of 35
8/13/2019 project model document
1/35
1
CHAPTER 1
INTRODUCTION
Inter vehicular communication lies at the core of a number of industry and
academic research initiatives that aim at enhancing the safety and efficiency of
transportation systems. Vehicular ad hoc networks (VANETs enable vehicles to
communicate with each other and with roadside units (!"#s . "ervice oriented vehicular
networks are special types of VANETs that support diverse infrastructure$based
commercial services% including Internet access% real$time traffic management% video
streaming% and content distribution. &any forms of attacks against service$oriented
VANETs that attempt to threaten their security have emerged. The most important issue
is to select a forwarding path with the smallest packet delivery delay. To keep the low
data transmission delay% VA'' protocol transmits packets through wireless channels as
much as possible% and if the packet has to be carried through roads% the road with higher
speed is chosen firstly. VA'' protocol assumes that vehicles are e uipped with pre$
loaded digital maps% which provide street$level map and traffic statistics such as traffic
density and vehicle speed on roads at different times of the day. According to theinformation provided by digital maps% VA'' protocol proposed a delay model to
estimate the data delivery delay.
Traffic safety is a prime challenge that has to be addressed by automotive
industries% governments and other concerned entities. According to reports by )orld
health *rgani+ation (),* about - of death toll is caused by traffic accidents in some
industriali+ed countries.
Traffic /ams are still costing many work commuters a considerable part of their
golden time. All these have initiated both academia and industries to put their effort on
tackling the problems related with traffic safety. *n top of traffic safety% offering services
such as in$vehicle internet access% traffic information% entertainment% payment services
and many more services% to increase the drivers0 driving e1perience is also envisioned by
these research efforts.
8/13/2019 project model document
2/35
2
Traffic accidents usually happen as the driver is not able to determine road
situations and take appropriate actions in real$time. &ostly drivers do not have a
complete picture about road conditions at given instance and they will make decisions
such as breaking and lane changing in the absence of full information. This in turn is themain cause for accident occurrence.
!eal time communication among vehicles and road$side units can help the driver
to have full information on road conditions and this will enhance traffic safety and
efficiency. A vehicular ad hoc network (VANET is a network that enables real$time
communication betIen vehicles and road$side units.
VANET is an enabling technology for Intelligent Transportation "ystems (IT"s .
A typical VANET network comprises an on$board unit (*2# installed on each vehicle%
road$side units (!"# deployed along the roads and trusted authority (TA that control
the network.
TAs usually has many application servers at the backend of the network. The
*2#s and !"#s communicate over the wireless channel using the 'edicated "hort
!ange 3ommunications ('"!3 protocol.
*n the other hand% the !"#s% TA% and the application servers can communicate
using secure fi1ed network such as the Internet.4I' in VANETs is a ma/or challenge that
should be solved before deploying VANETs across the roads and highways. VANET
inherits all of the challenges that are present in traditional 4I' system but at the same
time it brings a new set of challenges that are uni ue to it. A typical 4I' should offer
privacy% pseudonym management% and effective identity life cycle management.
In literature% there are many 4I' proposals for VANETs. ,oIver% most of the
proposals only offer the basic security re uirements for VANETs5 confidentiality%
integrity and availability.In this thesis% a novel 4I' architecture for VANETs 6 this
architecture satisfies the security and privacy re uirements such as authentication%anonymity% unlink ability% and traceability. This proposal is unlike other proposals% makes
a distinction betweeen the identity of a vehicle and a driver. The I4 &ultimedia
"ubsystem(I&" and *pen I' are the main cornerstones of this architecture.
8/13/2019 project model document
3/35
3
1.1 Communication Patterns In VANETs
The communication patterns in VANETs are of five categories. Their
classification is generic and independent of the employed underlying communication
technology. ,ere the brief presentation of these communication patterns.
Beaconing
2eaconing is a periodic transmission of packets as a link layer broadcast to nearby
vehicles or road$side units. The purpose of beaconing is to inform all neighboring nodes
about the current status such as position% speed and heading direction of the sending
vehicle. 2eaconing is typically a single hop communication and thus the packets are not
forwarded.
Geo- roa!casting
It is a communication mechanism that distributes information to a given
geographical region. The basic idea is to set the destination region and attach it to the
message to be sent. The sender then broadcasts the message to its neighbor. Every vehicle
that receives a geo broadcast message will forward the message.
Unicast
In certain cases a vehicle may want to send a message that is only destined to a
specific single vehicle or !"#. This is where the use of unicast messaging becomes
useful. 7or e1ample% Vehicular social network is one of the envisioned applications in
VANETs. The idea is to allow vehicles to form a trusted network. #nicast routing is
essential in this type of applications. The communication can be single hop if the
communicating parties are neighbors otherwise a proper routing mechanism is re uired to
deliver the message to the receiver.
A!"ance! In#ormation Dissemination
Information dissemination is one of the challenging tasks in VANETs as the
network topology changes more fre uently due to higher moving velocity of vehicles.
The main aim of this communication pattern is to ensure that vehicles that arrive late
8/13/2019 project model document
4/35
4
were unable to receive previous messages because of network partitioning get the
message. "ingle$hop broadcasts% store messages% and multiple forward is used in this
communication pattern.
Information Aggregation
In this communication pattern communicated data is processed and merged before
being forwarded. The main aim is to reduce overhead communication and to increase
reliability of the e1changed data. 7or some applications like traffic /am reporting
information aggregation results in better accuracy.
1.2 Security Threats in VANETs
Roa! $i!e Unit %R$U&
!"# is a static component that serves as a gateway to a VANET and also allows
connection to the Internet. It is involved in traffic associated Vehicle$to$!oadside
Infrastructure (V8I communication. !"#s are the main tools used by authori+ed
authorities to carry out some administrative tasks such as solving disputes.
Ve'ic(es or Users
The vehicles and the users are closely related in VANET conte1t. The relationship
between users and vehicles can come in three different roles. A given user may be an
owner% a driver or a passenger to the vehicle in uestion. #sually there is a many$to many
association between the vehicle and the user role% but at a given instant of time% only one
user is a driver.
It is worth mentioning that the driver role is more important than the others
because he9she is the one controlling the vehicle in the VANET. Each vehicle is e uipped
with a tamper resistant trusted component. This component can be installed during the
manufacturing process (for recent model vehicles and if the component is not installed
by the manufacturer% users can buy and install it later.
8/13/2019 project model document
5/35
5
Truste! Aut'orit) %TA&
TA is an essential entity in VANETs which provides identity for vehicles and
monitors the network. TA is responsible to solve any dispute that happens in the network.
It is not yet clear who should take the role of TA when VANET" are deployed to startoperation. There are many possible candidates for TA5 current road and transport
authorities% automobile manufacturers% trusted third parties or a combination of them
There are two main types of communication in VANETs5 Vehicle$to$Vehicle (V8V
communication and Vehicle$to$!oadside Infrastructure (V8I communication.
In V8V% a vehicle e1changes message with other vehicles. In V8V
communication% all the vehicles engaged in the communication are mobile. V8I
communication refers to a type of communication that involves !oad "ide #nits (!"#s .
This communication is usually used to get in contact with other networks such as
Internet. 7or V8I% technologies such as ):AN% '"!3% )i&A;% cellular and satellite
can be used. There are many possible attacks that an attacker can launch in VANETs.
They are as follows
Denial of Service (DoS)
'o" is a serious threat that is posed in VANETs. The main aim of this attack is to
overload the communication channel in order to disrupt the normal functioning of the
network. This in turn will prevent critical message from reaching to the desired party. The
conse uence of this attack can be catastrophic in VANETs as safety related message may
be prevented to reach to the vehicles and shown in 7igure
8/13/2019 project model document
6/35
6
1.3 Background On Openid
*pen I' is one of the several identity management solutions for the web which
supports single$sign on (""* . Its openness and fle1ibility accelerated its widespread
adaptation. According to *penI'.net% there are over one billion *penI' enabled user
accounts and over =>%>>> websites which support *penI' based authentication .
&oreover% many organi+ations such as ?oogle% @ahoo% A*:% Verisign% 4aypal%
I2&% &icrosoft serve as *penI' providers. In this chapter I aim to provide an insight for
the reader on the basics of *penI' as *penI' is later used in my proposal.
OpenID Identifier
An *penI' Identifier is a uni ue string in the *penI' domain that serves as an
identifier for the user to get an access to *penI'$enabled Ib site. The identifier is usually
represented in the form of the form of an ,TT4 or ,TT4" #!: as shown in 7igure B.
The ,TT4" #!: is preferable as it strengths the security of *penI'.
*penI' has an interesting feature that enables users to use their e1isting Ib site
address that they own as an *penI' identifier. #sers can also use any #!: that they
control as their *penI' identifier. A user% without an e1isting #!: under his control% can
sign up for an *penI' identifier with an *penI' Identity 4rovider (*4 . There are many*penI' Identity 4roviders (*4s that let users to have their own *penI' identifier free
of charge.
Actually% most users have an *penI' already and they might not be even aware of
it. This is because both ?oogle and @ahoo serve as an *penI' Identity 4rovider (*4 .
?oogle and @ahoo have a large user base among the estimated billion *penI'$enabled
users.
Entities
In the *penI' framework% I can identify three involved parties5 End user% *penI'
Identity 4rovider (*4 and !elying 4arty (!4 . The end user (# re uests a service from
the !elying 4arty (!4 and *penI' Identity 4rovider (*4 offers the re uired identity
information about the user to the !elying party (!4 .
8/13/2019 project model document
7/35
7
End User
The end user is the human user who has one or more *penI' identities. The user
is responsible for creating% managing and maintaining his *penI' identity. The user first
needs to contact the *penI' Identity 4rovider (*4 in order to get an *penI' identifier.
The *4 may re uire the user to present a credential such as a password. @et% password is
not strong level of assurance.
"ome service providers may not need high level of assurance. 7or e1ample% a
news website may not re uire a high level of assurance about the user from the *penI'
Identity 4rovider (*4 . #sually user name and password authentication and simple
registration method is ade uate for the purpose. ,owever% if I take an electronic votingservice run by a certain state% I can apparently observe that a high level of assurance is
needed.
The organi+ation who is running the election wants to have a very high
confidence in the voter0s identity. The degree of level of assurance is determined by the
method used in the registration phase. This implies that *penI' needs a strong
registration phase in order to be used in critical services like electronic voting.
User Agent
Any Internet browser that supports ,TT49 . protocol can serve as a user agent.
The user agent functions on behalf of the user and it takes care of re uests% responses and
redirects between the relying party (!4 and *penI' Identity 4rovider (*4 .
Re()ing Part)
The !elying 4arty (!4 offers services to users but it mandates them to
authenticate themselves using the *penI' protocol before allowing them to get the
services. The term service provider ("4 is common but *penI' standard opted to use the
term !elying 4arty (!4 instead. #pon receiving the *penI' identifier% the !4 discovers
the *4 and redirects the #A to the *4 for authentication.
8/13/2019 project model document
8/35
8
O*enID I!entit) Pro"i!er
The *penI' Identity 4rovider (*4 is an identity provider which provides an
identity to the end user. It is important that the *4 is trusted by both end users and relying
parties. A user can maintain multiple *penI' identities with a given *4. The *4 isresponsible to authenticate a user with a given *penI' identifier and must provide
assertions when re uested by an !4.
Initiation
This is a step in which the user transfers its identifier to the relying party. This
step signals the starting of the login process. A user opens the website of an *penI'
enabled service provider (!4 and passes his *penI' identifier instead of credentials
such as user name and password.
Norma(i+ation,Disco"er)
This is a step in which the relying party changes the *penI' identity entered by
the user to a standardi+ed form. The !4 also e1tracts information from the entered
*penI' identifier and learns which *penI' provider is responsible to process the
re uest. The !4 first normali+es the identifier entered by the user . The prime purpose of
the normali+ation is to avoid any irregularities that the user might have included with theinput entered. *nce the normali+ation process is completed the !4 will continue to the
discovery process. In this process% all information needed for creating authentication
re uest is collected from the claimed identifier.
Association Negotiation
This is an optional step that creates a secured communication channel between
relying party and *penI' provider. !4 and *4 agree on a shared secret that is later used
for digital signature generation and verification. Thus step enables the integrity of the
e1changed subse uent *penI' messages. If a !4 does not support creating or saving
associations% another mode called CstatelessD is employed. In this mode% the *4 generates
its own private secret for signing *penI' messages. The !4 later checks *penI'
messages received from *4 to verify
8/13/2019 project model document
9/35
9
CHAPTER
ITERATURE $URVE/
.1 Pa*er tit(es an! Descri*tion
.1.1 Bis0as.$ 2isic.3 an! 2isic.3 4ID- ase! sa#et) message aut'entication #or
securit) an! trust in "e'icu(ar net0or5s 6 in Procee!ings. 71st ICDC$8
2innea*o(is 2N 3une. 911 *age num er. 7 7:771.
Vehicular ad hoc network (VANET can offer various services and benefits to
users and thus deserves deployment effort. Attacking and misusing such network could
cause destructive conse uences. It is therefore necessary to integrate security
re uirements into the design of VANETs and defend VANET systems against
misbehavior% in order to ensure correct and smooth operations of the network.
In this paper% a security system for VANETs to achieve privacy desired by
vehicles and traceability re uired by law enforcement authorities% in addition to satisfying
fundamental security re uirements including authentication% non repudiation% message
integrity% and confidentiality. &oreover% I propose a privacy$preserving defense techni uefor network authorities to handle misbehavior in VANET access% considering the
challenge that privacy provides avenue for misbehavior.
The proposed system employs an identity$based cryptosystem where certificates
are not needed for authentication. The fulfillment and feasibility of my system with
respect to the security goals and efficiency. The VANET security system mainly
achieving privacy% traceability% non frameability% and privacy preserving defense against
misbehavior. These functionalities are reali+ed by the pseudonym$based techni ue% the
threshold signature% and the threshold authentication based defense scheme. The I'$based
cryptosystem facilitates us to design communication and storage efficient schemes.
Through security and efficiency analysis% my system is shown to satisfy the predefined
security ob/ectives and desirable efficiencies. &y future work consists of simulating the
proposed security system and e1perimenting it in real VANET settings.
8/13/2019 project model document
10/35
10
As a final remark% I point out that the characteristics of VANET systems
determine that communication efficiency is the foremost performance indicator% among
all the efficiency concerns. The reason is that vehicles% as the mobile devices in VANETs%
are capable of intensive data storage and comple1 computation tasks% rendering there uirements for storage and computation efficiency less stringent.
*n the other hand% communication overhead will be overwhelming if inefficient
design is carried out% due to potentially large user base (i.e.% vehicles in VANETs.
Through the analysis of my system and those based on conventional 4 I% I particularly
demonstrate the promising performance regarding communication efficiency of my
design built on I'$based cryptosystem.
.1. E( A(i.; an! Ducm)t'ia(.B 4A (ig't arc'itecture #or o**ortunistic "e'ic(e-to-
in#rastructure communications 6 in Procee!ing. 2o i8ac Bo!rum Tur5e)
Octo er. 919 *age num er.
8/13/2019 project model document
11/35
11
3onditional transmissions is a kind of routing where logical conditions replace
addresses . A message is sent by the module responsible of conditional transmissions with
two conditions namely% 3#4 and 37) . )hen receiving a message% if 3#4 is true% the
message is trans$ mitted to the upper layer. If 37) is true% the message is forwarded tonearby cars.
2y dynamically evaluating conditions at receptions% the protocol accommodates
better to the dynamic than other protocols relying on addresses (including geographical
ones . All sorts of logical conditions can be used (including conditions testing eventual I4
or geographical addresses . 2ut the most interesting conditions deal with distance%
duration% tra/ectory correlation (allowing to determining whether the receiving car
follows the sender or not . 3onditional transmissions Ire implemented as an Air$ plug
compatible application called ,*4 which has been studied in Network "imulator and
tested on the road.
7or needs of my architecture% I have completed this application to make it accept
particular messages that will inform about certain keywords to be considered true while
evaluating conditions (these messages will not be accepted unless they come from local
applications to the vehicle . This way% the ?T) application (present on each vehicle
sends periodically such messages to ,*4% to warn about the presence of F? networks
(keyword F? or )i7i hot spots (keyword F? .
.1.7 auren!eau.C an! Bar eau.2 4T'reats to securit) in D$RC,8AVE 6 in
Procee!ings ADHOC-NO8 99< "o(ume num er >19> *age num er
8/13/2019 project model document
12/35
12
,ere an analysis of possible threats to traffic monitoring system is presented using
the European Telecommunications "tandards InstituteGs (ET"IGs methodology and
threats that pose the most significant risk to the system are identified. Necessary security
services that satisfy the systemGs security ob/ectives are listed .This action may be createdby insider of the network which is a part of the routing path.
Almost all threats to the routing protocol ("poofing% altering% or replaying routing
information% sinkhole% wormhole or attack may result to a malicious node to make itself
part of many routes. A simple form of this attack is when a malicious node behaves like a
black hole and refuses to forward every packet he sees. ,owever% such an attacker runs
the risk that neighboring nodes will conclude that she has failed and decides to seek
another route. A more subtle form of this attack is when an adversary selectively forwards
packets. 3onsidering this kind of attack may be mostly used to drop urgent packets%
rather than usual traffic data packets% the motivation of this attack is ranked as high.
The technical difficulty is solvable since it is theatrically possible. The impact on
the system is critical. Implicit acknowledgement and multi path routing are techni ues to
defense this attack. &ore efficient techni ue is to prevent a malicious node to become a
part of routing path by use of authentication techni ues and secure routing protocols.
?eographic routing protocols alone cannot defense this threat since the location
information of node is sub/ect to attack and change and cannot be trusted.
.1.> i.C.T H0ang.2. $ an! C'u./. P. 4A secure an! e##icient communication
sc'eme 0it' aut'enticate! 5e) esta (is'ment an! *ri"ac) *reser"ing #or "e'icu(ar
a! 'oc net0or5s 6 Com*ute. Commun. "o(ume num er 71 *age num er @97:
@1> 3u(). 99@
4rivacy and security should be paid much more attention in secure vehicular ad
hoc networks (VANETs . ,owever% as far as I know% few researches on secure VANETprotocols have addressed both the privacy issues and authenticated key establishment.
Therefore% in this work% a lightweight authenticated key establishment scheme with
privacy preservation to secure the communications between mobile vehicles and roadside
infrastructure in a VANET is proposed% which is called "E3"44.
8/13/2019 project model document
13/35
8/13/2019 project model document
14/35
14
A tailored tool chain allows to optimi+e the placement with respect to an
application$centric ob/ective function% based on travel time savings. 2y means of
simulation I assess the performance of the resulting traffic information system and the
optimi+ation strategy. I have presented an aggregation scheme for travel time data in roadnetworks. In order to disseminate information within a large network% aggregation is done
by means of a multilayer hierarchy of appro1imations of the road network. A landmark
based aggregation scheme distributes information about the travel times between
prominent points of the road network in order to build an abstract view of more distant
regions.
?iven this aggregation scheme% it then becomes possible to tackle a second big
issue in a VANET$based traffic information system5 how and where infrastructure should
be used in order to improve information dissemination over larger distances. I have
introduced an approach for optimi+ing the placement of networked roadside
infrastructure supporting units based on genetic algorithms.
2y a simulation methodology that separates movement and network issues from
application behavior it becomes possible to estimate the travel time savings achieved by a
given vector of active "# locations. Application$centric optimi+ation approach feasible. I
have confirmed the viability of this approach and assessed the achievable improvements
by applying it to a large$scale city VANET model.
.1.< 2ers'a!. an! Artai(.H 4$CORE Data sc'e!u(ing at roa!si!e units in
"e'ic(e a! 'oc net0or5s 6 in Procee!ings ICT 3ounie' e anon A*ri( 91 *age
num er 1:
8/13/2019 project model document
15/35
15
This system using ns8 simulation% and compare it to e1isting solutions. The results
demonstrate the feasibility and efficiency of my proposed scheme in terms of uery
delay% packet delivery ratio% and generated traffic. This paper presented !*A&E!% which
is part of a complete system being designed to provide car drivers and passengerspervasive access to needed data while on the road.
The evaluation of !*A&E! confirmed its effectiveness as compared to a recent
routing protocol for VANETs. *ngoing work is focusing on devising secure mechanisms
for registering users to the system of !"#s and designating them as pro1ies to Internet
"4s that provide data to these users. A preliminary design and implementation of such
mechanisms I published recently in 4lanned future work relates to designing bundling
methods for allowing !"#s to deliver the ma1imum amount of possibly heterogeneous
data to users.
.1.= 2o'an!as.B Na)a5.A Nai5. an! Goe(.N 4AB$RP A ser"ice !isco"er)
a**roac' #or "e'icu(ar a! 'oc net0or5s 6 in Procee!ings IEEE 7r! AP$CC /i(an
Tai0an Decem er 99@ *age num er. 1 ?9:1 ?>.
'ata communication on the roads is becoming further interesting% as the number
of vehicles e uipped with computing technologies and wireless communication devices
(*2# increase. !ecently VANET focuses on public safety% enhance driving and
infotainment applications which re uires lot more data e1change between vehicle and
!"#. )hen many vehicles want to access data from !"# or other vehicles% "ervice
scheduling becomes an important issue.
There are many messages which need to be broadcasted by !"# periodically like
traffic information% Iather information% dangerous features of road (sharp curve warning%
speed warning % etc. 2roadcasted messages must be received by the most of the vehicles
passing from the road is the main goal here. 7or achieving this goal what should be theappropriate time interval after which !"# broadcast the message is the main challenge.
In this paper% the problem of static periodic broadcast by !"#. This problem arises due to
the static broadcast time interval. In this work vehicle density% real time traffic and
deadline are the main concern for scheduling of periodic messages. I have tried to focus
8/13/2019 project model document
16/35
16
on the problem of static broadcast time interval (i.e. the time interval after which periodic
message will be broadcasted remains same throughout a day in the case of periodic
broadcast of non safety messages.
3onsider a road segment on which the traffic pattern is appro1imately sameduring all the days of a week in specific time interval of the day (i.e. traffic between >
am to .>> am is appro1imately same for all the days of a week . 7or this type of road
segment% if I want to broadcast any periodic message (i.e. traffic information% weather
information% dangerous features of road like sharp curve warning% speed warning
periodically then I needs to fi1 some time interval after which periodic messages should
be broadcasted by !"#.
To finali+e this time interval% I need to consider the vehicle which is moving from
this road segment with highest speed (low traffic time otherwise service ratio will be less
(i.e. less vehicles receive the message . 2ut if I set the broadcast time interval by
considering low traffic time (vehicle speed is high % in high traffic time (vehicle speed is
less vehicles will get the more number of duplicate messages and the message traffic
will be increased which can also affect the service ratio due to collision. "o% it was
concluded that for this type of road segments broadcast time interval should be set
dynamically for specific time interval of the day in place of statically which will
minimi+e number of duplicate messages and increase service ratio.
7or future work% I plan to implement the mechanism which will identify the traffic
pattern for all the time slots of the day (8- hours will be divided in 8- slots each of an
hour and then by taking average of that will finali+e the broadcast time interval
dynamically for each time slot. The mechanism should be fle1ible enough to handle the
situation of traffic increase or decrease by recalculating time interval according to traffic.
8/13/2019 project model document
17/35
17
.1.@ 2o'an!as.B Na)a5.A Nai5. an! Goe(.N 4AB$RP A ser"ice !isco"er)
a**roac' #or "e'icu(ar a! 'oc net0or5s 6 in Procee!ings IEEE 7r! AP$CC /i(an
Tai0an Decem er 99@ *age num er. 1 ?9:1 ?>.
Vehicular network is an emerging wireless network where vehicles and roadsideunits are the communicating nodes% which provides information with each other such as
safety warning% traffic information and the services available in region. There are
numerous service providers available in the network providing various services% vehicles
can get benefit from them. "ervice discovery protocols enable the vehicles to discover
service provider in their region of interest providing desired service.
The service discovery in other network such as mobile adhoc network cannot be
applied directly in vehicular network% due to its uni ue characteristics. "ervice discovery
in vehicular network must utili+e the available common resources in the network.Three
type of service discovery architectures are there5 infrastructure less% infrastructure based
and hybrid architecture. "ervice discovery enables to find services that satisfy the
passenger0s re uest. This paper deals with a study of various e1isting service discovery
protocols in the vehicular adhoc network. "ervice discovery is an active field of research
especially in the domain of vehicular adhoc network.
Vehicular network itself is also a demanding research area due to its wide range of
applications and contribution to intelligent transportation system. In this survey different
service discovery protocols for vehicular adhoc network I analy+ed. 'ue to the uni ue
nature of the vehicular network service discovery protocols used in other adhoc networks
are not suitable for this network.
3ompared to other service discovery protocols Jo":ocV"'4 shows better
performance by considering load balancing and service uality re uirement. 7or efficient
service discovery average response time of the service discovery protocol must be low
because of the high speed of the vehicle.
8/13/2019 project model document
18/35
18
.1.? Pa*a!imitratos.P Butt)an. Ho(c+er.T $c'oc'.E ;reu!ige.3 Ra)a.2 2a.
arg(.; ung.A an! Hu auF.3.P 4$ecure "e'icu(ar communication s)stems
Design an! arc'itecture 6 IEEE Communication 2aga+ine "o(ume >< no. 11 *age
num er 199:19? No"em er [email protected] concepts of memory$hard algorithms and se uential memory$hard functions%
and argue that in order for key derivation functions to be ma1imally secure against
attacks using custom hardware% they should be constructed from se uential memory$hard
functions.
A family of key derivation functions which% under the random oracle model of
cryptographic hash functions% are provably se uential memory$hard% and a variation
which appears to be marginally stronger at the e1pense of lacking provable strength.
7inally% some estimates of the cost of performing brute force attacks on a variety
of password strengths and key derivation functions. #nder the random oracle model% the
mi1ing function !*&i1, is se uential memory$hardK and it appears very likely that the
script key derivation function is also se uential memory$hard. 4roviding that no new
attacks on script or its underlying components are found% a brute$force attack on script is
many times harder than similar attacks on other key derivation functions.
.1.19 Vig'nes'.N.V a"ita.N Urs.$.R an! $am*a((i.$ 4A no"e( sen!er
aut'entication sc'eme ase! on 'as' c'ain #or "e'icu(ar a! 'oc net0or5s 6 in
Procee!ings IEEE I$8TA ang5a0i 2a(a)sia $e*tem er 911 *age num er ?
8/13/2019 project model document
19/35
19
)ithout the integration of strong and practical security and privacy enhancing
mechanisms% V3 systems could be disrupted even by relatively unsophisticated attackers.
This problem within the "eVe3om pro/ect% having developed a security architecture that
provides a comprehensive and practical solution.The results in a set of two papers in this issue. In this first one% analy+e threats
and types of adversaries% identify security and privacy re uirements% and present a
spectrum of mechanisms to secure V3 system and provide a solution that can be uickly
adopted and deployed. &y progress towards implementation of my architecture% along
with results on the performance of the secure V3 system% are presented in the second
paper and conclude with an investigation% based on current results% of upcoming elements
to be integrated in secure V3 architecture.
8/13/2019 project model document
20/35
20
CHAPTER 3
SYSTEM ANALYSIS
7.1. EFisting $)stem
)ith regard to actual e1perimentation on VANET security that was done by
several pro/ects and "afe "pot that most pro/ects focused on the security of safety
beacons or traffic messages. 7or e1ample% describes the types of applications whose
security re uirements Ire considered by "ecure vehicular communication ("eVe3om .
These applications vary from collisions to cruise control% including obstacles and work
+one warnings.
,ence% the security of data messages from "4s or web servers is not considered.
In addition% focuses on its security aspects on the security and privacy of messages and
users only in safety and traffic applications. According to % such applications re uire tight
deadlines for message delivery (less than >> ms . 7urthermore% the data e1changed in
these applications are usually not confidential.
7. Pro*ose! $)stem
A novel cryptographic function that enables users and !"#s to apply the re uired
security level of e1changed messages by ad/usting the number of iterations of the
function. To defend against privacy hacking and impersonation and make an !"# specify
for each user the ne1t encryption key and the ne1t pseudonym to use.
A set of encryption keys that are used to encrypt the ne1t packet from part of the
data in the current packet. In this paper% I argue that the security of users should be
accounted for% starting from the initial contact between a user and an !"#. ,ence% I
describe a web$based secure registration process that allows a user to create an accountwith !"#s. 'uring the registration% users provide all re uired information that enables
them to have the benefit of secure connectivity starting from the first packet that they
send to the !"#s. a novel cryptographic function that enables users and !"#s to apply
the re uired security level of e1changed messages by ad/usting the number of iterations
of the function.
8/13/2019 project model document
21/35
21
CHAPTER >
$/$TE2 DE$IGN
>.1 ist o# 2o!u(es
The modules used in the system are Architecture &odel
"ource &odel
4acket 7ormation 6 eys
&ulti hop links
'ata E1change
7ind Attacker
3ollision Avoidance
4erformance Evolution
>. 2o!u(e Descri*tion
Arc'itecture 2o!e(
Although the performance of safety applications in VANET has been intensively
studied recently% the focus has mainly been based on simulations without in$depth
mathematical analysis.
To properly design a wireless 3A system% it is essential to evaluate whether
vehicles located in the potentially dangerous +one are connected to VANET. )hen
vehicles are connected to VANET% the drivers can immediately receive emergency
messages. In such cases% drivers have more time to react to ha+ards.
8/13/2019 project model document
22/35
22
$ource 2o!e(
&y primary focus is on the linear sensor networks% in which the sensor nodes are
deployed in a linear topology.4ossible applications include sensor networks for bordersurveillance% highway trafLc monitoring% safeguarding railway tracks% oil and natural gas
pipeline protection% structural monitoring and surveillance of bridges and long hallways.
A sensor network can be deployed along the borderline or the boundary of a
restricted area. Any irregular activities will be monitored by sensor nodes and reported to
a control center. Another e1ample is to deploy sensors along a street to monitor trafLc
situations and9or parking violations.
7urthermore% oil industry spends hundreds of millions of dollars to protect oil
pipelines. 2uilding a sensor monitoring network along an oil pipeline can signiLcantly
improve the protection of oil pipelines and reduce cost. "uch a sensor network can also
be used to detect corrosion of pipelines when different types of sensors are used.
Pac5et ;ormation e)s
'ifferent communications protocols use different conventions for distinguishing
between the elements and for formatting the data. In 2inary "ynchronous Transmission%the packet is formatted in H$bit bytes% and special characters are used to delimit the
different elements.
*ther protocols% like Ethernet% establish the start of the header and data elements
by their location relative to the start of the packet."ome protocols format the information
at a bit level instead of a byte level. A good analogy is to consider a packet to be like a
letter.The header is like the envelope% and the data area is whatever the person puts
inside the envelope. A difference% however% is that some networks can break a larger
packet into smaller packets when necessary (note that these smaller data elements are still
formatted as packets . A network design can achieve two ma/or results by using packets5
error detection and multiple host addressing.
8/13/2019 project model document
23/35
23
2u(ti'o* (in5s
3ellular systems conventionally employ single hops between mobile units and the
base station. As cellular systems evolve from voice centric to data centric
communication% edge$of$cell throughput is becoming a significant concern.This problem is accentuated in systems with higher carrier fre uencies (more path loss
and larger bandwidth (larger noise power . A promising solution to the problem of
improving coverage and throughput is the use of relays.
"everal different relay technologies are under intensive investigation including
fi1ed relays (powered infrastructure e uipment that is not connected to the network
backbone % mobile relays (other users opportunistically agree to relay each othersM
packets % as Ill as mobile fi1ed relays (fi1ed relays that are mounted on buses or trains
and thus moving .There has been e1tensive research on multi$hop cellular networks the
last few years under the guise of relay networks or cooperative diversity.
The use of relays% though% impacts almost every aspect of cellular system design
and optimi+ation including5 scheduling% handoff% adaptive modulation% A!J% and
interference management. These topics are under intense investigation.
Data EFc'ange
)hen users register using the !"# website% they specify their personal details (i.e.%
name% address% and phone plus a username and password to use for authentication when
they connect to the !"# network from their vehicle. #sers also choose a default !"#%
which will save their account in its database.
E1amples of users0 interests are web pages% certain news% traffic information in
certain areas% and email messages (possibly from different email accounts . )hen they
later connect to the VANET% they send a ,ello packet to the nearest !"#% which will
notify their default !"#% which% in turn% retrieves their interests from its database and
collects the re uired data for them.
8/13/2019 project model document
24/35
24
;in! Attac5er
A Network Intrusion 'etection "ystem is used to monitor networks for attacks or
intrusions and report these intrusions to the administrator in order to take evasive action.A large server can be set up on a backbone network% to monitor all trafficK or smaller
systems can be set up to monitor traffic for a particular server% switch% gateway% or router.
Intrusion detection is needed in today0s computing environment because it is impossible
to keep pace with the current and potential threats and vulnerabilities in my computing
systems.
The environment is constantly evolving and changing field by new technology
and the Internet. Intrusion detection products are tools to assist in managing threats andvulnerabilities in this changing environment. Threats are people or groups who have the
potential to compromise your computer system.
These may be a curious teenager% a disgruntled employee% or espionage from a
rival company or a foreign government . Attacks on network computer system could be
devastating and affect networks and corporate establishments. I need to curb these attacks
and Intrusion 'etection "ystem helps to identify the intrusions. )ithout an % to monitor
any network activity% possibly resulting in irreparable damage to an organi+ation0snetwork.
Co((ision A"oi!ance
wireless communication can be leveraged to improve the performance of collision
avoidance applications. Ne1t% I propose an analytical model to provide the probability of
a rear$end collision between two vehicles traveling in the same direction when a sudden
braking situation occurs. "pecifically% the proposed model accommodates features
developed by traffic flow theory . The collision avoidance system is e1plained through a
twocar highway platoon e1ample. )ithout loss of generality% the vehicles are traveling at
a speed of km9hr (8= m9s and with an inter$vehicle spacing (headway of => m.
8/13/2019 project model document
25/35
25
CHAPTER
$/$TE2 $PECI;ICATION
.1 Har!0are $*eci#ication
"ystem 5 Intel core 8'uo,ard 'isk 5 B> ?2&onitor 5 = V?A colour&ouse 5 :ogitech.!A& 5 8=B &2
5.2 $o#t0are $*eci#ication
*9" 5 :inu19 !ed,at "erver"imulator 5 N"8
8/13/2019 project model document
26/35
26
CHAPTER % page number F8FQFF .
8O El Ali.7 and 'ucmythial.2% CA light architecture for opportunistic vehicle$to$infrastructure communications%D in 4roceedings. &obi)ac% 2odrum% Turkey% *ct. 8> >%page number. B>QBR.
FO :aurendeau.3 and 2arbeau.&% CThreats to security in '"!39)AVE%D in 4roceedingson.A',*3$N*)% 8>>B% volume number - >-% page number. 8BBQ8R 8% page number. QB.
RO &ohandas.2% Nayak.A% Naik. % and ?oel.N% CA2"!4 A service discoveryapproach for vehicular ad hoc networks%D in 4roceedings. IEEE Frd A4"33% @ilan%Taiwan% 'ecember 8>>H%page number . =Q =>Q >>H.
>O Vighnesh.N.V% avita.N% #rs.".!% and "ampalli."% CA novel sender authenticationscheme based on hash chain for vehicular ad hoc networks%D in 4roceedings on IEEEI")TA% :angkawi% &alaysia% "eptember. 8> % page number. .