Albert Held

Secure vehicular communication systems: implementation, performance, and research challenges

Vehicular communication systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. we discuss the design of a VC security system that has emerged as a result of the European SeVe-Com project. In this second article we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from todays simple prototypes to full-fledged systems.

Trust Issues for Vehicular Ad Hoc Networks

Characteristics and requirements of vehicular ad hoc networks (VANETs) differ quite significantly compared to standard ad hoc networks. Especially trust in VANETs is very important but still open issue, which will be addressed in this paper. We will describe, discuss and assess approaches and concepts that were proposed in ordinary fixed networks and mobile ad hoc networks and will show weak and strong spots. As basis for our considerations, we will describe a detailed automotive scenario, which relies on inter-vehicle communication for the exchange of safety relevant warning messages.

Modeling Roadside Attacker Behavior in VANETs

Communication using VANETs is commonly seen as the next milestone for improving traffic safety. Vehicles will be enabled to exchange any kind of information that helps to detect and mitigate dangerous situations. Security research in the past years has shown that VANETs are endangered by a plethora of severe security risk. Subject of this work is the modeling of attackers that target active safety applications in VANETs. Through a risk analysis, this work identifies assets, threats and potential attacks in inter-vehicle communication. The risk analysis shows that the most serious threat arises from a quasi-stationary (road-side) attacker that distributed forged warning messages. This attacker is discussed more deeply. We show the degrees of freedom that are available for position forging and find thereby two attacks that demand attention: single position forging having low effort compared to sophisticated movement path forging having a potentially high influence on road traffic safety.

An Agent Based Application for Personalized Vehicular Traffic Management

Traffic telematics applications, like road traffic management, operate in an extremely dynamic mobile computing environment. The Mobile Agent paradigm here becomes a promising alternative to the conventional client/server approach. In this article we evaluate the application of Mobile Agent Technology in the area of vehicular traffic management and introduce a general application partitioning model which facilitates the combination of asynchronous and autonomous operation, data filtering and scheduling in a user specific manner. A sample application and performance results are presented.

POSTER: Anomaly-based misbehaviour detection in connected car backends

As a novel way to protect connected cars, we are developing a Security Information and Event Management System (SIEM) called Security Management of Services in Connected Cars (SeMaCoCa) located in the backend of the connected car. For that we defined a connected car architecture and possible use cases which serve as a basis for the research. Using data from the connected cars and additional information, attacks on individual vehicles or fleets should be recognized. A combination of rule-based-, machine-learning-, deep learning-, real-time-based-, security-algorithms and algorithms for big data are used. Furthermore, we aim for a privacy-friendly solution that does not require the backend operator to have access to cleartext data. The new security system should be able to recognise misbehaviour under the conditions of a permanently growing number and variety of connected cars, upcoming services on the market and related constantly to changing user behavior. The challenge for the security system is, that under these conditions no stable system state exists, that the system can rely on. In this paper, we introduce the architecture of SeMaCoCa, user stories and the idea behind the approach of the system.

ProTACD: A Generic Privacy Process for Vehicle Development

The growth in information technology and connectivity has enabled a significant range of new functionalities in modern automobiles, such as telematics wireless interfaces via Wi-Fi. At the same time, the protection of privacy is becoming a major concern and questions are being raised regarding the need for current privacy concepts to be extended or even replaced by integrative and structured privacy approaches. This might be necessary to uncover isolated and unexpected privacy threats, e.g., tracking of multiple in-car wireless sensors. We identify the key challenges for privacy enforcement in the vehicles lifecycle and propose a generic, yet integrative, privacy process for vehicle development (ProTACD). The final decision to enforce and deploy privacy features in vehicular development requires several prerequisites to be provided by ProTACD. In this paper, we outline the phases and interactions of ProTACD, and discuss its general objectives and differences from other approaches.

An Integrative Approach for Measuring Privacy Impact of Identifiers in the Automotive Domain

Information technology is commonly used in automotive applications, and has introduced associated opportunities and threats. At the same time, the dissemination and use of certain privacy-sensitive data (i.e., identifying data) continues to increase, raising serious questions about privacy and anonymity. However, the effect of identifying data on privacy depends on various aspects, such as their basic structure. We propose that the preemptive assessment of privacy levels is a key factor for reliable privacy processes in vehicular development, extending the existing assessment during runtime. Thus, we identify a comprehensive and classified set of privacy indicators for identifiers, and explore the possible application of a single indicator by proposing privacy impact metrics that are based on entropy. We demonstrate the feasibility of our approach using a real dataset of vehicle identification numbers (VINs).

Towards an Identity-Based Data Model for an Automotive Privacy Process

Information technology has attracted considerable attention in modern automobiles for their promise of value-added services. Based on increasing connectivity and seamless integration of advanced functionality into vehicles, a new challenge is the development of holistic and standardized privacy approaches. So far, privacy has often been considered as a singular task, neglecting the impact of a holistic viewpoint on automotive data. In this paper we provide an identity-based data model, a way to define a structured and flexible view to the acquired vehicular data, i.e., identifying information. We develop the data model as a graph, provide a formal notation and demonstrate its application with an example. The proposed scheme of the model is of multiple uses and the formal notation shows to serve additional privacy features to our model, e.g., privacy risk assessment.

System Support and Applications for Mobile Computing

In future networks, mobile computers will become increasingly important. New portable computers and wireless communications technologies particularly enable mobile computing. Distributed, mobile applications allow information access anywhere, anytime. Mobility (in the sense of location independence) and adequate information support are no longer opposites but are supported simultaneously.

Mobile Computing - Komponenten, Systemintegration, Anwendungen

Durch Mobile Computing kann von jedem Ort und zu jeder Zeit auf beliebige Informationen zugegriffen, diese weiterverarbeitet oder verteilt werden. Kleine aber dennoch leistungsfähige, tragbare Rechner, die durch drahtlose Kommunikationssysteme vernetzt werden, ermöglichen Mobile Computing. Außerdem sind wichtige Probleme bei der Systemintegration zu lösen, um Mobile-Computing-Anwendungen zu ermöglichen.