Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Scalable and DoS-resilient Secure Vehicular Communication
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Communication Systems, CoS.ORCID iD: 0000-0003-2022-3976
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Communication Systems, CoS.ORCID iD: 0000-0002-3267-5374
(English)Manuscript (preprint) (Other academic)
Abstract [en]

Vehicular Communication (VC) provides vehicles with real-time “sensing” of their surrounding environment: high-rate broadcasted beacons carry vehicle status information, and event-driven messages report traffic- or road-related events with different levels of criticality. Paramount to vehicle safety, these messages must be secured. Pseudonymous authentication is used to secure messages while preserving privacy. Vehicles become aware of and keep track of their pseudonymized neighbors. However, attackers can exploit this dynamicity and need for timely verification: a clogging Denial of Service (DoS) attack can severely delay or even deny benign vehicle message verification and thus severely degrade awareness. We address the problem by extending the traditional pseudonymous authentication with cooperative message verification and symmetric-key based authentication. We remedy the vulnerability of cooperative verification with probabilistic signature checking and cross-checking across multiple validators. Our scheme trades off higher communication overhead for lower verification latency and thus improved robustness of transportation safety applications. Our scheme is resilient to both DoS attacks and malicious nodes. Even when vehicles are saturated by high-rate bogus beacons and event messages, our scheme achieves an average waiting time of 50ms with an expiration ratio less than 1% for beacons, and 80% of event message acceptance ratio with latency less than 200ms on the average. This is a huge improvement over the current standard, the baseline scheme, which would suffer, having from 50% to almost 100% received benign messages expiring. In spite of its collaborative operation, our scheme drastically detects internal adversaries that attempt to exploit the cooperative verification itself.

Keywords [en]
Security, pseudonymous authentication, vehicular communication
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-273177OAI: oai:DiVA.org:kth-273177DiVA, id: diva2:1429296
Available from: 2020-05-09 Created: 2020-05-09 Last updated: 2020-05-22
In thesis
1. Cooperative Privacy and Security for Mobile Systems
Open this publication in new window or tab >>Cooperative Privacy and Security for Mobile Systems
2020 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The growing popularity of powerful mobile devices, along with increased computation and storage of computing infrastructure, opened possibilities for versatile mobile system applications. Users, leveraging sensing capabilities of the devices, can collect rich data and exchange the data with diverse Service Providers (SPs) or their close neighboring devices. Provision of such user status awareness to the involved system entities, can facilitate customized user experience for system participants.

Nonetheless, the open and decentralized nature of mobile systems raise concerns on both security and privacy of users and the system infrastructure. Sensitive user data could be exposed to honest-but-curious entities, which can further process data to profile users. At the same time, compromised system entities can feed faulty data to disrupt system functionalities or mislead users. Such issues necessitate secure and privacy-enhancing mobile systems, while not compromising the quality of service the systems provide to their users. More specifically, the solutions should be efficient and scale as the system grows, and resilient to both external and internal adversaries. This thesis considers two mobile system instances: Location-based Services (LBSs) and Vehicle-to-Vehicle (V2V) safety applications. We address security and privacy in a cooperative manner, relying on cooperation among the users to protect themselves against the adversaries. Due to the reliance on peers, input from the peers should be examined, in order to ensure the reli- ability of the applications. We adapt pseudonymous authentication, designed for Vehicular Communication (VC) systems, and integrate it with LBSs. This protects user privacy and holds users accountable for their actions, which are non-repudiable. At the same time, our scheme prevents malicious nodes from aggressively passing on bogus data. We leverage redundancy of shared data from multiple cooperating nodes to detect potential conflicts. Any conflict triggers proactive checking on the data with the authoritative entity that reveals the actual misbehaving users. For V2V safety applications, we extend safety beacons, i.e., Cooperative Awareness Messages (CAMs), to share signature verification effort, for more efficient message verification. Similarly to the LBSs, redundancy of such piggybacked claims is also key for remedying malicious nodes that abuse this cooperative verification. In addition, the extended beacon format facilitates verification of event-driven messages, including Decentralized Environmental Notification Messages (DENMs), leveraging proactive authenticator distribution.

We qualitatively and quantitatively evaluate achieved security and privacy protection. The latter is based on extensive simulation results. We propose a location privacy metric to capture the achieved protection for LBSs, taking into consideration the pseudonymous authentication. The performance of the privacy-enhancing LBS is experimentally evaluated with the help of an implementation on a small scale automotive computer testbed. We embed processing delays and queue management for message processing in simulations of V2V communication, to show scalability and efficiency of the resilient V2V communication scheme. The results confirm the resilience to both internal and external adversaries for the both systems.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2020. p. 48
Series
TRITA-EECS-AVL ; 2020:33
National Category
Communication Systems
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-273637 (URN)978-91-7873-565-5 (ISBN)
Public defence
2020-06-15, https://kth-se.zoom.us/webinar/register/WN_WLb9GyXjRD2hY9sCg9I_nQ, 09:30 (English)
Opponent
Supervisors
Note

QC 20200523

Available from: 2020-05-23 Created: 2020-05-22 Last updated: 2020-06-01Bibliographically approved

Open Access in DiVA

No full text in DiVA

Authority records BETA

Jin, HongyuPapadimitratos, Panagiotis

Search in DiVA

By author/editor
Jin, HongyuPapadimitratos, Panagiotis
By organisation
Communication Systems, CoS
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 14 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf