique.
Malicious nodes formation is minimized and the method produced a good
network.
Nash equilibrium along with MC (Markov Chains) is the presented
method to upgrade the game theoretic model for security related issues in
VANET. The security issues are greatly reduced because the Nash equilibrium
performs efficiently which depends on game theory. The Nash equilibrium in
the proposed method involves less iteration for convergence. The ratio and
activities of mischievous nodes are also found which provided an efficient
result by producing minimized delay and overhead because the ratio of the
attacker was known.
68
A new method for providing security is introduced and it consists of
a skeleton for mode analysis modules using which the effectiveness and trust
of the vehicle is determined in road network path. Three statuses are denoted
by the model and provided it effectively; they are reliable, unreliable and
impartial vehicles. The misbehavior of the opponents involved in the game is
identified and avoided by the proposed method. The scheme combines both
the heuristic based ant-colony optimization and Nash Equilibrium integrated
Markov Chain for the enhancement of the VANET security. Thus security is
provided for VANET by using the proposed method which is based on game
theoretic approach and they are efficiently secure.