Cooperative Intelligent Transportation Systems (cITS) are a promising technology to enhance driving safety and efficiency. Vehicles communicate wirelessly with other vehicles and infrastructure, thereby creating a highly dynamic and heterogeneously managed ad-hoc network. It is these network properties that make it a challenging task to protect integrity of the data and guarantee its correctness. A major component is the problem that traditional security mechanisms like PKIbased asymmetric cryptography only exclude outsider attackers that do not possess key material. However, because attackers can be insiders within the network (i.e., possess valid key material), this approach cannot detect all possible attacks. In this survey, we present misbehavior detection mechanisms that can detect such insider attacks based on attacker behavior and information analysis. In contrast to well-known intrusion detection for classical IT systems, these misbehavior detection mechanisms analyze information semantics to detect attacks, which aligns better with highly application-tailored communication protocols foreseen for cITS. In our survey, we provide an extensive introduction to the cITS ecosystem and discuss shortcomings of PKI-based security. We derive and discuss a classification for misbehavior detection mechanisms, provide an in-depth overview of seminal papers on the topic, and highlight open issues and possible future research trends.
Vehicular networks are networks of communicating vehicles, a major enabling technology for future cooperative and autonomous driving technologies. The most important messages in these networks are broadcast-authenticated periodic one-hop beacons, used for safety and traffic efficiency applications such as collision avoidance and traffic jam detection. However, broadcast authenticity is not sufficient to guarantee message correctness. The goal of misbehavior detection is to analyze application data and knowledge about physical processes in these cyber-physical systems to detect incorrect messages, enabling local revocation of vehicles transmitting malicious messages. Comparative studies between detection mechanisms are rare due to the lack of a reference dataset. We take the first steps to address this challenge by introducing the Vehicular Reference Misbehavior Dataset (VeReMi) and a discussion of valid metrics for such an assessment. VeReMi is the first public extensible dataset, allowing anyone to reproduce the generation process, as well as contribute attacks and use the data to compare new detection mechanisms against existing ones. The result of our analysis shows that the acceptance range threshold and the simple speed check are complementary mechanisms that detect different attacks. This supports the intuitive notion that fusion can lead to better results with data, and we suggest that future work should focus on effective fusion with VeReMi as an evaluation baseline.
Cooperative Intelligent Transport Systems (C-ITS) is a new upcoming technology that aims at increasing road safety and reducing traffic accidents. C-ITS is based on peer-to-peer messages sent on the Vehicular Ad hoc NETwork (VANET). VANET messages are currently authenticated using digital keys from valid certificates. However, the authenticity of a message is not a guarantee of its correctness. Consequently, a misbehavior detection system is needed to ensure the correct use of the system by the certified vehicles. Although a large number of studies are aimed at solving this problem, the results of these studies are still difficult to compare, reproduce and validate. This is due to the lack of a common reference dataset. For this reason, the original VeReMi dataset was created. It is the first public misbehavior detection dataset allowing anyone to reproduce and compare different results. VeReMi is used in a number of studies and is currently the only dataset in its field. In this Paper, we extend the dataset by adding realistic a sensor error model, a new set of attacks and larger number of data points. Finally, we also provide benchmark detection metrics using a set of local detectors and a simple misbehavior detection mechanism.
Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication aims to increase safety, efficiency, and comfort of drivers. Vehicles periodically broadcast their current status, such as position, velocity, and other information. Received information is stored in a local knowledge base, often called world model, and used for application decisions. Because of the potential impact, V2V communication is an interesting target for malicious attackers. Message integrity protection using cryptographic signatures only protects against outsider attackers. In addition to signatures, misbehavior detection mechanisms comparable to intrusion detection systems (IDS) are needed to detect insider attackers. Given the complexity and large number of foreseen V2V and V2I applications, misbehavior detection cannot be a onesize-fits-all solution. In this paper, we present a flexible framework that can combine a range of different misbehavior detection mechanisms by modeling their outputs using subjective logic. We demonstrate the feasibility of our framework by using a combination of existing detection mechanisms to increase their misbehavior detection results.
Cooperative Adaptive Cruise Control (CACC) is one of the driving applications of vehicular ad-hoc networks (VANETs) and promises to bring more efficient and faster transportation through cooperative behavior between vehicles.In CACC, vehicles exchange information, which is relied on to partially automate driving; however, this reliance on cooperation requires resilience against attacks and other forms of misbehavior. In this paper, we propose a rigorous attacker model and an evaluation framework for this resilience by quantifying the attack impact, providing the necessary tools to compare controller resilience and attack effectiveness simultaneously. Although there are significant differences between the resilience of the three analyzed controllers, we show that each can be attacked effectively and easily through either jamming or data injection. Our results suggest a combination of misbehavior detection and resilient control algorithms with graceful degradation are necessary ingredients for secure and safe platoons.
The integrity of messages in vehicular ad-hoc networks has been extensively studied by the research community, resulting in the IEEE 1609.2 standard, which provides typical integrity guarantees. However, the correctness of message contents is still one of the main challenges of applying dependable and secure vehicular ad-hoc networks. One important use case is the validity of position information contained in messages: position verification mechanisms have been proposed in the literature to provide this functionality. A more general approach to validate such information is by applying misbehavior detection mechanisms. In this paper, we consider misbehavior detection by enhancing two position verification mechanisms and fusing their results in a generalized framework using subjective logic. We conduct extensive simulations using VEINS to study the impact of traffic density, as well as several types of attackers and fractions of attackers on our mechanisms. The obtained results show the proposed framework can validate position information as effectively as existing approaches in the literature, without tailoring the framework specifically for this use case.
Abstract-The increasing availability of 10G Ethernet network capabilities challenges existing transport layer protocols. As 10G connections gain momentum outside of backbone networks, the choice of appropriate TCP congestion control algorithms becomes even more relevant for networked applications running in environments such as data centers. Therefore, we provide an extensive overview of relevant TCP congestion control algorithms for high-speed environments leveraging 10G. We analyzed and evaluated six TCP variants using a physical network testbed, with a focus on the effects of propagation delay and significant drop rates. The results indicate that of the algorithms compared, BIC is most suitable when no legacy variant is present; CUBIC is suggested otherwise.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.