Jyoti Grover

A novel defense mechanism against sybil attacks in VANET

Security is an important concern for many Vehicular Ad hoc Network (VANET) applications. One particular serious attack, known as Sybil attack, against ad hoc networks involves an attacker illegitimately claiming multiple identities. In this paper, we present a simple security scheme, based on the difference in movement patterns of Sybil nodes and normal nodes, for detecting Sybil nodes in VANET. Our approach is distributed in nature because all nodes contribute for detection of Sybil nodes in VANET and it scales well in an expanding network. In this approach, each Road Side Unit (RSU) calculates and stores different parameter values (Received Signal Strength, distance, angle) after receiving the beacon packets from nearby vehicles. The reason for choosing the angle as one of the parameters is that it will always be different for two vehicles (not moving side-by-side), even if they have same values for distance and received signal strength (RSS) with reference to a RSU. The combination of the parameters makes our detection approach highly accurate. After a significant observation period, these RSUs exchange their records and calculate the difference of the parameters. If some nodes have same values for the parameters during this observation period, these nodes are classified as Sybil nodes. Our preliminary simulation results show 99% accuracy and approximately 0.5% error rate, lower as compared to existing techniques.

A sybil attack detection approach using neighboring vehicles in VANET

Vehicular Ad Hoc Network (VANET) is vulnerable to many security threats. One severe attack is Sybil attack, in which a malicious node forges a large number of fake identities in order to disrupt the proper functioning of VANET applications. In this paper, a distributed and robust approach is presented to defend against Sybil attack. Proposed scheme localizes the fake identities of malicious vehicles by analyzing the consistent similarity in neighborhood information of neighbors of these fake identities. Beacon packets are exchanged periodically by all the vehicles to announce their presence and get aware of neighboring nodes. Each node periodically keep a record of its neighboring nodes. In proposed approach, each node exchange groups of its neighboring nodes periodically and perform the intersection of these groups. If some nodes observe that they have similar neighbors for a significant duration of time, these similar neighbors are identified as Sybil nodes. Proposed approach is able to locate Sybil nodes quickly without the requirement of secret information exchange and special hardware support. We evaluate our proposed approach on the realistic traffic scenario. Experiment results demonstrate that detection rate increases when optimal numbers of Sybil nodes are forged by the attacker.

Machine Learning Approach for Multiple Misbehavior Detection in VANET

The motivation behind Vehicular Ad Hoc Networks (VANETs) is to improve traffic safety and driving efficiency. VANET applications operate on the principle of periodic exchange of messages between nodes. However, a malicious node may transmit inaccurate messages to trigger inevitable situations. Each transmitted packet contains the status of sender like its identity, position and time of sending the packet in addition to safety message. A misbehaving node may tamper with any information present in the propagated packet. Fake messages may be created by attacker node itself or it may force another node to create fake messages. In this paper, we present a machine learning approach to classify multiple misbehaviors in VANET using concrete and behavioral features of each node that sends safety packets. A security framework is designed to differentiate a malicious node from legitimate node. We implement various types of misbehaviors in VANET by tampering information present in the propagated packet. These misbehaviors are classified based upon multifarious features like speed-deviation of node, received signal strength (RSS), number of packets delivered, dropped packets etc. Two types of classification accuracies are measured : Binary and Multi-Class. In Binary classification, all types of misbehaviors are considered to be in a single “misbehavior” class whereas, Multi-class classification is able to categorize misbehaviors into particular misbehaving classes. Features of packet sending nodes are extracted by performing experiments in NCTUns-5.0 simulator with different simulation scenario (varying the number of legitimate and misbehaving nodes). Proposed framework for classification of misbehavior is evaluated using WEKA. Our approach is efficient in classifying multiple misbehaviors present in VANET scenario. Experiment result shows that Random Forest and J-48 classifiers perform better compared to other classifiers.

Trust Establishment Techniques in VANET

Establishment of trust is amongst the most critical aspects of any system’s security. For any network, trust refers to a set of relationships amongst the entities participating in the network operations. Trust establishment plays a key role in prevention of attacks in VANET. The nodes involved in defense of the network against such attacks must establish mutual trust for the network to operate smoothly. It is a major challenge as a receiving node needs to ensure authenticity and trust-ability of the received messages before reacting to them. It is assumed that each node in a VANET is equipped with a trust system to take such decisions. There are two options for trust establishment (1) Based on static infrastructure, (2) Dynamic establishment of trust in a self organized manner. Trust based on static infrastructure is more efficient and robust than dynamic infrastructure. The only concern using static infrastructure is the unavailability of fixed infrastructure in some locations. The main objective of this paper is to describe various trust establishment approaches for VANET. If all the nodes establish trust with other nodes in VANET, probability of occurrence of attacks can be drastically reduced.

Misbehavior detection based on ensemble learning in VANET

Detection of misbehaviors in Vehicular Ad Hoc Networks (VANETs) using machine learning methods has not been investigated extensively. In VANET, an illegitimate vehicle may transmit inaccurate messages to trigger an un- avoidable situation. In this paper, we present an ensemble based machine learning approach to classify misbehaviors in VANET. The performance of classifiers used for classification depends on the induction algorithms. We exploit the strengths of different classifiers using an ensemble method that combines the results of individual classifiers into one final result in order to achieve higher detection accuracy. Proposed security framework to classify different types of misbehaviors is implemented using WEKA. Features of nodes participating in VANET are extracted by performing experiments in NCTUns-5.0 simulator with different simulation scenarios (varying the number of legitimate and misbehaving nodes). We evaluate ensemble method using five different base inducers (Naive Bayes, IBK, RF, J48, Adaboost(J48)). We also show that ensemble based approach is more efficient in classifying multiple misbehaviors present in VANET as compared to base classifiers used for classification.

Performance Evaluation and Detection of Sybil Attacks in Vehicular Ad-Hoc Networks

Vehicular Ad-hoc Networks (VANET) technology provides a fast, easy to deploy and an inexpensive solution for intelligent traffic control and traffic disaster preventive measure. In VANET, moving vehicles communicate using wireless technology. This communication can be used to divert traffic from congested or dysfunctional routes, to seek help in an emergency and to prevent accident escalation in addition to providing intelligent traffic control. However, an attacker can use the same system to spread false warning messages resulting in congestion on certain routes thereby leading to accidents or causing delay in providing help etc. One of the harmful attacks against VANET is Sybil attack, in which an attacker generates multiple identities to feign multiple nodes. In this paper, we present an implementation of simulated Sybil attack scenario in VANET and discuss its impact on network performance. A cooperative approach of Sybil attack detection, inferred through analysis of Sybil attack, is also presented.

Detection of incorrect position information using speed and time span verification in VANET

Security issues in Vehicular Ad-Hoc Networks (VANETs) are important because of its diverse implications in safety related and congestion avoidance applications. A critical security problem in VANET is injection of false data, i.e. an attacker propagates false information to disrupt the behavior of drivers. Most of VANET applications are time critical and depend on the reliable position information in the safety messages received from the neighboring nodes. Disseminating incorrect position information in the safety message has severe impact on the performance, reliability and security of VANET applications. In this paper, we propose a distributed solution to detect malicious nodes propagating incorrect position information. This solution is based on series of verifications such as acceptance range verification, maximum allowable speed check, maximum density check, speed consistency verification and time interval substantiation computed by fixed Road Side Units (RSUs). In this approach, each RSU performs some set of logical operations to validate the legitimacy of positions of nodes sending safety messages. We have evaluated the proposed approach in both simulated and realistic scenario. Experimental results prove the validity of the proposed detection approach.

Sybil attack detection in VANET using neighbouring vehicles

In vehicular ad hoc networks (VANETs), vehicles are enabled to exchange information to detect and mitigate critical situations. VANETs are vulnerable to many security threats. One severe attack is Sybil attack, in which a malicious node forges large number of fake identities in order to disrupt the proper functioning of VANET applications. Fake information reported by a single malicious vehicle may not be highly convincing because most of the VANET applications require several vehicles to reinforce a particular information before accepting as a truth. A Sybil attacker pretends multiple vehicles in order to reinforce false messages. Proposed methodology exploits the characteristics of Sybil nodes as the neighbours of fake identities (originated from a malicious node) share significant common neighbouring nodes. Motivation behind the design of proposed approach is to locate Sybil nodes quickly without using secret information exchange and special hardware support. We evaluate our proposed approach on the realistic traffic scenario.

Attack models and infrastructure supported detection mechanisms for position forging attacks in vehicular ad hoc networks

Vehicular ad hoc networks (VANETs) are vulnerable to message forging attacks, where an attacker creates a new message or replays/modifies an existing message. Forging of message can be carried out by attacker directly or indirectly through another vehicle. In VANETs, each vehicle periodically broadcasts short packets (beacons) with its identifier, time and current geographical position. In a position forging attack, an attacker broadcasts timely coordinated traffic warning messages with forged positions, producing illusion of an accident/traffic jam or an emergency braking. In this manner, VANET performance degrades in terms of channel utilization. It also severely impact the performance of security algorithms. In this paper, our focus is on the design and implementation of various forms of position forging attacks. We have presented detection approaches for these attacks. Unlike existing detection approaches, our methods are not based on the concept of estimating the position of senders. We have analyzed the impact of forged position information on average vehicle speed, number of collisions and percentage of delivered packets. Effectiveness of detection methods for various attack scenarios is compared. Instead, it works on the pattern of position information broadcast in consecutive packets. Simulation results demonstrates the effectiveness and adaptability of our proposed approach for VANETs.

Position forging attacks in Vehicular Ad Hoc Networks: Implementation, impact and detection

Vehicular Ad Hoc Network (VANET) applications operate on the principle of periodic exchange of messages between nodes. However, a malicious node can create multiple virtual identities for transmitting fake messages using different forged positions. This creates an illusion of a non-existent event. In VANET, each vehicle periodically broadcasts its identity (ID), time and current geographic position in beacon packets. Node position and time are important factors for modeling an attack as well as for its detection. In this paper, we introduce new variants of (a) Position forging attacks and (b) Combination of position and ID forging attacks. We also propose an implementation of these attacks, their impact on the performance of VANET and description of detection methodology. In a position forging attack, an attacker broadcasts timely coordinated wrong traffic warning messages with forged positions, producing an illusion of a car accident, a traffic jam or an emergency braking. This degrades the performance of VANET in terms of channel utilization. It also has a severe impact on the performance of security algorithms. We analyze the impact of forged position information on average vehicle speed, percentage of delivered packets and number of collisions.