project model document

8/13/2019 project model document

1/35

1

CHAPTER 1

INTRODUCTION

Inter vehicular communication lies at the core of a number of industry and

academic research initiatives that aim at enhancing the safety and efficiency of

transportation systems. Vehicular ad hoc networks (VANETs enable vehicles to

communicate with each other and with roadside units (!"#s . "ervice oriented vehicular

networks are special types of VANETs that support diverse infrastructure$based

commercial services% including Internet access% real$time traffic management% video

streaming% and content distribution. &any forms of attacks against service$oriented

VANETs that attempt to threaten their security have emerged. The most important issue

is to select a forwarding path with the smallest packet delivery delay. To keep the low

data transmission delay% VA'' protocol transmits packets through wireless channels as

much as possible% and if the packet has to be carried through roads% the road with higher

speed is chosen firstly. VA'' protocol assumes that vehicles are e uipped with pre$

loaded digital maps% which provide street$level map and traffic statistics such as traffic

density and vehicle speed on roads at different times of the day. According to theinformation provided by digital maps% VA'' protocol proposed a delay model to

estimate the data delivery delay.

Traffic safety is a prime challenge that has to be addressed by automotive

industries% governments and other concerned entities. According to reports by )orld

health *rgani+ation (),* about - of death toll is caused by traffic accidents in some

industriali+ed countries.

Traffic /ams are still costing many work commuters a considerable part of their

golden time. All these have initiated both academia and industries to put their effort on

tackling the problems related with traffic safety. *n top of traffic safety% offering services

such as in$vehicle internet access% traffic information% entertainment% payment services

and many more services% to increase the drivers0 driving e1perience is also envisioned by

these research efforts.


2/35

2

Traffic accidents usually happen as the driver is not able to determine road

situations and take appropriate actions in real$time. &ostly drivers do not have a

complete picture about road conditions at given instance and they will make decisions

such as breaking and lane changing in the absence of full information. This in turn is themain cause for accident occurrence.

!eal time communication among vehicles and road$side units can help the driver

to have full information on road conditions and this will enhance traffic safety and

efficiency. A vehicular ad hoc network (VANET is a network that enables real$time

communication betIen vehicles and road$side units.

VANET is an enabling technology for Intelligent Transportation "ystems (IT"s .

A typical VANET network comprises an on$board unit (*2# installed on each vehicle%

road$side units (!"# deployed along the roads and trusted authority (TA that control

the network.

TAs usually has many application servers at the backend of the network. The

*2#s and !"#s communicate over the wireless channel using the 'edicated "hort

!ange 3ommunications ('"!3 protocol.

*n the other hand% the !"#s% TA% and the application servers can communicate

using secure fi1ed network such as the Internet.4I' in VANETs is a ma/or challenge that

should be solved before deploying VANETs across the roads and highways. VANET

inherits all of the challenges that are present in traditional 4I' system but at the same

time it brings a new set of challenges that are uni ue to it. A typical 4I' should offer

privacy% pseudonym management% and effective identity life cycle management.

In literature% there are many 4I' proposals for VANETs. ,oIver% most of the

proposals only offer the basic security re uirements for VANETs5 confidentiality%

integrity and availability.In this thesis% a novel 4I' architecture for VANETs 6 this

architecture satisfies the security and privacy re uirements such as authentication%anonymity% unlink ability% and traceability. This proposal is unlike other proposals% makes

a distinction betweeen the identity of a vehicle and a driver. The I4 &ultimedia

"ubsystem(I&" and *pen I' are the main cornerstones of this architecture.


3/35

3

1.1 Communication Patterns In VANETs

The communication patterns in VANETs are of five categories. Their

classification is generic and independent of the employed underlying communication

technology. ,ere the brief presentation of these communication patterns.

Beaconing

2eaconing is a periodic transmission of packets as a link layer broadcast to nearby

vehicles or road$side units. The purpose of beaconing is to inform all neighboring nodes

about the current status such as position% speed and heading direction of the sending

vehicle. 2eaconing is typically a single hop communication and thus the packets are not

forwarded.

Geo- roa!casting

It is a communication mechanism that distributes information to a given

geographical region. The basic idea is to set the destination region and attach it to the

message to be sent. The sender then broadcasts the message to its neighbor. Every vehicle

that receives a geo broadcast message will forward the message.

Unicast

In certain cases a vehicle may want to send a message that is only destined to a

specific single vehicle or !"#. This is where the use of unicast messaging becomes

useful. 7or e1ample% Vehicular social network is one of the envisioned applications in

VANETs. The idea is to allow vehicles to form a trusted network. #nicast routing is

essential in this type of applications. The communication can be single hop if the

communicating parties are neighbors otherwise a proper routing mechanism is re uired to

deliver the message to the receiver.

A!"ance! In#ormation Dissemination

Information dissemination is one of the challenging tasks in VANETs as the

network topology changes more fre uently due to higher moving velocity of vehicles.

The main aim of this communication pattern is to ensure that vehicles that arrive late


4/35

4

were unable to receive previous messages because of network partitioning get the

message. "ingle$hop broadcasts% store messages% and multiple forward is used in this

communication pattern.

Information Aggregation

In this communication pattern communicated data is processed and merged before

being forwarded. The main aim is to reduce overhead communication and to increase

reliability of the e1changed data. 7or some applications like traffic /am reporting

information aggregation results in better accuracy.

1.2 Security Threats in VANETs

Roa! $i!e Unit %R$U&

!"# is a static component that serves as a gateway to a VANET and also allows

connection to the Internet. It is involved in traffic associated Vehicle$to$!oadside

Infrastructure (V8I communication. !"#s are the main tools used by authori+ed

authorities to carry out some administrative tasks such as solving disputes.

Ve'ic(es or Users

The vehicles and the users are closely related in VANET conte1t. The relationship

between users and vehicles can come in three different roles. A given user may be an

owner% a driver or a passenger to the vehicle in uestion. #sually there is a many$to many

association between the vehicle and the user role% but at a given instant of time% only one

user is a driver.

It is worth mentioning that the driver role is more important than the others

because he9she is the one controlling the vehicle in the VANET. Each vehicle is e uipped

with a tamper resistant trusted component. This component can be installed during the

manufacturing process (for recent model vehicles and if the component is not installed

by the manufacturer% users can buy and install it later.


5/35

5

Truste! Aut'orit) %TA&

TA is an essential entity in VANETs which provides identity for vehicles and

monitors the network. TA is responsible to solve any dispute that happens in the network.

It is not yet clear who should take the role of TA when VANET" are deployed to startoperation. There are many possible candidates for TA5 current road and transport

authorities% automobile manufacturers% trusted third parties or a combination of them

There are two main types of communication in VANETs5 Vehicle$to$Vehicle (V8V

communication and Vehicle$to$!oadside Infrastructure (V8I communication.

In V8V% a vehicle e1changes message with other vehicles. In V8V

communication% all the vehicles engaged in the communication are mobile. V8I

communication refers to a type of communication that involves !oad "ide #nits (!"#s .

This communication is usually used to get in contact with other networks such as

Internet. 7or V8I% technologies such as ):AN% '"!3% )i&A;% cellular and satellite

can be used. There are many possible attacks that an attacker can launch in VANETs.

They are as follows

Denial of Service (DoS)

'o" is a serious threat that is posed in VANETs. The main aim of this attack is to

overload the communication channel in order to disrupt the normal functioning of the

network. This in turn will prevent critical message from reaching to the desired party. The

conse uence of this attack can be catastrophic in VANETs as safety related message may

be prevented to reach to the vehicles and shown in 7igure


6/35

6

1.3 Background On Openid

*pen I' is one of the several identity management solutions for the web which

supports single$sign on (""* . Its openness and fle1ibility accelerated its widespread

adaptation. According to *penI'.net% there are over one billion *penI' enabled user

accounts and over =>%>>> websites which support *penI' based authentication .

&oreover% many organi+ations such as ?oogle% @ahoo% A*:% Verisign% 4aypal%

I2&% &icrosoft serve as *penI' providers. In this chapter I aim to provide an insight for

the reader on the basics of *penI' as *penI' is later used in my proposal.

OpenID Identifier

An *penI' Identifier is a uni ue string in the *penI' domain that serves as an

identifier for the user to get an access to *penI'$enabled Ib site. The identifier is usually

represented in the form of the form of an ,TT4 or ,TT4" #!: as shown in 7igure B.

The ,TT4" #!: is preferable as it strengths the security of *penI'.

*penI' has an interesting feature that enables users to use their e1isting Ib site

address that they own as an *penI' identifier. #sers can also use any #!: that they

control as their *penI' identifier. A user% without an e1isting #!: under his control% can

sign up for an *penI' identifier with an *penI' Identity 4rovider (*4 . There are many*penI' Identity 4roviders (*4s that let users to have their own *penI' identifier free

of charge.

Actually% most users have an *penI' already and they might not be even aware of

it. This is because both ?oogle and @ahoo serve as an *penI' Identity 4rovider (*4 .

?oogle and @ahoo have a large user base among the estimated billion *penI'$enabled

users.

Entities

In the *penI' framework% I can identify three involved parties5 End user% *penI'

Identity 4rovider (*4 and !elying 4arty (!4 . The end user (# re uests a service from

the !elying 4arty (!4 and *penI' Identity 4rovider (*4 offers the re uired identity

information about the user to the !elying party (!4 .


7/35

7

End User

The end user is the human user who has one or more *penI' identities. The user

is responsible for creating% managing and maintaining his *penI' identity. The user first

needs to contact the *penI' Identity 4rovider (*4 in order to get an *penI' identifier.

The *4 may re uire the user to present a credential such as a password. @et% password is

not strong level of assurance.

"ome service providers may not need high level of assurance. 7or e1ample% a

news website may not re uire a high level of assurance about the user from the *penI'

Identity 4rovider (*4 . #sually user name and password authentication and simple

registration method is ade uate for the purpose. ,owever% if I take an electronic votingservice run by a certain state% I can apparently observe that a high level of assurance is

needed.

The organi+ation who is running the election wants to have a very high

confidence in the voter0s identity. The degree of level of assurance is determined by the

method used in the registration phase. This implies that *penI' needs a strong

registration phase in order to be used in critical services like electronic voting.

User Agent

Any Internet browser that supports ,TT49 . protocol can serve as a user agent.

The user agent functions on behalf of the user and it takes care of re uests% responses and

redirects between the relying party (!4 and *penI' Identity 4rovider (*4 .

Re()ing Part)

The !elying 4arty (!4 offers services to users but it mandates them to

authenticate themselves using the *penI' protocol before allowing them to get the

services. The term service provider ("4 is common but *penI' standard opted to use the

term !elying 4arty (!4 instead. #pon receiving the *penI' identifier% the !4 discovers

the *4 and redirects the #A to the *4 for authentication.


8/35

8

O*enID I!entit) Pro"i!er

The *penI' Identity 4rovider (*4 is an identity provider which provides an

identity to the end user. It is important that the *4 is trusted by both end users and relying

parties. A user can maintain multiple *penI' identities with a given *4. The *4 isresponsible to authenticate a user with a given *penI' identifier and must provide

assertions when re uested by an !4.

Initiation

This is a step in which the user transfers its identifier to the relying party. This

step signals the starting of the login process. A user opens the website of an *penI'

enabled service provider (!4 and passes his *penI' identifier instead of credentials

such as user name and password.

Norma(i+ation,Disco"er)

This is a step in which the relying party changes the *penI' identity entered by

the user to a standardi+ed form. The !4 also e1tracts information from the entered

*penI' identifier and learns which *penI' provider is responsible to process the

re uest. The !4 first normali+es the identifier entered by the user . The prime purpose of

the normali+ation is to avoid any irregularities that the user might have included with theinput entered. *nce the normali+ation process is completed the !4 will continue to the

discovery process. In this process% all information needed for creating authentication

re uest is collected from the claimed identifier.

Association Negotiation

This is an optional step that creates a secured communication channel between

relying party and *penI' provider. !4 and *4 agree on a shared secret that is later used

for digital signature generation and verification. Thus step enables the integrity of the

e1changed subse uent *penI' messages. If a !4 does not support creating or saving

associations% another mode called CstatelessD is employed. In this mode% the *4 generates

its own private secret for signing *penI' messages. The !4 later checks *penI'

messages received from *4 to verify


9/35

9

CHAPTER

ITERATURE $URVE/

.1 Pa*er tit(es an! Descri*tion

.1.1 Bis0as.$ 2isic.3 an! 2isic.3 4ID- ase! sa#et) message aut'entication #or

securit) an! trust in "e'icu(ar net0or5s 6 in Procee!ings. 71st ICDC$8

2innea*o(is 2N 3une. 911 *age num er. 7 7:771.

Vehicular ad hoc network (VANET can offer various services and benefits to

users and thus deserves deployment effort. Attacking and misusing such network could

cause destructive conse uences. It is therefore necessary to integrate security

re uirements into the design of VANETs and defend VANET systems against

misbehavior% in order to ensure correct and smooth operations of the network.

In this paper% a security system for VANETs to achieve privacy desired by

vehicles and traceability re uired by law enforcement authorities% in addition to satisfying

fundamental security re uirements including authentication% non repudiation% message

integrity% and confidentiality. &oreover% I propose a privacy$preserving defense techni uefor network authorities to handle misbehavior in VANET access% considering the

challenge that privacy provides avenue for misbehavior.

The proposed system employs an identity$based cryptosystem where certificates

are not needed for authentication. The fulfillment and feasibility of my system with

respect to the security goals and efficiency. The VANET security system mainly

achieving privacy% traceability% non frameability% and privacy preserving defense against

misbehavior. These functionalities are reali+ed by the pseudonym$based techni ue% the

threshold signature% and the threshold authentication based defense scheme. The I'$based

cryptosystem facilitates us to design communication and storage efficient schemes.

Through security and efficiency analysis% my system is shown to satisfy the predefined

security ob/ectives and desirable efficiencies. &y future work consists of simulating the

proposed security system and e1perimenting it in real VANET settings.


10/35

10

As a final remark% I point out that the characteristics of VANET systems

determine that communication efficiency is the foremost performance indicator% among

all the efficiency concerns. The reason is that vehicles% as the mobile devices in VANETs%

are capable of intensive data storage and comple1 computation tasks% rendering there uirements for storage and computation efficiency less stringent.

*n the other hand% communication overhead will be overwhelming if inefficient

design is carried out% due to potentially large user base (i.e.% vehicles in VANETs.

Through the analysis of my system and those based on conventional 4 I% I particularly

demonstrate the promising performance regarding communication efficiency of my

design built on I'$based cryptosystem.

.1. E( A(i.; an! Ducm)t'ia(.B 4A (ig't arc'itecture #or o**ortunistic "e'ic(e-to-

in#rastructure communications 6 in Procee!ing. 2o i8ac Bo!rum Tur5e)

Octo er. 919 *age num er.


11/35

11

3onditional transmissions is a kind of routing where logical conditions replace

addresses . A message is sent by the module responsible of conditional transmissions with

two conditions namely% 3#4 and 37) . )hen receiving a message% if 3#4 is true% the

message is trans$ mitted to the upper layer. If 37) is true% the message is forwarded tonearby cars.

2y dynamically evaluating conditions at receptions% the protocol accommodates

better to the dynamic than other protocols relying on addresses (including geographical

ones . All sorts of logical conditions can be used (including conditions testing eventual I4

or geographical addresses . 2ut the most interesting conditions deal with distance%

duration% tra/ectory correlation (allowing to determining whether the receiving car

follows the sender or not . 3onditional transmissions Ire implemented as an Air$ plug

compatible application called ,*4 which has been studied in Network "imulator and

tested on the road.

7or needs of my architecture% I have completed this application to make it accept

particular messages that will inform about certain keywords to be considered true while

evaluating conditions (these messages will not be accepted unless they come from local

applications to the vehicle . This way% the ?T) application (present on each vehicle

sends periodically such messages to ,*4% to warn about the presence of F? networks

(keyword F? or )i7i hot spots (keyword F? .

.1.7 auren!eau.C an! Bar eau.2 4T'reats to securit) in D$RC,8AVE 6 in

Procee!ings ADHOC-NO8 99< "o(ume num er >19> *age num er


12/35

12

,ere an analysis of possible threats to traffic monitoring system is presented using

the European Telecommunications "tandards InstituteGs (ET"IGs methodology and

threats that pose the most significant risk to the system are identified. Necessary security

services that satisfy the systemGs security ob/ectives are listed .This action may be createdby insider of the network which is a part of the routing path.

Almost all threats to the routing protocol ("poofing% altering% or replaying routing

information% sinkhole% wormhole or attack may result to a malicious node to make itself

part of many routes. A simple form of this attack is when a malicious node behaves like a

black hole and refuses to forward every packet he sees. ,owever% such an attacker runs

the risk that neighboring nodes will conclude that she has failed and decides to seek

another route. A more subtle form of this attack is when an adversary selectively forwards

packets. 3onsidering this kind of attack may be mostly used to drop urgent packets%

rather than usual traffic data packets% the motivation of this attack is ranked as high.

The technical difficulty is solvable since it is theatrically possible. The impact on

the system is critical. Implicit acknowledgement and multi path routing are techni ues to

defense this attack. &ore efficient techni ue is to prevent a malicious node to become a

part of routing path by use of authentication techni ues and secure routing protocols.

?eographic routing protocols alone cannot defense this threat since the location

information of node is sub/ect to attack and change and cannot be trusted.

.1.> i.C.T H0ang.2. $ an! C'u./. P. 4A secure an! e##icient communication

sc'eme 0it' aut'enticate! 5e) esta (is'ment an! *ri"ac) *reser"ing #or "e'icu(ar

a! 'oc net0or5s 6 Com*ute. Commun. "o(ume num er 71 *age num er @97:

@1> 3u(). 99@

4rivacy and security should be paid much more attention in secure vehicular ad

hoc networks (VANETs . ,owever% as far as I know% few researches on secure VANETprotocols have addressed both the privacy issues and authenticated key establishment.

Therefore% in this work% a lightweight authenticated key establishment scheme with

privacy preservation to secure the communications between mobile vehicles and roadside

infrastructure in a VANET is proposed% which is called "E3"44.


13/35


14/35

14

A tailored tool chain allows to optimi+e the placement with respect to an

application$centric ob/ective function% based on travel time savings. 2y means of

simulation I assess the performance of the resulting traffic information system and the

optimi+ation strategy. I have presented an aggregation scheme for travel time data in roadnetworks. In order to disseminate information within a large network% aggregation is done

by means of a multilayer hierarchy of appro1imations of the road network. A landmark

based aggregation scheme distributes information about the travel times between

prominent points of the road network in order to build an abstract view of more distant

regions.

?iven this aggregation scheme% it then becomes possible to tackle a second big

issue in a VANET$based traffic information system5 how and where infrastructure should

be used in order to improve information dissemination over larger distances. I have

introduced an approach for optimi+ing the placement of networked roadside

infrastructure supporting units based on genetic algorithms.

2y a simulation methodology that separates movement and network issues from

application behavior it becomes possible to estimate the travel time savings achieved by a

given vector of active "# locations. Application$centric optimi+ation approach feasible. I

have confirmed the viability of this approach and assessed the achievable improvements

by applying it to a large$scale city VANET model.

.1.< 2ers'a!. an! Artai(.H 4$CORE Data sc'e!u(ing at roa!si!e units in

"e'ic(e a! 'oc net0or5s 6 in Procee!ings ICT 3ounie' e anon A*ri( 91 *age

num er 1:


15/35

15

This system using ns8 simulation% and compare it to e1isting solutions. The results

demonstrate the feasibility and efficiency of my proposed scheme in terms of uery

delay% packet delivery ratio% and generated traffic. This paper presented !*A&E!% which

is part of a complete system being designed to provide car drivers and passengerspervasive access to needed data while on the road.

The evaluation of !*A&E! confirmed its effectiveness as compared to a recent

routing protocol for VANETs. *ngoing work is focusing on devising secure mechanisms

for registering users to the system of !"#s and designating them as pro1ies to Internet

"4s that provide data to these users. A preliminary design and implementation of such

mechanisms I published recently in 4lanned future work relates to designing bundling

methods for allowing !"#s to deliver the ma1imum amount of possibly heterogeneous

data to users.

.1.= 2o'an!as.B Na)a5.A Nai5. an! Goe(.N 4AB$RP A ser"ice !isco"er)

a**roac' #or "e'icu(ar a! 'oc net0or5s 6 in Procee!ings IEEE 7r! AP$CC /i(an

Tai0an Decem er 99@ *age num er. 1 ?9:1 ?>.

'ata communication on the roads is becoming further interesting% as the number

of vehicles e uipped with computing technologies and wireless communication devices

(*2# increase. !ecently VANET focuses on public safety% enhance driving and

infotainment applications which re uires lot more data e1change between vehicle and

!"#. )hen many vehicles want to access data from !"# or other vehicles% "ervice

scheduling becomes an important issue.

There are many messages which need to be broadcasted by !"# periodically like

traffic information% Iather information% dangerous features of road (sharp curve warning%

speed warning % etc. 2roadcasted messages must be received by the most of the vehicles

passing from the road is the main goal here. 7or achieving this goal what should be theappropriate time interval after which !"# broadcast the message is the main challenge.

In this paper% the problem of static periodic broadcast by !"#. This problem arises due to

the static broadcast time interval. In this work vehicle density% real time traffic and

deadline are the main concern for scheduling of periodic messages. I have tried to focus


16/35

16

on the problem of static broadcast time interval (i.e. the time interval after which periodic

message will be broadcasted remains same throughout a day in the case of periodic

broadcast of non safety messages.

3onsider a road segment on which the traffic pattern is appro1imately sameduring all the days of a week in specific time interval of the day (i.e. traffic between >

am to .>> am is appro1imately same for all the days of a week . 7or this type of road

segment% if I want to broadcast any periodic message (i.e. traffic information% weather

information% dangerous features of road like sharp curve warning% speed warning

periodically then I needs to fi1 some time interval after which periodic messages should

be broadcasted by !"#.

To finali+e this time interval% I need to consider the vehicle which is moving from

this road segment with highest speed (low traffic time otherwise service ratio will be less

(i.e. less vehicles receive the message . 2ut if I set the broadcast time interval by

considering low traffic time (vehicle speed is high % in high traffic time (vehicle speed is

less vehicles will get the more number of duplicate messages and the message traffic

will be increased which can also affect the service ratio due to collision. "o% it was

concluded that for this type of road segments broadcast time interval should be set

dynamically for specific time interval of the day in place of statically which will

minimi+e number of duplicate messages and increase service ratio.

7or future work% I plan to implement the mechanism which will identify the traffic

pattern for all the time slots of the day (8- hours will be divided in 8- slots each of an

hour and then by taking average of that will finali+e the broadcast time interval

dynamically for each time slot. The mechanism should be fle1ible enough to handle the

situation of traffic increase or decrease by recalculating time interval according to traffic.


17/35

17

.1.@ 2o'an!as.B Na)a5.A Nai5. an! Goe(.N 4AB$RP A ser"ice !isco"er)

a**roac' #or "e'icu(ar a! 'oc net0or5s 6 in Procee!ings IEEE 7r! AP$CC /i(an

Tai0an Decem er 99@ *age num er. 1 ?9:1 ?>.

Vehicular network is an emerging wireless network where vehicles and roadsideunits are the communicating nodes% which provides information with each other such as

safety warning% traffic information and the services available in region. There are

numerous service providers available in the network providing various services% vehicles

can get benefit from them. "ervice discovery protocols enable the vehicles to discover

service provider in their region of interest providing desired service.

The service discovery in other network such as mobile adhoc network cannot be

applied directly in vehicular network% due to its uni ue characteristics. "ervice discovery

in vehicular network must utili+e the available common resources in the network.Three

type of service discovery architectures are there5 infrastructure less% infrastructure based

and hybrid architecture. "ervice discovery enables to find services that satisfy the

passenger0s re uest. This paper deals with a study of various e1isting service discovery

protocols in the vehicular adhoc network. "ervice discovery is an active field of research

especially in the domain of vehicular adhoc network.

Vehicular network itself is also a demanding research area due to its wide range of

applications and contribution to intelligent transportation system. In this survey different

service discovery protocols for vehicular adhoc network I analy+ed. 'ue to the uni ue

nature of the vehicular network service discovery protocols used in other adhoc networks

are not suitable for this network.

3ompared to other service discovery protocols Jo":ocV"'4 shows better

performance by considering load balancing and service uality re uirement. 7or efficient

service discovery average response time of the service discovery protocol must be low

because of the high speed of the vehicle.


18/35

18

.1.? Pa*a!imitratos.P Butt)an. Ho(c+er.T $c'oc'.E ;reu!ige.3 Ra)a.2 2a.

arg(.; ung.A an! Hu auF.3.P 4$ecure "e'icu(ar communication s)stems

Design an! arc'itecture 6 IEEE Communication 2aga+ine "o(ume >< no. 11 *age

num er 199:19? No"em er [email protected] concepts of memory$hard algorithms and se uential memory$hard functions%

and argue that in order for key derivation functions to be ma1imally secure against

attacks using custom hardware% they should be constructed from se uential memory$hard

functions.

A family of key derivation functions which% under the random oracle model of

cryptographic hash functions% are provably se uential memory$hard% and a variation

which appears to be marginally stronger at the e1pense of lacking provable strength.

7inally% some estimates of the cost of performing brute force attacks on a variety

of password strengths and key derivation functions. #nder the random oracle model% the

mi1ing function !*&i1, is se uential memory$hardK and it appears very likely that the

script key derivation function is also se uential memory$hard. 4roviding that no new

attacks on script or its underlying components are found% a brute$force attack on script is

many times harder than similar attacks on other key derivation functions.

.1.19 Vig'nes'.N.V a"ita.N Urs.$.R an! $am*a((i.$ 4A no"e( sen!er

aut'entication sc'eme ase! on 'as' c'ain #or "e'icu(ar a! 'oc net0or5s 6 in

Procee!ings IEEE I$8TA ang5a0i 2a(a)sia $e*tem er 911 *age num er ?


19/35

19

)ithout the integration of strong and practical security and privacy enhancing

mechanisms% V3 systems could be disrupted even by relatively unsophisticated attackers.

This problem within the "eVe3om pro/ect% having developed a security architecture that

provides a comprehensive and practical solution.The results in a set of two papers in this issue. In this first one% analy+e threats

and types of adversaries% identify security and privacy re uirements% and present a

spectrum of mechanisms to secure V3 system and provide a solution that can be uickly

adopted and deployed. &y progress towards implementation of my architecture% along

with results on the performance of the secure V3 system% are presented in the second

paper and conclude with an investigation% based on current results% of upcoming elements

to be integrated in secure V3 architecture.


20/35

20

CHAPTER 3

SYSTEM ANALYSIS

7.1. EFisting $)stem

)ith regard to actual e1perimentation on VANET security that was done by

several pro/ects and "afe "pot that most pro/ects focused on the security of safety

beacons or traffic messages. 7or e1ample% describes the types of applications whose

security re uirements Ire considered by "ecure vehicular communication ("eVe3om .

These applications vary from collisions to cruise control% including obstacles and work

+one warnings.

,ence% the security of data messages from "4s or web servers is not considered.

In addition% focuses on its security aspects on the security and privacy of messages and

users only in safety and traffic applications. According to % such applications re uire tight

deadlines for message delivery (less than >> ms . 7urthermore% the data e1changed in

these applications are usually not confidential.

7. Pro*ose! $)stem

A novel cryptographic function that enables users and !"#s to apply the re uired

security level of e1changed messages by ad/usting the number of iterations of the

function. To defend against privacy hacking and impersonation and make an !"# specify

for each user the ne1t encryption key and the ne1t pseudonym to use.

A set of encryption keys that are used to encrypt the ne1t packet from part of the

data in the current packet. In this paper% I argue that the security of users should be

accounted for% starting from the initial contact between a user and an !"#. ,ence% I

describe a web$based secure registration process that allows a user to create an accountwith !"#s. 'uring the registration% users provide all re uired information that enables

them to have the benefit of secure connectivity starting from the first packet that they

send to the !"#s. a novel cryptographic function that enables users and !"#s to apply

the re uired security level of e1changed messages by ad/usting the number of iterations

of the function.


21/35

21

CHAPTER >

$/$TE2 DE$IGN

>.1 ist o# 2o!u(es

The modules used in the system are Architecture &odel

"ource &odel

4acket 7ormation 6 eys

&ulti hop links

'ata E1change

7ind Attacker

3ollision Avoidance

4erformance Evolution

>. 2o!u(e Descri*tion

Arc'itecture 2o!e(

Although the performance of safety applications in VANET has been intensively

studied recently% the focus has mainly been based on simulations without in$depth

mathematical analysis.

To properly design a wireless 3A system% it is essential to evaluate whether

vehicles located in the potentially dangerous +one are connected to VANET. )hen

vehicles are connected to VANET% the drivers can immediately receive emergency

messages. In such cases% drivers have more time to react to ha+ards.


22/35

22

$ource 2o!e(

&y primary focus is on the linear sensor networks% in which the sensor nodes are

deployed in a linear topology.4ossible applications include sensor networks for bordersurveillance% highway trafLc monitoring% safeguarding railway tracks% oil and natural gas

pipeline protection% structural monitoring and surveillance of bridges and long hallways.

A sensor network can be deployed along the borderline or the boundary of a

restricted area. Any irregular activities will be monitored by sensor nodes and reported to

a control center. Another e1ample is to deploy sensors along a street to monitor trafLc

situations and9or parking violations.

7urthermore% oil industry spends hundreds of millions of dollars to protect oil

pipelines. 2uilding a sensor monitoring network along an oil pipeline can signiLcantly

improve the protection of oil pipelines and reduce cost. "uch a sensor network can also

be used to detect corrosion of pipelines when different types of sensors are used.

Pac5et ;ormation e)s

'ifferent communications protocols use different conventions for distinguishing

between the elements and for formatting the data. In 2inary "ynchronous Transmission%the packet is formatted in H$bit bytes% and special characters are used to delimit the

different elements.

*ther protocols% like Ethernet% establish the start of the header and data elements

by their location relative to the start of the packet."ome protocols format the information

at a bit level instead of a byte level. A good analogy is to consider a packet to be like a

letter.The header is like the envelope% and the data area is whatever the person puts

inside the envelope. A difference% however% is that some networks can break a larger

packet into smaller packets when necessary (note that these smaller data elements are still

formatted as packets . A network design can achieve two ma/or results by using packets5

error detection and multiple host addressing.


23/35

23

2u(ti'o* (in5s

3ellular systems conventionally employ single hops between mobile units and the

base station. As cellular systems evolve from voice centric to data centric

communication% edge$of$cell throughput is becoming a significant concern.This problem is accentuated in systems with higher carrier fre uencies (more path loss

and larger bandwidth (larger noise power . A promising solution to the problem of

improving coverage and throughput is the use of relays.

"everal different relay technologies are under intensive investigation including

fi1ed relays (powered infrastructure e uipment that is not connected to the network

backbone % mobile relays (other users opportunistically agree to relay each othersM

packets % as Ill as mobile fi1ed relays (fi1ed relays that are mounted on buses or trains

and thus moving .There has been e1tensive research on multi$hop cellular networks the

last few years under the guise of relay networks or cooperative diversity.

The use of relays% though% impacts almost every aspect of cellular system design

and optimi+ation including5 scheduling% handoff% adaptive modulation% A!J% and

interference management. These topics are under intense investigation.

Data EFc'ange

)hen users register using the !"# website% they specify their personal details (i.e.%

name% address% and phone plus a username and password to use for authentication when

they connect to the !"# network from their vehicle. #sers also choose a default !"#%

which will save their account in its database.

E1amples of users0 interests are web pages% certain news% traffic information in

certain areas% and email messages (possibly from different email accounts . )hen they

later connect to the VANET% they send a ,ello packet to the nearest !"#% which will

notify their default !"#% which% in turn% retrieves their interests from its database and

collects the re uired data for them.


24/35

24

;in! Attac5er

A Network Intrusion 'etection "ystem is used to monitor networks for attacks or

intrusions and report these intrusions to the administrator in order to take evasive action.A large server can be set up on a backbone network% to monitor all trafficK or smaller

systems can be set up to monitor traffic for a particular server% switch% gateway% or router.

Intrusion detection is needed in today0s computing environment because it is impossible

to keep pace with the current and potential threats and vulnerabilities in my computing

systems.

The environment is constantly evolving and changing field by new technology

and the Internet. Intrusion detection products are tools to assist in managing threats andvulnerabilities in this changing environment. Threats are people or groups who have the

potential to compromise your computer system.

These may be a curious teenager% a disgruntled employee% or espionage from a

rival company or a foreign government . Attacks on network computer system could be

devastating and affect networks and corporate establishments. I need to curb these attacks

and Intrusion 'etection "ystem helps to identify the intrusions. )ithout an % to monitor

any network activity% possibly resulting in irreparable damage to an organi+ation0snetwork.

Co((ision A"oi!ance

wireless communication can be leveraged to improve the performance of collision

avoidance applications. Ne1t% I propose an analytical model to provide the probability of

a rear$end collision between two vehicles traveling in the same direction when a sudden

braking situation occurs. "pecifically% the proposed model accommodates features

developed by traffic flow theory . The collision avoidance system is e1plained through a

twocar highway platoon e1ample. )ithout loss of generality% the vehicles are traveling at

a speed of km9hr (8= m9s and with an inter$vehicle spacing (headway of => m.


25/35

25

CHAPTER

$/$TE2 $PECI;ICATION

.1 Har!0are $*eci#ication

"ystem 5 Intel core 8'uo,ard 'isk 5 B> ?2&onitor 5 = V?A colour&ouse 5 :ogitech.!A& 5 8=B &2

5.2 $o#t0are $*eci#ication

*9" 5 :inu19 !ed,at "erver"imulator 5 N"8


26/35

26

CHAPTER % page number F8FQFF .

8O El Ali.7 and 'ucmythial.2% CA light architecture for opportunistic vehicle$to$infrastructure communications%D in 4roceedings. &obi)ac% 2odrum% Turkey% *ct. 8> >%page number. B>QBR.

FO :aurendeau.3 and 2arbeau.&% CThreats to security in '"!39)AVE%D in 4roceedingson.A',*3$N*)% 8>>B% volume number - >-% page number. 8BBQ8R 8% page number. QB.

RO &ohandas.2% Nayak.A% Naik. % and ?oel.N% CA2"!4 A service discoveryapproach for vehicular ad hoc networks%D in 4roceedings. IEEE Frd A4"33% @ilan%Taiwan% 'ecember 8>>H%page number . =Q =>Q >>H.

>O Vighnesh.N.V% avita.N% #rs.".!% and "ampalli."% CA novel sender authenticationscheme based on hash chain for vehicular ad hoc networks%D in 4roceedings on IEEEI")TA% :angkawi% &alaysia% "eptember. 8> % page number. .

Date post:	04-Jun-2018
Category:	Documents
Upload:	athirayan
View:	222 times
Download:	0 times

project model document

Documents