1

CHAPTER 1

INTRODUCTION
Inter vehicular communication lies at the core of a number of industry and academic research initiatives that aim at enhancing the safety and efficiency of transportation systems. Vehicular ad hoc networks (VANETs enable vehicles to communicate with each other and with roadside units (!"#s . "ervice oriented vehicular networks are special types of VANETs that support diverse infrastructure$based commercial services% including Internet access% real$time traffic management% video streaming% and content distribution. &any forms of attacks against service$oriented VANETs that attempt to threaten their security have emerged. The most important issue is to select a forwarding path with the smallest packet delivery delay. To keep the low data transmission delay% VA'' protocol transmits packets through wireless channels as much as possible% and if the packet has to be carried through roads% the road with higher speed is chosen firstly. VA'' protocol assumes that vehicles are e(uipped with pre$ loaded digital maps% which provide street$level map and traffic statistics such as traffic density and vehicle speed on roads at different times of the day. According to the information provided by digital maps% VA'' protocol proposed a delay model to estimate the data delivery delay. Traffic safety is a prime challenge that has to be addressed by automotive industries% governments and other concerned entities. According to reports by )orld health *rgani+ation (),* about - . of death toll is caused by traffic accidents in some industriali+ed countries. Traffic /ams are still costing many work commuters a considerable part of their golden time. All these have initiated both academia and industries to put their effort on tackling the problems related with traffic safety. *n top of traffic safety% offering services such as in$vehicle internet access% traffic information% entertainment% payment services and many more services% to increase the drivers0 driving e1perience is also envisioned by these research efforts.

Traffic accidents usually happen as the driver is not able to determine road situations and take appropriate actions in real$time. &ostly drivers do not have a complete picture about road conditions at given instance and they will make decisions such as breaking and lane changing in the absence of full information. This in turn is the main cause for accident occurrence. !eal time communication among vehicles and road$side units can help the driver to have full information on road conditions and this will enhance traffic safety and efficiency. A vehicular ad hoc network (VANET is a network that enables real$time communication betIen vehicles and road$side units. VANET is an enabling technology for Intelligent Transportation "ystems (IT"s . A typical VANET network comprises an on$board unit (*2# installed on each vehicle% road$side units (!"# deployed along the roads and trusted authority (TA that control the network. TAs usually has many application servers at the backend of the network. The *2#s and !"#s communicate over the wireless channel using the 'edicated "hort !ange 3ommunications ('"!3 protocol. *n the other hand% the !"#s% TA% and the application servers can communicate using secure fi1ed network such as the Internet.4I' in VANETs is a ma/or challenge that should be solved before deploying VANETs across the roads and highways. VANET inherits all of the challenges that are present in traditional 4I' system but at the same time it brings a new set of challenges that are uni(ue to it. A typical 4I' should offer privacy% pseudonym management% and effective identity life cycle management. In literature% there are many 4I' proposals for VANETs. ,oIver% most of the proposals only offer the basic security re(uirements for VANETs5 confidentiality% integrity and availability.In this thesis% a novel 4I' architecture for VANETs 6 this architecture satisfies the security and privacy re(uirements such as authentication% anonymity% unlink ability% and traceability. This proposal is unlike other proposals% makes a distinction betweeen the identity of a vehicle and a driver. The I4 &ultimedia "ubsystem(I&" and *pen I' are the main cornerstones of this architecture.

1.1 Communication Patterns In VANETs The communication patterns in VANETs are of five categories. Their classification is generic and independent of the employed underlying communication technology. ,ere the brief presentation of these communication patterns. Beaconing 2eaconing is a periodic transmission of packets as a link layer broadcast to nearby vehicles or road$side units. The purpose of beaconing is to inform all neighboring nodes about the current status such as position% speed and heading direction of the sending vehicle. 2eaconing is typically a single hop communication and thus the packets are not forwarded. Geo- roa!casting It is a communication mechanism that distributes information to a given geographical region. The basic idea is to set the destination region and attach it to the message to be sent. The sender then broadcasts the message to its neighbor. Every vehicle that receives a geo broadcast message will forward the message. Unicast In certain cases a vehicle may want to send a message that is only destined to a specific single vehicle or !"#. This is where the use of unicast messaging becomes useful. 7or e1ample% Vehicular social network is one of the envisioned applications in VANETs. The idea is to allow vehicles to form a trusted network. #nicast routing is essential in this type of applications. The communication can be single hop if the communicating parties are neighbors otherwise a proper routing mechanism is re(uired to deliver the message to the receiver. A!"ance! In#ormation Dissemination Information dissemination is one of the challenging tasks in VANETs as the network topology changes more fre(uently due to higher moving velocity of vehicles. The main aim of this communication pattern is to ensure that vehicles that arrive late

were unable to receive previous messages because of network partitioning get the message. "ingle$hop broadcasts% store messages% and multiple forward is used in this communication pattern. Information Aggregation In this communication pattern communicated data is processed and merged before being forwarded. The main aim is to reduce overhead communication and to increase reliability of the e1changed data. 7or some applications like traffic /am reporting information aggregation results in better accuracy.

1.2 Security Threats in VANETs

Roa! $i!e Unit %R$U& !"# is a static component that serves as a gateway to a VANET and also allows connection to the Internet. It is involved in traffic associated Vehicle$to$!oadside Infrastructure (V8I communication. !"#s are the main tools used by authori+ed authorities to carry out some administrative tasks such as solving disputes. Ve'ic(es or Users The vehicles and the users are closely related in VANET conte1t. The relationship between users and vehicles can come in three different roles. A given user may be an owner% a driver or a passenger to the vehicle in (uestion. #sually there is a many$to many association between the vehicle and the user role% but at a given instant of time% only one user is a driver. It is worth mentioning that the driver role is more important than the others because he9she is the one controlling the vehicle in the VANET. Each vehicle is e(uipped with a tamper resistant trusted component. This component can be installed during the manufacturing process (for recent model vehicles and if the component is not installed by the manufacturer% users can buy and install it later.

Truste! Aut'orit) %TA& TA is an essential entity in VANETs which provides identity for vehicles and monitors the network. TA is responsible to solve any dispute that happens in the network. It is not yet clear who should take the role of TA when VANET" are deployed to start operation. There are many possible candidates for TA5 current road and transport authorities% automobile manufacturers% trusted third parties or a combination of them There are two main types of communication in VANETs5 Vehicle$to$Vehicle (V8V communication and Vehicle$to$!oadside Infrastructure (V8I communication. In V8V% a vehicle e1changes message with other vehicles. In V8V communication% all the vehicles engaged in the communication are mobile. V8I communication refers to a type of communication that involves !oad "ide #nits (!"#s . This communication is usually used to get in contact with other networks such as Internet. 7or V8I% technologies such as ):AN% '"!3% )i&A;% cellular and satellite can be used. There are many possible attacks that an attacker can launch in VANETs. They are as follows Denial of Service (DoS) 'o" is a serious threat that is posed in VANETs. The main aim of this attack is to overload the communication channel in order to disrupt the normal functioning of the network. This in turn will prevent critical message from reaching to the desired party. The conse(uence of this attack can be catastrophic in VANETs as safety related message may be prevented to reach to the vehicles and shown in 7igure <% 'o" can be easily accomplished by /amming the network with a little effort and transmission power.

Message Suppression Attacks A malicious driver may carry out this attack be selectively dropping packets (that Ire destined for other vehicles from the network. A greedy driver may use this attack when she receives congestion notification. Instead of passing this message around for the neighboring vehicles% she may drop it to find a better route for herself.

1.3 Background On Openid

*pen I' is one of the several identity management solutions for the web which supports single$sign on (""* . Its openness and fle1ibility accelerated its widespread adaptation. According to *penI'.net% there are over one billion *penI' enabled user accounts and over =>%>>> websites which support *penI' based authentication. &oreover% many organi+ations such as ?oogle% @ahoo% A*:% Verisign% 4aypal% I2&% &icrosoft serve as *penI' providers. In this chapter I aim to provide an insight for the reader on the basics of *penI' as *penI' is later used in my proposal.

OpenID Identifier
An *penI' Identifier is a uni(ue string in the *penI' domain that serves as an identifier for the user to get an access to *penI'$enabled Ib site. The identifier is usually represented in the form of the form of an ,TT4 or ,TT4" #!: as shown in 7igure AB. The ,TT4" #!: is preferable as it strengths the security of *penI'. *penI' has an interesting feature that enables users to use their e1isting Ib site address that they own as an *penI' identifier. #sers can also use any #!: that they control as their *penI' identifier. A user% without an e1isting #!: under his control% can sign up for an *penI' identifier with an *penI' Identity 4rovider (*4 . There are many *penI' Identity 4roviders (*4s that let users to have their own *penI' identifier free of charge. Actually% most users have an *penI' already and they might not be even aware of it. This is because both ?oogle and @ahoo serve as an *penI' Identity 4rovider (*4 . ?oogle and @ahoo have a large user base among the estimated A billion *penI'$enabled users.

Entities
In the *penI' framework% I can identify three involved parties5 End user% *penI' Identity 4rovider (*4 and !elying 4arty (!4 . The end user (# re(uests a service from the !elying 4arty (!4 and *penI' Identity 4rovider (*4 offers the re(uired identity information about the user to the !elying party (!4 .

End User
The end user is the human user who has one or more *penI' identities. The user is responsible for creating% managing and maintaining his *penI' identity. The user first needs to contact the *penI' Identity 4rovider (*4 in order to get an *penI' identifier. The *4 may re(uire the user to present a credential such as a password. @et% password is not strong level of assurance. "ome service providers may not need high level of assurance. 7or e1ample% a news website may not re(uire a high level of assurance about the user from the *penI' Identity 4rovider (*4 . #sually user name and password authentication and simple registration method is ade(uate for the purpose. ,owever% if I take an electronic voting service run by a certain state% I can apparently observe that a high level of assurance is needed. The organi+ation who is running the election wants to have a very high confidence in the voter0s identity. The degree of level of assurance is determined by the method used in the registration phase. This implies that *penI' needs a strong registration phase in order to be used in critical services like electronic voting. User Agent Any Internet browser that supports ,TT49A.A protocol can serve as a user agent. The user agent functions on behalf of the user and it takes care of re(uests% responses and redirects between the relying party (!4 and *penI' Identity 4rovider (*4 . Re()ing Part) The !elying 4arty (!4 offers services to users but it mandates them to authenticate themselves using the *penI' protocol before allowing them to get the services. The term service provider ("4 is common but *penI' standard opted to use the term !elying 4arty (!4 instead. #pon receiving the *penI' identifier% the !4 discovers the *4 and redirects the #A to the *4 for authentication.

O*enID I!entit) Pro"i!er The *penI' Identity 4rovider (*4 is an identity provider which provides an identity to the end user. It is important that the *4 is trusted by both end users and relying parties. A user can maintain multiple *penI' identities with a given *4. The *4 is responsible to authenticate a user with a given *penI' identifier and must provide assertions when re(uested by an !4. Initiation This is a step in which the user transfers its identifier to the relying party. This step signals the starting of the login process. A user opens the website of an *penI' enabled service provider (!4 and passes his *penI' identifier instead of credentials such as user name and password. Norma(i+ation,Disco"er) This is a step in which the relying party changes the *penI' identity entered by the user to a standardi+ed form. The !4 also e1tracts information from the entered *penI' identifier and learns which *penI' provider is responsible to process the re(uest. The !4 first normali+es the identifier entered by the user . The prime purpose of the normali+ation is to avoid any irregularities that the user might have included with the input entered. *nce the normali+ation process is completed the !4 will continue to the discovery process. In this process% all information needed for creating authentication re(uest is collected from the claimed identifier. Association Negotiation This is an optional step that creates a secured communication channel between relying party and *penI' provider. !4 and *4 agree on a shared secret that is later used for digital signature generation and verification. Thus step enables the integrity of the e1changed subse(uent *penI' messages. If a !4 does not support creating or saving associations% another mode called CstatelessD is employed. In this mode% the *4 generates its own private secret for signing *penI' messages. The !4 later checks *penI' messages received from *4 to verify

CHAPTER .ITERATURE $URVE/ -.1 Pa*er tit(es an! Descri*tion

-.1.1 Bis0as.$1 2isic.31 an! 2isic.31 4ID- ase! sa#et) message aut'entication #or securit) an! trust in "e'icu(ar net0or5s16 in Procee!ings. 71st ICDC$81 2innea*o(is1 2N1 3une. -9111 *age num er. 7-7:771. Vehicular ad hoc network (VANET can offer various services and benefits to users and thus deserves deployment effort. Attacking and misusing such network could cause destructive conse(uences. It is therefore necessary to integrate security re(uirements into the design of VANETs and defend VANET systems against misbehavior% in order to ensure correct and smooth operations of the network. In this paper% a security system for VANETs to achieve privacy desired by vehicles and traceability re(uired by law enforcement authorities% in addition to satisfying fundamental security re(uirements including authentication% non repudiation% message integrity% and confidentiality. &oreover% I propose a privacy$preserving defense techni(ue for network authorities to handle misbehavior in VANET access% considering the challenge that privacy provides avenue for misbehavior. The proposed system employs an identity$based cryptosystem where certificates are not needed for authentication. The fulfillment and feasibility of my system with respect to the security goals and efficiency. The VANET security system mainly achieving privacy% traceability% non frameability% and privacy preserving defense against misbehavior. These functionalities are reali+ed by the pseudonym$based techni(ue% the threshold signature% and the threshold authentication based defense scheme. The I'$based cryptosystem facilitates us to design communication and storage efficient schemes. Through security and efficiency analysis% my system is shown to satisfy the predefined security ob/ectives and desirable efficiencies. &y future work consists of simulating the proposed security system and e1perimenting it in real VANET settings.

10

As a final remark% I point out that the characteristics of VANET systems determine that communication efficiency is the foremost performance indicator% among all the efficiency concerns. The reason is that vehicles% as the mobile devices in VANETs% are capable of intensive data storage and comple1 computation tasks% rendering the re(uirements for storage and computation efficiency less stringent. *n the other hand% communication overhead will be overwhelming if inefficient design is carried out% due to potentially large user base (i.e.% vehicles in VANETs. Through the analysis of my system and those based on conventional 4EI% I particularly demonstrate the promising performance regarding communication efficiency of my design built on I'$based cryptosystem. -.1.- E( A(i.; an! Ducm)t'ia(.B1 4A (ig't arc'itecture #or o**ortunistic "e'ic(e-toin#rastructure communications16 in Procee!ing. 2o i8ac1 Bo!rum1 Tur5e)1 Octo er. -9191 *age num er. <9:<= The development of the Intelligent Transportation "ystems (IT" highlights the need of connecting vehicles to the infrastructure. Indeed% many IT" applications rely on such connections to offer new on board services. The networking architecture allowing vehicle$to$infrastructure (V8I communication is then a key challenge for new pervasive applications. In this paper% an architecture designed for op$ opportunistic vehicles to infrastructure communication. This light architecture allows to transfer data from the vehicles to the infrastructure through I4v- or I4vB connections us$ ing F? networks or )i7i access points% depending on their availability. It relies on any VANET routing protocol like geocast or conditional based routing instead of traditional routing. I use conditional transmissions to benefit from its intrinsic discovery facilities% in order to find a gateway towards the infrastructure and the architecture% its implementation and my road test beds% allowing to conclude on the interest of such an architecture that allows to e1ploit already installed net$ works.

11

3onditional transmissions is a kind of routing where logical conditions replace addresses . A message is sent by the module responsible of conditional transmissions with two conditions namely% 3#4 and 37) . )hen receiving a message% if 3#4 is true% the message is trans$ mitted to the upper layer. If 37) is true% the message is forwarded to nearby cars. 2y dynamically evaluating conditions at receptions% the protocol accommodates better to the dynamic than other protocols relying on addresses (including geographical ones . All sorts of logical conditions can be used (including conditions testing eventual I4 or geographical addresses . 2ut the most interesting conditions deal with distance% duration% tra/ectory correlation (allowing to determining whether the receiving car follows the sender or not . 3onditional transmissions Ire implemented as an Air$ plug compatible application called ,*4 which has been studied in Network "imulator and tested on the road. 7or needs of my architecture% I have completed this application to make it accept particular messages that will inform about certain keywords to be considered true while evaluating conditions (these messages will not be accepted unless they come from local applications to the vehicle . This way% the ?T) application (present on each vehicle sends periodically such messages to ,*4% to warn about the presence of F? networks (keyword F? or )i7i hot spots (keyword F? . -.1.7 .auren!eau.C an! Bar eau.21 4T'reats to securit) in D$RC,8AVE16 in Procee!ings ADHOC-NO81 -99<1 "o(ume num er >19>1 *age num er -<<:-=?. The increased number of vehicles has caused a series of economic and social problems across the world. The economic viability of using wireless sensor networks to gather roads traffic monitoring data for intelligent transportation systems (IT" becomes increasingly attractive. IT" systems are sub/ect to security threats like any other information technology systems. "ecurity should be considered as an integral part of IT" planning and deployment. There is a compelling need to identify and address the most severe security threats specific to the traffic monitoring sensor network.

12

,ere an analysis of possible threats to traffic monitoring system is presented using the European Telecommunications "tandards InstituteGs (ET"IGs methodology and threats that pose the most significant risk to the system are identified. Necessary security services that satisfy the systemGs security ob/ectives are listed .This action may be created by insider of the network which is a part of the routing path. Almost all threats to the routing protocol ("poofing% altering% or replaying routing information% sinkhole% wormhole or attack may result to a malicious node to make itself part of many routes. A simple form of this attack is when a malicious node behaves like a black hole and refuses to forward every packet he sees. ,owever% such an attacker runs the risk that neighboring nodes will conclude that she has failed and decides to seek another route. A more subtle form of this attack is when an adversary selectively forwards packets. 3onsidering this kind of attack may be mostly used to drop urgent packets% rather than usual traffic data packets% the motivation of this attack is ranked as high. The technical difficulty is solvable since it is theatrically possible. The impact on the system is critical. Implicit acknowledgement and multi path routing are techni(ues to defense this attack. &ore efficient techni(ue is to prevent a malicious node to become a part of routing path by use of authentication techni(ues and secure routing protocols. ?eographic routing protocols alone cannot defense this threat since the location information of node is sub/ect to attack and change and cannot be trusted. -.1.> .i.C.T1 H0ang.2. $ an! C'u./. P. 1 4A secure an! e##icient communication sc'eme 0it' aut'enticate! 5e) esta (is'ment an! *ri"ac) *reser"ing #or "e'icu(ar a! 'oc net0or5s16 Com*ute. Commun.1 "o(ume num er 71 *age num er -@97: -@1>1 3u(). -99@ 4rivacy and security should be paid much more attention in secure vehicular ad hoc networks (VANETs . ,owever% as far as I know% few researches on secure VANET protocols have addressed both the privacy issues and authenticated key establishment. Therefore% in this work% a lightweight authenticated key establishment scheme with privacy preservation to secure the communications between mobile vehicles and roadside infrastructure in a VANET is proposed% which is called "E3"44.

13

This proposed scheme not only accomplishes vehicle$to$vehicle and vehicle$to$ roadside infrastructure authentication and key establishment for communication between members% but also integrates blind signature techni(ues into the scheme in allowing mobile vehicles to anonymously interact with the services of roadside infrastructure. I also show that my scheme is efficient in its implementation on mobile vehicles in comparison with other related proposals. A secure and efficient communication scheme for vehicular ad hoc networks is proposed. 2y comparison with other related schemes% the proposed scheme not only maintains good and sought after properties (e.g. low computational costs% establishment of fresh session keys% mutual authentication but also provides the advantage of user privacy preservation. ,ence% a vehicular node can anonymously access the service from roadside devices that a service provider provides and nobody can learn information about the user (e.g. location9user identification9 transaction privacy . &oreover% in comparison with schemes% the computational costs of involved nodes in my scheme are loIr and can be reduced by -<. and HF.% respectively. As a result% my proposed scheme is suitable for various ad hoc networks and privacy$vital applications in pervasive computing environments since it ensures and provides security% reliability% and efficiency. -.1.A .oc'ert.C1 $c'euermann.B1Iit+er.C1.ue 5e.A1an!2au"e.214Data aggregation an! roa!si!e unit *(acement #or a VANET tra##ic in#ormation s)stem16 in Procee!ings At' AC2 Internationa( 8or5s'o* VANET1 $an ;rancisco1 CA1 $e*tem er -99@1 *age num er A@:<A. ,ere the investigation is about how a VANET$based traffic information system can overcome the two key problems of strictly limited bandwidth and minimal initial deployment. 7irst% I present a domain specific aggregation scheme in order to minimi+e the re(uired overall bandwidth. Then a genetic algorithm which is able to identify good positions for static roadside units in order to cope with the highly partitioned nature of a VANET in an early deployment stage.

14

A tailored tool chain allows to optimi+e the placement with respect to an application$centric ob/ective function% based on travel time savings. 2y means of simulation I assess the performance of the resulting traffic information system and the optimi+ation strategy. I have presented an aggregation scheme for travel time data in road networks. In order to disseminate information within a large network% aggregation is done by means of a multilayer hierarchy of appro1imations of the road network. A landmark based aggregation scheme distributes information about the travel times between prominent points of the road network in order to build an abstract view of more distant regions. ?iven this aggregation scheme% it then becomes possible to tackle a second big issue in a VANET$based traffic information system5 how and where infrastructure should be used in order to improve information dissemination over larger distances. I have introduced an approach for optimi+ing the placement of networked roadside infrastructureIsupporting unitsIbased on genetic algorithms. 2y a simulation methodology that separates movement and network issues from application behavior it becomes possible to estimate the travel time savings achieved by a given vector of active "# locations. Application$centric optimi+ation approach feasible. I have confirmed the viability of this approach and assessed the achievable improvements by applying it to a large$scale city VANET model. -.1.< 2ers'a!.B an! Artai(.H1 4$COREC Data sc'e!u(ing at roa!si!e units in "e'ic(e a! 'oc net0or5s16 in Procee!ings ICT1 3ounie'1 .e anon1 A*ri( -91-1 *age num er 1:<. In the near future vehicular networks (VANETs based on wireless technology will be part of my daily lives. VANETs enable vehicles that are not necessarily within the same transmission range to communicate with each other. They also allow vehicles to connect to !oadside #nits (!"#s % which are connected to the Internet% forming a backbone mesh that offers the capability of communicating with each other and with roaming vehicles. In this paper% I e1ploit the !"# network to efficiently route packets betIen far away vehicles in the VANET.

15

This system using ns8 simulation% and compare it to e1isting solutions. The results demonstrate the feasibility and efficiency of my proposed scheme in terms of (uery delay% packet delivery ratio% and generated traffic. This paper presented !*A&E!% which is part of a complete system being designed to provide car drivers and passengers pervasive access to needed data while on the road. The evaluation of !*A&E! confirmed its effectiveness as compared to a recent routing protocol for VANETs. *ngoing work is focusing on devising secure mechanisms for registering users to the system of !"#s and designating them as pro1ies to Internet "4s that provide data to these users. A preliminary design and implementation of such mechanisms I published recently in 4lanned future work relates to designing bundling methods for allowing !"#s to deliver the ma1imum amount of possibly heterogeneous data to users. -.1.= 2o'an!as.B1 Na)a5.A1 Nai5.B1 an! Goe(.N1 4AB$RPDA ser"ice !isco"er) a**roac' #or "e'icu(ar a! 'oc net0or5s16 in Procee!ings IEEE 7r! AP$CC1 /i(an1 Tai0an1 Decem er -99@1 *age num er. 1A?9:1A?>. 'ata communication on the roads is becoming further interesting% as the number of vehicles e(uipped with computing technologies and wireless communication devices (*2# increase. !ecently VANET focuses on public safety% enhance driving and infotainment applications which re(uires lot more data e1change between vehicle and !"#. )hen many vehicles want to access data from !"# or other vehicles% "ervice scheduling becomes an important issue. There are many messages which need to be broadcasted by !"# periodically like traffic information% Iather information% dangerous features of road (sharp curve warning% speed warning % etc. 2roadcasted messages must be received by the most of the vehicles passing from the road is the main goal here. 7or achieving this goal what should be the appropriate time interval after which !"# broadcast the message is the main challenge. In this paper% the problem of static periodic broadcast by !"#. This problem arises due to the static broadcast time interval. In this work vehicle density% real time traffic and deadline are the main concern for scheduling of periodic messages. I have tried to focus

16

on the problem of static broadcast time interval (i.e. the time interval after which periodic message will be broadcasted remains same throughout a day in the case of periodic broadcast of non safety messages. 3onsider a road segment on which the traffic pattern is appro1imately same during all the days of a week in specific time interval of the day (i.e. traffic between <.>> am to AA.>> am is appro1imately same for all the days of a week . 7or this type of road segment% if I want to broadcast any periodic message (i.e. traffic information% weather information% dangerous features of road like sharp curve warning% speed warning periodically then I needs to fi1 some time interval after which periodic messages should be broadcasted by !"#. To finali+e this time interval% I need to consider the vehicle which is moving from this road segment with highest speed (low traffic time otherwise service ratio will be less (i.e. less vehicles receive the message . 2ut if I set the broadcast time interval by considering low traffic time (vehicle speed is high % in high traffic time (vehicle speed is less vehicles will get the more number of duplicate messages and the message traffic will be increased which can also affect the service ratio due to collision. "o% it was concluded that for this type of road segments broadcast time interval should be set dynamically for specific time interval of the day in place of statically which will minimi+e number of duplicate messages and increase service ratio. 7or future work% I plan to implement the mechanism which will identify the traffic pattern for all the time slots of the day (8- hours will be divided in 8- slots each of an hour and then by taking average of that will finali+e the broadcast time interval dynamically for each time slot. The mechanism should be fle1ible enough to handle the situation of traffic increase or decrease by recalculating time interval according to traffic.

17

-.1.@ 2o'an!as.B1 Na)a5.A1 Nai5.B1 an! Goe(.N1 4AB$RPDA ser"ice !isco"er) a**roac' #or "e'icu(ar a! 'oc net0or5s16 in Procee!ings IEEE 7r! AP$CC1 /i(an1 Tai0an1 Decem er -99@1 *age num er. 1A?9:1A?>. Vehicular network is an emerging wireless network where vehicles and roadside units are the communicating nodes% which provides information with each other such as safety warning% traffic information and the services available in region. There are numerous service providers available in the network providing various services% vehicles can get benefit from them. "ervice discovery protocols enable the vehicles to discover service provider in their region of interest providing desired service. The service discovery in other network such as mobile adhoc network cannot be applied directly in vehicular network% due to its uni(ue characteristics. "ervice discovery in vehicular network must utili+e the available common resources in the network.Three type of service discovery architectures are there5 infrastructure less% infrastructure based and hybrid architecture. "ervice discovery enables to find services that satisfy the passenger0s re(uest. This paper deals with a study of various e1isting service discovery protocols in the vehicular adhoc network. "ervice discovery is an active field of research especially in the domain of vehicular adhoc network. Vehicular network itself is also a demanding research area due to its wide range of applications and contribution to intelligent transportation system. In this survey different service discovery protocols for vehicular adhoc network I analy+ed. 'ue to the uni(ue nature of the vehicular network service discovery protocols used in other adhoc networks are not suitable for this network. 3ompared to other service discovery protocols Jo":ocV"'4 shows better performance by considering load balancing and service (uality re(uirement. 7or efficient service discovery average response time of the service discovery protocol must be low because of the high speed of the vehicle.

18

-.1.? Pa*a!imitratos.P1 Butt)an..1 Ho(c+er.T1 $c'oc'.E1 ;reu!ige.31 Ra)a.21 2a.E1 Barg(.;1 Bung.A1 an! Hu auF.3.P1 4$ecure "e'icu(ar communication s)stemsC Design an! arc'itecture16 IEEE Communication 2aga+ine1 "o(ume ><1 no. 111 *age num er 199:19?1 No"em er -99@. The concepts of memory$hard algorithms and se(uential memory$hard functions% and argue that in order for key derivation functions to be ma1imally secure against attacks using custom hardware% they should be constructed from se(uential memory$hard functions. A family of key derivation functions which% under the random oracle model of cryptographic hash functions% are provably se(uential memory$hard% and a variation which appears to be marginally stronger at the e1pense of lacking provable strength. 7inally% some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions. #nder the random oracle model% the mi1ing function !*&i1, is se(uential memory$hardK and it appears very likely that the script key derivation function is also se(uential memory$hard. 4roviding that no new attacks on script or its underlying components are found% a brute$force attack on script is many times harder than similar attacks on other key derivation functions. -.1.19 Vig'nes'.N.V1 Ba"ita.N1 Urs.$.R1 an! $am*a((i.$1 4A no"e( sen!er aut'entication sc'eme 191. "ignificant developments took place over the past few years in the area of vehicular communication (V3 systems. Now% it is understood in the community that security and protection of private user information are a prere(uisite for the deployment of the technology. This is so e1actly because the benefits of V3 systems% with the mission to enhance transportation safety and efficiency% are at stake. ase! on 'as' c'ain #or "e'icu(ar a! 'oc net0or5s16 in Procee!ings IEEE I$8TA1 .ang5a0i1 2a(a)sia1 $e*tem er -9111 *age num er ?<:

19

)ithout the integration of strong and practical security and privacy enhancing mechanisms% V3 systems could be disrupted even by relatively unsophisticated attackers. This problem within the "eVe3om pro/ect% having developed a security architecture that provides a comprehensive and practical solution. The results in a set of two papers in this issue. In this first one% analy+e threats and types of adversaries% identify security and privacy re(uirements% and present a spectrum of mechanisms to secure V3 system and provide a solution that can be (uickly adopted and deployed. &y progress towards implementation of my architecture% along with results on the performance of the secure V3 system% are presented in the second paper and conclude with an investigation% based on current results% of upcoming elements to be integrated in secure V3 architecture.

20

CHAPTER 3 SYSTEM ANALYSIS 7.1. EFisting $)stem

)ith regard to actual e1perimentation on VANET security that was done by several pro/ects and "afe "pot that most pro/ects focused on the security of safety beacons or traffic messages. 7or e1ample% describes the types of applications whose security re(uirements Ire considered by "ecure vehicular communication ("eVe3om . These applications vary from collisions to cruise control% including obstacles and work +one warnings. ,ence% the security of data messages from "4s or web servers is not considered. In addition% focuses on its security aspects on the security and privacy of messages and users only in safety and traffic applications. According to % such applications re(uire tight deadlines for message delivery (less than A>> ms . 7urthermore% the data e1changed in these applications are usually not confidential.

7.- Pro*ose! $)stem

A novel cryptographic function that enables users and !"#s to apply the re(uired security level of e1changed messages by ad/usting the number of iterations of the function. To defend against privacy hacking and impersonation and make an !"# specify for each user the ne1t encryption key and the ne1t pseudonym to use. A set of encryption keys that are used to encrypt the ne1t packet from part of the data in the current packet. In this paper% I argue that the security of users should be accounted for% starting from the initial contact between a user and an !"#. ,ence% I describe a web$based secure registration process that allows a user to create an account with !"#s. 'uring the registration% users provide all re(uired information that enables them to have the benefit of secure connectivity starting from the first packet that they send to the !"#s. a novel cryptographic function that enables users and !"#s to apply the re(uired security level of e1changed messages by ad/usting the number of iterations of the function.

21

CHAPTER > $/$TE2 DE$IGN >.1 .ist o# 2o!u(es

The modules used in the system are

Architecture &odel "ource &odel 4acket 7ormation 6 Eeys &ulti hop links 'ata E1change 7ind Attacker 3ollision Avoidance 4erformance Evolution

>.- 2o!u(e Descri*tion

Arc'itecture 2o!e(C Although the performance of safety applications in VANET has been intensively studied recently% the focus has mainly been based on simulations without in$depth mathematical analysis. To properly design a wireless 3A system% it is essential to evaluate whether vehicles located in the potentially dangerous +one are connected to VANET. )hen vehicles are connected to VANET% the drivers can immediately receive emergency messages. In such cases% drivers have more time to react to ha+ards.

22

$ource 2o!e(C &y primary focus is on the linear sensor networks% in which the sensor nodes are deployed in a linear topology.4ossible applications include sensor networks for border surveillance% highway trafLc monitoring% safeguarding railway tracks% oil and natural gas pipeline protection% structural monitoring and surveillance of bridges and long hallways. A sensor network can be deployed along the borderline or the boundary of a restricted area. Any irregular activities will be monitored by sensor nodes and reported to a control center. Another e1ample is to deploy sensors along a street to monitor trafLc situations and9or parking violations. 7urthermore% oil industry spends hundreds of millions of dollars to protect oil pipelines. 2uilding a sensor monitoring network along an oil pipeline can signiLcantly improve the protection of oil pipelines and reduce cost. "uch a sensor network can also be used to detect corrosion of pipelines when different types of sensors are used. Pac5et ;ormation G Be)sC 'ifferent communications protocols use different conventions for distinguishing between the elements and for formatting the data. In 2inary "ynchronous Transmission% the packet is formatted in H$bit bytes% and special characters are used to delimit the different elements. *ther protocols% like Ethernet% establish the start of the header and data elements by their location relative to the start of the packet."ome protocols format the information at a bit level instead of a byte level. A good analogy is to consider a packet to be like a letter. The header is like the envelope% and the data area is whatever the person puts inside the envelope. A difference% however% is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets . A network design can achieve two ma/or results by using packets5 error detection and multiple host addressing.

23

2u(ti'o* (in5sC 3ellular systems conventionally employ single hops between mobile units and the base station. As cellular systems evolve from voice centric to data centric communication% edge$of$cell throughput is becoming a significant concern. This problem is accentuated in systems with higher carrier fre(uencies (more path loss and larger bandwidth (larger noise power . A promising solution to the problem of improving coverage and throughput is the use of relays. "everal different relay technologies are under intensive investigation including fi1ed relays (powered infrastructure e(uipment that is not connected to the network backbone % mobile relays (other users opportunistically agree to relay each othersM packets % as Ill as mobile fi1ed relays (fi1ed relays that are mounted on buses or trains and thus moving .There has been e1tensive research on multi$hop cellular networks the last few years under the guise of relay networks or cooperative diversity. The use of relays% though% impacts almost every aspect of cellular system design and optimi+ation including5 scheduling% handoff% adaptive modulation% A!J% and interference management. These topics are under intense investigation. Data EFc'angeC )hen users register using the !"# website% they specify their personal details (i.e.% name% address% and phone plus a username and password to use for authentication when they connect to the !"# network from their vehicle. #sers also choose a default !"#% which will save their account in its database. E1amples of users0 interests are web pages% certain news% traffic information in certain areas% and email messages (possibly from different email accounts . )hen they later connect to the VANET% they send a ,ello packet to the nearest !"#% which will notify their default !"#% which% in turn% retrieves their interests from its database and collects the re(uired data for them.

24

;in! Attac5erC A Network Intrusion 'etection "ystem is used to monitor networks for attacks or intrusionsN and report these intrusions to the administrator in order to take evasive action. A large server can be set up on a backbone network% to monitor all trafficK or smaller systems can be set up to monitor traffic for a particular server% switch% gateway% or router. Intrusion detection is needed in today0s computing environment because it is impossible to keep pace with the current and potential threats and vulnerabilities in my computing systems. The environment is constantly evolving and changing field by new technology and the Internet. Intrusion detection products are tools to assist in managing threats and vulnerabilities in this changing environment. Threats are people or groups who have the potential to compromise your computer system. These may be a curious teenager% a disgruntled employee% or espionage from a rival company or a foreign government . Attacks on network computer system could be devastating and affect networks and corporate establishments. I need to curb these attacks and Intrusion 'etection "ystem helps to identify the intrusions. )ithout an % to monitor any network activity% possibly resulting in irreparable damage to an organi+ation0s network. Co((ision A"oi!anceC wireless communication can be leveraged to improve the performance of collision avoidance applications. Ne1t% I propose an analytical model to provide the probability of a rear$end collision between two vehicles traveling in the same direction when a sudden braking situation occurs. "pecifically% the proposed model accommodates features developed by traffic flow theory . The collision avoidance system is e1plained through a twocar highway platoon e1ample. )ithout loss of generality% the vehicles are traveling at a speed of <> km9hr (8= m9s and with an inter$vehicle spacing (headway of => m.

25

CHAPTER A $/$TE2 $PECI;ICATION

A.1 Har!0are $*eci#ication

"ystem ,ard 'isk &onitor &ouse !A&

5 5 5 5 5

Intel core 8'uo AB> ?2 A= V?A colour :ogitech. 8=B &2

5.2 $o#t0are $*eci#ication *9" "imulator

5 5

:inu19 !ed,at "erver N"8

26

CHAPTER < I2P.E2ENTATION AND RE$U.T$

<.1 $am*(e Co!ingC
set set set set set set set set set set set set set val(chan) val(prop) val(netif) val(mac) val(if%) val(ll) val(ant) val(+) val(y) val(if%len) val(adhocRouting) val(nn) val(stop) Channel/WirelessChannel Propagation/TwoRayGround Phy/WirelessPhy Mac/ !"#$$ &ueue/'ropTail/Pri&ueue (( )ntenna/*mni)ntenna $,!! $,!! $!!! )*'"! $,.!

set ns# set topo set tracefd set namtrace

/new 0imulator1 /new Topography1 /open out.tr w1 /open out.nam w1

2ns# trace3all 2tracefd 2ns# namtrace3all3wireless 2namtrace 2val(+) 2val(y) 2topo load#flatgrid 2val(+) 2val(y) set god# /create3god 2val(nn)1 2ns# node3config 3adhocRouting )*'- 4 3llType 2val(ll) 4 3macType 2val(mac) 4 3if%Type 2val(if%) 4 3if%(en 2val(if%len) 4 3antType 2val(ant) 4 3propType 2val(prop) 4 3phyType 2val(netif) 4 3channelType 2val(chan) 4 3topo5nstance 2topo 4 3agentTrace *6 4 3routerTrace *6 4 3macTrace *77

27

for 8set i !9 82i : 2val(nn) 9 8incr i9 8 set node#(2i) /2ns# node1 9 ;2node#(!) color red 2node#(!) set <# $=,."!$ 2node#(!) set ># ???.@AA 2node#(!) set B# !.! 2node#($) set <# "??.=@, 2node#($) set ># ,"$.?$ 2node#($) set B# !.! 2node#(") set <# 3$ .$"@ 2node#(") set ># =!!.@$" 2node#(") set B# !.! 2node#(=) set <# C"=. A 2node#(=) set ># =?=.,== 2node#(=) set B# !.! 2node#(?) set <# $"".=? 2node#(?) set ># =$$.C,, 2node#(?) set B# !.! 2node#(,) set <# =C=.?A 2node#(,) set ># ?C"."!@ 2node#(,) set B# !.! 2node#(@) set <# ,? .,?A 2node#(@) set ># =@$.!@" 2node#(@) set B# !.! 2node#(C) set <# = A.AA, 2node#(C) set ># = $.$C 2node#(C) set B# !.! 2node#( ) set <# ?A?.CA 2node#( ) set ># ?CC.CC$ 2node#( ) set B# !.! 2node#(A) set <# "C,.!$ 2node#(A) set ># = $.AA 2node#(A) set B# !.! 2node#($!) set <# @!!.$?= 2node#($!) set ># $?=.,A, 2node#($!) set B# !.! 2node#($$) set <# ?"C.=!C 2node#($$) set ># $C".$," 2node#($$) set B# !.! 2node#($") set <# =@.A@? 2node#($") set ># $@?.?@C 2node#($") set B# !.! 2node#($=) set <# "$=.@,= 2node#($=) set ># ,!.C"=, 2node#($=) set B# !.!

28
2node#($?) 2node#($?) 2node#($?) 2node#($,) 2node#($,) 2node#($,) 2node#($@) 2node#($@) 2node#($@) 2node#($C) 2node#($C) 2node#($C) 2node#($ ) 2node#($ ) 2node#($ ) 2node#($A) 2node#($A) 2node#($A) set set set set set set set set set set set set set set set set set set <# ># B# <# ># B# <# ># B# <# ># B# <# ># B# <# ># B# $?A.!A@ $@".A= !.! ?",.CC @$.? = !.! "??.=A, "??.=A, !.! =A,.,@, " =.C?? !.! =!=.$$$ $?".A? !.! @$A.A$$ "?$.== !.!

puts D(oading connection pattern...D puts D(oading scenario file...D for 8set i !9 82i : 2val(nn) 9 8incr i9 8 2ns# initial#node#pos 2node#(2i) ?! 9 for 8set i !9 82i : 2val(nn) 9 8incr i9 8 2ns# at 2val(stop).! D2node#(2i) resetDE 9 set udp#(!) /new )gent/F'P1 2ns# attach3agent 2node#(") 2udp#(!) set null$#(!) /new )gent/6ull1 2ns# attach3agent 2node#(=) 2null$#(!) set cGr$#(!) /new )pplication/Traffic/CHR1 2cGr$#(!) set pacIet0iJe# $!!! 2cGr$#(!) set interval# !.!$ 2cGr$#(!) set ma+pIts# $!!! 2cGr$#(!) attach3agent 2udp#(!) 2ns# connect 2udp#(!) 2null$#(!) 2ns# at $.!! D2cGr$#(!) startD

2ns# at !., D2node#(!) setdest C @ 2ns# 2ns# 2ns# 2ns# 2ns# at at at at at !., !., !., !., !., D2node#($) D2node#(") D2node#(=) D2node#(?) D2node#(,) setdest setdest setdest setdest setdest

$= "!D

A, A! "!D @== @@A "!D $=C, C$" "!D CC= @ ! "!D $!"? ?$ "!D

29
2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# 2ns# at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at at !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., !., D2node#(@) setdest $$AA C=! "!D D2node#(C) setdest $!?$ C,! "!D D2node#( ) setdest $$?@ ?@ "!D D2node#(A) setdest A"@ C,$ "!D D2node#($!) setdest $",$ ,$" "!D D2node#($$) setdest $!C ,?$ "!D D2node#($") setdest @ ,== "!D D2node#($=) setdest @? ?$A "!D D2node#($?) setdest !! ,=" "!D D2node#($,) setdest $!CC ?=! "!D D2node#($@) setdest A, @$= "!D D2node#($C) setdest $!?@ @," "!D D2node#($ ) setdest A,? ,$" "!D D2node#($A) setdest $"C$ @$! "!D D2node#(!) add3marI m grey circleD D2node#($) add3marI m red circleD D2node#(") add3marI m Glue circleD D2node#(=) add3marI m green circleD D2node#(?) add3marI m grey circleD D2node#(,) add3marI m grey circleD D2node#(@) add3marI m grey circleD D2node#(C) add3marI m grey circleD D2node#( ) add3marI m grey circleD D2node#(A) add3marI m red circleD D2node#($!) add3marI m grey circleD D2node#($$) add3marI m grey circleD D2node#($") add3marI m grey circleD D2node#($=) add3marI m grey circleD D2node#($?) add3marI m grey circleD D2node#($,) add3marI m grey circleD D2node#($@) add3marI m red circleD D2node#($C) add3marI m grey circleD D2node#($ ) add3marI m grey circleD D2node#($A) add3marI m grey circleD D2node#(") laGel 0D D2node#(=) laGel 'D D2node#($) laGel )ttacIerD D2node#(A) laGel )ttacIerD D2node#($@) laGel )ttacIerD

2ns# at 2val(stop).!!!" Dputs 4D60 K<5T56G...4D E 2ns# haltD puts 2tracefd DM !.! nn 2val(nn) + 2val(+) y 2val(y) rp D puts 2tracefd DM !.! prop 2val(prop) ant 2val(ant)D puts D0tarting 0imulation...D 2ns# run

30

CHAPTER = $CREEN $HOT$

;IGURE <.1 Arc'itectura( 2o!e(

31

;ig <.- $ource 2o!e(

32

;ig <.7 $e(ecting Pat' Using Router

33

;ig <.> Data EFc'ange using 2u(ti'o* (in5s

34

CHAPTER @ CONC.U$ION AND ;UTURE ENHANCE2ENT

,ow to ensure security and privacy in service$oriented VANETs represents a challenging issue. This paper% answered this (uestion with my proposed privacy$preserving data ac(uisition and forwarding scheme by introducing a novel and provable cryptographic algorithm for key generation and powerful encryption. The evaluation of my proposed scheme confirmed its effectiveness compared to a recent security mechanism for VANETs. The ongoing work on !EA3T focuses on making the proposed system more scalable in terms of the number of users that can connect to an !"#. The designing of !"# scheduling mechanism in which an !"# builds a schedule that is divided into time slots (T"s . In each T"% all users that are e1pected to connect to the !"# are specified. ,ence% an !"# prepares users0 data and caches them during a free T" before the users connect. #sing this scheme% the !"# distributes its load among the available T"s. An initial design of the !"#s scheduling system has recently been published.

35

RE;ERENCE$
NAO 2iswas."% &isic.P% and &isic.V% CI'$based safety message authentication for security and trust in vehicular networks%D in 4roceedings. FAst I3'3")% &inneapolis% &N% Pune. 8>AA% page number F8FQFFA. N8O El Ali.7 and 'ucmythial.2% CA light architecture for opportunistic vehicle$to$ infrastructure communications%D in 4roceedings. &obi)ac% 2odrum% Turkey% *ct. 8>A>% page number. B>QBR. NFO :aurendeau.3 and 2arbeau.&% CThreats to security in '"!39)AVE%D in 4roceedings on.A',*3$N*)% 8>>B% volume number -A>-% page number. 8BBQ8R<. N-O :i.3.T% ,wang.&. " and 3hu.@. 4. % CA secure and efficient communication scheme with authenticated key establishment and privacy preserving for vehicular ad hoc networks%D 3omputer 3ommunication volume number FA% page number. 8H>FQ8HA-% Puly 8>>H N=O :ochert.3% "cheuermann.2% Iit+er.3% :uebke.A and &auve.&% C'ata aggregation roadside unit placement for a VANET traffic information system%D in 4roceedings. = Th A3& International )orkshop VANET% "an 7rancisco% 3A% "eptember 8>>H% page number. =HQB=. NBO &ershad.E and Artail.,% C"3*!E5 'ata scheduling at roadside units in vehicle ad hoc networks%D in 4roceedings. I3T% Pounieh% :ebanon% April 8>A8% page number. AQB. NRO &ohandas.2% Nayak.A% Naik.E% and ?oel.N% CA2"!4IA service discovery approach for vehicular ad hoc networks%D in 4roceedings. IEEE Frd A4"33% @ilan% Taiwan% 'ecember 8>>H%page number . A=<>QA=<-. NHO &ohandas.2% Nayak.A% Naik.E% and ?oel.N% CA2"!4IA service discovery approach for vehicular ad hoc networks%D in 4roc. IEEE Frd A4"33% @ilan% Taiwan%'ecember 8>>H% page number. A=<>QA=<-. N<O 4apadimitratos.4% 2uttyan.:% ,olc+er.T% "choch.E% 7reudige.P% !aya.&% &a.S% Eargl.7% Eung.A% and ,ubau1.P.4% C"ecure vehicular communication systems5'esign and architecture%D IEEE 3ommun. &ag.% volume number -B% page number. A>>QA><% Nov.8>>H. NA>O Vighnesh.N.V% Eavita.N% #rs.".!% and "ampalli."% CA novel sender authentication scheme based on hash chain for vehicular ad hoc networks%D in 4roceedings on IEEE I")TA% :angkawi% &alaysia% "eptember. 8>AA% page number. <BQA>A.