Chen Chen,Xin Wang,Weili Han,Binyu Zang

DOI: https://doi.org/10.1109/ICDCSW.2009.48

2009-01-01

Abstract:The Sybil attack is one of the serious attacks to Vehicular Ad Hoc Networks (VANETs), because it severely damages the security of VANETs and, even leads to a threat to lives of drivers and passengers. In this paper, we propose a solution to detect the Sybil attack based on the differences between the normal motion trajectories of vehicles and the abnormal ones. In our approach, each node can accomplish the attack detection independently with the limited assistance from the infrastructures of VANETs. We improve the feasibility of our approach with limited infrastructures at the early deployment stages of VANETs. In addition, the independency and feasibility of our algorithm are more robust than the existing solutions that rely on collaboration of neighboring nodes. Simulation results show that the proposed method outperforms the existing solutions in terms of robustness, detection rate, overhead efficiency, and lower system requirements.

Bin Xiao,Bo Yu,Chuanshan Gao

DOI: https://doi.org/10.1145/1160972.1160974

2006-01-01

Abstract:ABSTRACTSybil attacks have been regarded as a serious security threat to ad hoc networks and sensor networks. They may also impair the potential applications of VANETs (Vehicular Ad hoc Networks) by creating an illusion of traffic congestion. In this paper, we present a lightweight security scheme for detecting and localizing Sybil nodes in VANETs, based on statistic analysis of signal strength distribution. Our scheme is a distributed and localized approach, in which each vehicle on a road can perform the detection of potential Sybil vehicles nearby by verifying their claimed positions. We first introduce a basic signal-strength-based position verification scheme. However, the basic scheme proves to be inaccurate and vulnerable to spoof attacks. In order to compensate for the weaknesses of the basic scheme, we propose a technique to prevent Sybil nodes from covering up for each other. In this technique, traffic patterns and support from roadside base stations are used to our advantage. We, then, propose two statistic algorithms to enhance the accuracy of position verification. The algorithms can detect potential Sybil attacks by observing the signal strength distribution of a suspect node over a period of time. The statistic nature of our algorithms significantly reduces the verification error rate. Finally, we conduct simulations to explore the feasibility of our scheme.

Tong Zhou,Romit Roy Choudhury,Peng Ning,Krishnendu Chakrabarty

DOI: https://doi.org/10.1109/mobiq.2007.4451013

2007-01-01

Abstract:Vehicular ad hoc networks (VANETs) are being advocated for traffic control, accident avoidance, and a variety of other applications. Security is an important concern in VANETs because a malicious user may deliberately mislead other vehicles and vehicular agencies. One type of malicious behavior is called a Sybil attack, wherein a malicious vehicle pretends to be multiple other vehicles. Reported data from a Sybil attacker will appear to arrive from a large number of distinct vehicles, and hence will be credible. This paper proposes a light-weight and scalable framework to detect Sybil attacks. Importantly, the proposed scheme does not require any vehicle in the network to disclose its identity, hence privacy is preserved at all times. Simulation results demonstrate the efficacy of our protocol.

Yuvaraj Rajendra,Venkatesan Subramanian,Sandeep Kumar Shukla

DOI: https://doi.org/10.1007/s12083-024-01673-3

IF: 3.488

2024-03-12

Peer-to-Peer Networking and Applications

Abstract:Vehicular Ad Hoc Networks (VANETs) play a critical role in the future development of Intelligent Transportation Systems (ITS). These networks facilitate communication between vehicles and roadside infrastructure, establishing a dynamic network capable of sharing and processing traffic data. By harnessing this data, a comprehensive understanding of traffic conditions can be achieved, ultimately improving road safety and efficiency. VANETs have the potential to warn drivers about potential hazards, suggest optimal routes, and coordinate traffic signals. However, the current system design poses a vulnerability where a vehicle can acquire multiple identities, allowing it to launch a Sybil attack by impersonating multiple vehicles. In this attack, Sybil (or fake) vehicles generate and report false data, leading to fabricated congestion reports and corrupting traffic management data. To address this issue, this research proposes a novel Sybil attack detection scheme that leverages Verifiable Delay Functions (VDFs) and location data. The proposed scheme utilizes VDFs iteratively computed by vehicles throughout their journeys, forming a VDF chain where the included data is immutable. A vehicle obtains a signature on its recent VDF state from nearby Roadside Units (RSUs) and other vehicles and incorporates these signatures into its VDF chain. The inclusion of signatures in the VDF chains is time-bound and can't be altered later. Essentially, the VDF chain serves as an immutable storage mechanism for each vehicle. Interactions between vehicles involve the exchange of signatures on VDF states, and these interactions, when compiled in a VDF chain, constitute a vehicle's trajectory. By analyzing these trajectories, we can effectively detect Sybil trajectories. Unlike existing methods that solely rely on vehicle-to-RSU interactions, resulting in high false positive rates, our approach introduces vehicle-to-vehicle interactions using VDF chains, thereby increasing the detection rate. Extensive experiments and simulations are conducted to evaluate the proposed scheme's performance in detection. The results demonstrate that our approach can accurately detect Sybil attacks while achieving low rates of false negatives and false positives when compared to existing models.

computer science, information systems,telecommunications

Yaling Zhu,Jia Zeng,Fangchen Weng,Dan Han,Yiyu Yang,Xiaoqi Li,Yuqing Zhang

DOI: https://doi.org/10.3390/s24072153

IF: 3.9

2024-03-28

Sensors

Abstract:Connected Automobile Vehicles (CAVs) enable cooperative driving and traffic management by sharing traffic information between them and other vehicles and infrastructures. However, malicious vehicles create Sybil vehicles by forging multiple identities and sharing false location information with CAVs, misleading their decisions and behaviors. The existing work on defending against Sybil attacks has almost exclusively focused on detecting Sybil vehicles, ignoring the traceability of malicious vehicles. As a result, they cannot fundamentally alleviate Sybil attacks. In this work, we focus on tracking the attack source of malicious vehicles by using a novel detection mechanism that relies on vehicle broadcast beacon packets. Firstly, the roadside units (RSUs) randomly instruct vehicles to perform customized key broadcasting and listening within communication range. This allows the vehicle to prove its physical presence by broadcasting. Then, RSU analyzes the beacon packets listened to by the vehicle and constructs a neighbor graph between the vehicles based on the customized particular fields in the beacon packets. Finally, the vehicle's credibility is determined by calculating the edge success probability of vehicles in the neighbor graph, ultimately achieving the detection of Sybil vehicles and tracing malicious vehicles. The experimental results demonstrate that our scheme achieves the real-time detection and tracking of Sybil vehicles, with precision and recall rates of 98.53% and 95.93%, respectively, solving the challenge of existing detection schemes failing to combat Sybil attacks from the root.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Tong Zhou,Romit Roy,Choudhury Peng Ning,Krishnendu Chakrabarty

DOI: https://doi.org/10.1109/jsac.2011.110308

IF: 16.4

2011-01-01

IEEE Journal on Selected Areas in Communications

Abstract:Vehicular ad hoc networks (VANETs) are being increasingly advocated for traffic control, accident avoidance, and management of parking lots and public areas. Security and privacy are two major concerns in VANETs. Unfortunately, in VANETs, most privacy-preserving schemes are vulnerable to Sybil attacks, whereby a malicious user can pretend to be multiple (other) vehicles. In this paper, we present a lightweight and scalable protocol to detect Sybil attacks. In this protocol, a malicious user pretending to be multiple (other) vehicles can be detected in a distributed manner through passive overhearing by s set of fixed nodes called road-side boxes (RSBs). The detection of Sybil attacks in this manner does not require any vehicle in the network to disclose its identity; hence privacy is preserved at all times. Simulation results are presented for a realistic test case to highlight the overhead for a centralized authority such as the DMV, the false alarm rate, and the detection latency. The results also quantify the inherent trade-off between security, i.e., the detection of Sybil attacks and detection latency, and the privacy provided to the vehicles in the network. From the results, we see our scheme being able to detect Sybil attacks at low overhead and delay, while preserving privacy of vehicles.

Chen,Weili Han,Xin Wang

DOI: https://doi.org/10.1504/ijccbs.2011.038948

2011-01-01

International Journal of Critical Computer-Based Systems

Abstract:Sybil attack is one of the serious threats in vehicular ad hoc networks (VANETs) because drivers may receive wrong information, which could lead to injury the lives of the drivers and passengers, when they are under Sybil attack. This paper, therefore, presents a novel solution named Sybil attack detection based on signature vectors (SADSIV) in VANETs. Each node gathers the digital signatures in their moving; then our algorithm detects Sybil attack by analysing and comparing vehicle nodes' signature vectors independently under the condition of inadequate infrastructures. We improve the feasibility of our approach through the limited infrastructures at the early deployment stages of VANETs. In addition, the independency and feasibility of our algorithm are more robust than the existing solutions which rely on collaboration of neighbouring nodes. Simulation results show that our method outperforms the existing detection schemes in terms of robustness, detection rate and lower system requirements.

Pengwenlong Gu,Rida Khatoun,Youcef Begriche,Ahmed Serhrouchni

DOI: https://doi.org/10.1109/hpcc-smartcity-dss.2016.0182

2016-12-01

Abstract:In recent years, vehicular networks have been drawing special attention because of its significant potential role in future smart city regarding traffic efficiency improvement and road safety. Safety's crucial status in vehicular networks is determined by its direct impact on people's lives. Several security services based on cryptography, PKI and pseudonymous have been standardized in the past few years by IEEE and ETSI. However, vehicular networks are still vulnerable to critical attacks and the Sybil attack is one of them. This paper proposes a Sybil attack detection method based on vehicle driving pattern in urban scenario. In this method, Driving Pattern Matrices (DPMs) are constructed for each vehicle based on the beaconing messages they communicate. Then, a minimum distance classifier is used to evaluate their driving pattern and detect the unusual pattern. The simulation results show that our detection method can reach a high detection rate with a low error rate.

Remya Krishnan P.,Arun Raj Kumar P.

DOI: https://doi.org/10.1002/dac.4621

2020-11-20

International Journal of Communication Systems

Abstract:Vehicular ad hoc network (VANET) is a part of the intelligent transportation system (ITS) that provides safety and nonsafety applications. The high mobility of vehicles and the wireless communication environment in VANET makes it vulnerable to various attacks. One among them is the Sybil attack, where a Sybil attacker creates multiple fake identities called Sybil nodes that disrupt the functionality of VANET. Most of the existing solutions in the literature discuss identifying the Sybil nodes (virtual); very few works exist to determine the Sybil attacker (source node that generates Sybil nodes). In this paper, we propose a computation less heuristic approach that focuses on detecting the Sybil attacker and its Sybil nodes using signal strength measurements and Euclidean distance as the detection parameters. The central VANET server, Road Side Units (RSUs), and vehicles collaborate in the detection process, which improves the accuracy of our approach. The core of the approach is a reward‐based system, where the vehicle rewards are determined by collecting RSUs' feedback about the vehicle behavior. From simulation experiments, it is evident that our proposed approach achieves a maximum detection rate of 99.89% and a false positive rate of 0.012% than the existing techniques.

telecommunications,engineering, electrical & electronic

Salam Hamdan,Amjad Hudaib,Arafat Awajan

DOI: https://doi.org/10.1080/17445760.2019.1617865

2019-05-09

Abstract:Ad hoc networks is vulnerable to numerous number of attacks due to its infrastructure-less nature, one of these attacks is the Sybil attack. Sybil attack is a severe attack on vehicular ad hoc networks (VANET) in which the intruder maliciously claims or steals multiple identities and use these identities to disturb the functionality of the VANET network by disseminating false identities. Many solutions have been proposed in order to defense the VANET network against the Sybil attack. In this research a hybrid algorithm is proposed, by combining footprint and privacy-preserving detection of abuses of pseudonyms (P2DAP) methods. The hybrid detection algorithm is implemented using the ns2 simulator. The proposed algorithm is working as follows, P2DAP acting better than footprint when the number of vehicles increases. On the other hand, the footprint algorithm acting better when the speed of vehicles increases. The hybrid algorithm depends on encryption, authentication and on the trajectory of the vehicle. The scenarios will be generated using SUMO and MOVE tools.

Networking and Internet Architecture

Sharaf Malebary,Wenyuan Xu,Chin-Tser Huang

DOI: https://doi.org/10.1109/pccc.2016.7820665

2016-01-01

Abstract:The development of wireless Vehicular Ad-Hoc Network (VANET) aimed to enhance road's safety and provide comfortable driving environment by delivering early warning and infotainment messages. Intentional jamming attacks target at undermining such a goal by disrupting wireless communications. While detecting jamming attacks is important towards enhancing road safety, it is challenging because VANET operates in outdoor environment (highly changeable road conditions and atmospheric phenomena), and encompasses volatile topology and high mobility of vehicles (traveling speed and directions). To overcome these challenges, in this work, we study jamming attack mobility and behaviors in IEEE802.11p networks. In particular, we focus on analyzing jamming impact based on jammers behaviors, and mobility patterns. Thus, in order to achieve reliable detection, first we identify the impact of vehicles' density on network performance. Then, we study jamming effectiveness when adopting different mobility patterns (stationary, random, or targeting) and behaviors (constant, random, and reactive). Finally, we propose a two phase detection algorithm and evaluate it in a simulation environment. Our approach shows promising results to detect different types of jammers accurately in IEEE802.11p networks.

P. Remya krishnan,Ritesh Koushik

DOI: https://doi.org/10.1007/s10922-024-09869-x

2024-09-12

Journal of Network and Systems Management

Abstract:Rapid development and deployment of VANET necessitate solutions to support its safe applications. One of the major threats to VANET is the Sybil attack that uses numerous fake identities to spread misleading information around the network, resulting in traffic jams, accidents, and theft. Most of the existing solutions to Sybil attacks in VANET concentrate mainly on detecting the presence of Sybil attacks and identifying the virtual Sybil nodes. Though solutions exist to detect the Sybil attacker node, the attack scenarios where multiple Sybil attackers generate the Sybil nodes collaboratively persist as a research gap that needs to be addressed effectively. In this paper, we concentrate on detecting multiple Sybil attackers and the Sybil nodes generated in VANET using a decentralized, distance-based strategy. Despite the performance verification of the proposed technique using simulation, in this paper, we evaluate it in a real-time test-bed environment of VANET to verify its practical applicability.

computer science, information systems,telecommunications

Rukhsar Sultana,Jyoti Grover,Meenakshi Tripathi,Manhar Singh Sachdev,Sparsh Taneja

DOI: https://doi.org/10.1007/s10922-024-09827-7

2024-05-24

Journal of Network and Systems Management

Abstract:Vehicular ad hoc networks (VANET) facilitate vehicle to everything (V2X) communication between vehicles and road side units (RSU) to exchange safety and alert messages required for the successful implementation of VANET applications. However, VANET is exposed to Sybil attacks, where malicious vehicles generate multiple false identities to seize control of network resources or create non-existent traffic situations. While several Sybil attack detection mechanisms based on deterministic and learning methods exist, their performance is restricted to particular scenarios. This work proposes a deep learning-based Sybil Attack Detection mechanism. It identifies the Sybil nodes by detecting the associativity between senders at a time instant using common vehicle characteristics, including Euclidean distance, speed, flow, and computed similarity between senders by using the dynamic time warping (DTW) method. Among the five applied deep learning models, the proposed solution achieves improved detection performance through convolutional neural network (CNN) and a combination of CNN with long short-term memory (LSTM) models in varying network scenarios.

computer science, information systems,telecommunications

Allam Balaram,Shaik Abdul Nabi,Koppula Srinivas Rao,Neeraja Koppula

DOI: https://doi.org/10.1007/s11276-023-03399-1

IF: 2.701

2023-06-16

Wireless Networks

Abstract:AbstractDue to the development of transportation technology, the number of vehicles on the road has been exponential over the years. Road safety is one of the crucial tasks of the transportation department because of collations and accidents each year. Using a Vehicular ad hoc network (VANET) makes communication between vehicles possible and reduces the complexities in vehicle transportation. Privacy is one of the significant tasks in the VANET for a safe and uninterrupted transportation process. Sybil attack is one of the significant issues in the VANET in which attackers introduce dummy nodes to confuse or interrupt the other users in the network to reduce the performance to hack the data. This work proposes a new technique to detect and disconnect Sybil from the network to improve its performance. Historical and statistical data with Extreme Learning Machine is used to classify the Sybil attack in the VANET. This work improved the classification accuracy and network performance compared to the conventional Sybil node identification technique.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mahabaleshwar Kabbur,V. Arul Kumar

DOI: https://doi.org/10.1088/1742-6596/1427/1/012009

2020-01-01

Journal of Physics: Conference Series

Abstract:Abstract VANET is a next generation communication technology where vehicles create an autonomous network with assistance of RSU (Road Side Units). VANET provides legitimate information to the users on the road, in order to increase the road and user’s safety. It provides useful information to the vehicles about directions, location mapping, premises, etc. The fast propagation of emergency and local warning messages to the approaching vehicles will be helpful for preventing secondary accidents. If security of the network is not guaranteed, several attacks may occur, thereby alert messages may not reach to the RSUs on time or message may get spoof due to attack on it. Major attacks on emergency messages such as timing attack, spoofing attack, DoS attack, Sybil attack, etc. would be considered to mitigate and make the communication and infrastructure more secure. One of the major emergency message attack is Sybil, which is used by selfish message propagators to claim authenticity of their message by propagating with multiple identities. By deceiving other nodes with their false support using multiple identifies, they can achieve various purpose in network like vehicle re-routing, speed shift etc. This work proposes a RSU cooperative detection mechanism involving triangulation and fake propagation by RSU to identify the Sybil attacks in the VANET. The proposed methodology secures fast communication emergency messages to prevent secondary accidents by validating the message sources, nodes will accept only the messages from RSU which are digitally signed and source validated against Sybil nodes. The performance evaluation is made with existing methodology and effectiveness of the proposed methodology results demonstrated in article. The spatial location and trajectory of attacker is learnt effectively with RSU cooperation in the proposed work.

Mortan Thomas,Abinash Borah,Anirudh Paranjothi

2024-11-12

Abstract:Connected autonomous vehicles, or Vehicular Ad hoc Networks (VANETs), hold great promise, but concerns persist regarding safety, privacy, and security, particularly in the face of Sybil attacks, where malicious entities falsify neighboring traffic information. Despite advancements in detection techniques, many approaches suffer from processing delays and reliance on broad architecture, posing significant risks in mitigating attack damages. To address these concerns, our research proposes a Trust Aware Sybil Event Recognition (TASER) framework for assessing the integrity of vehicle data in VANETs. This framework evaluates information exchanged within local vehicle clusters, maintaining a cumulative trust metric for each vehicle based on reported data integrity. Suspicious entities failing to meet trust metric thresholds are statistically evaluated, and their legitimacy is challenged using directional antennas to verify their reported GPS locations. We evaluate our framework using the OMNeT++ discrete event simulator, SUMO traffic simulator, and VEINS interface with TraCI API. Our approach reduces attack detection times by up to 66% in urban scenarios, with accuracy varying by no more than 3% across simulations containing up to 30% Sybil nodes and operates without reliance on roadside infrastructure.

Networking and Internet Architecture

G. Shobana,Arockia Xavier Annie Rayan

DOI: https://doi.org/10.1504/ijahuc.2024.140667

2024-09-02

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Sybil attacks pose a significant security risk to ad hoc sensor networks, distorting information on traffic congestion, fake message transfers, etc. To address this issue, a novel technique for detecting Sybil attacks in VANETs makes use of node positions, distances, and received signal strength indicator (RSSI) values, whereas the legitimate nodes exhibit variations due to their various physical locations. The key idea is to identify Sybil nodes based on their similar RSSI and use a machine-learning model to detect Sybil nodes with high accuracy. In this work, the RSSI-based Sybil node identification (RSSI-SNID) technique, intended for Sybil node identification in a VANET environment, is used to construct a Sybil attack model. By integrating RSSI, distance, and timestamps in a multidimensional analysis, RSSI-SNIDs improve VANET's overall functionality in identifying Sybil attacks and attain 98% accuracy with a low false-positive rate, making it unique in its ability to identify these nodes.

computer science, information systems,telecommunications

Yu’ang Zhang,Chaklam Cheong,Sifan Li,Yue Cao,Xiaoling Zhang,Dong Liu

DOI: https://doi.org/10.1016/j.ipm.2024.103827

IF: 7.466

2024-07-19

Information Processing & Management

Abstract:The introduction of Internet of Vehicles (IoV) is promising in enabling vehicles to communicate with each other. However, attackers can invade the on-board operating systems and send fabricated messages, compromising the reliability of IoV. Controlled by attackers, malicious vehicles can send falsified data in Basic Safety Messages (BSM), which are periodically-sent beacon messages for traffic management. Also, Event Report Messages (ERM) can be forged to mislead other vehicles about the status of a traffic event. To alleviate false message injections in the IoV, this paper proposes a detection scheme by exploring traffic data and vehicle consensus. On the one hand, our scheme leverages the fact that traffic events may have an influence on vehicle movements. In detail, the vehicle densities in an area are processed as time series data. Then, an anomaly detection model based on the Gradient Boosting Decision Tree (GBDT) is designed to calculate the traffic anomaly index. In situations where the traffic anomaly is insignificant, a vehicle consensus mechanism is further integrated into the detection scheme. On the other hand, data clustering techniques are applied to separate malicious and benign vehicles in terms of false BSMs. The distance of each vehicle to its cluster centroid is combined with hypothesis testing to measure the cluster quality. The effectiveness of our proposed scheme is validated by extensive simulations based on a realistic road network. Our proposed scheme outperforms several baselines for both false BSM and ERM detections in terms of precision, recall, and F1 score.

computer science, information systems,information science & library science

Sofia Azam,Maryum Bibi,Rabia Riaz,Sanam Shahla Rizvi,Se Jin Kwon

DOI: https://doi.org/10.3390/s22186934

2022-09-13

Abstract:Vehicular Ad-hoc network (VANET) is an imminent technology having both exciting prospects and substantial challenges, especially in terms of security. Due to its distributed network and frequently changing topology, it is extremely prone to security attacks. The researchers have proposed different strategies for detecting various forms of network attacks. However, VANET is still exposed to several attacks, specifically Sybil attack. Sybil Attack is one of the most challenging attacks in VANETS, which forge false identities in the network to undermine communication between network nodes. This attack highly impacts transportation safety services and may create traffic congestion. In this regard, a novel collaborative framework based on majority voting is proposed to detect the Sybil attack in the network. The framework works by ensembling individual classifiers, i.e., K-Nearest Neighbor, Naïve Bayes, Decision Tree, SVM, and Logistic Regression in a parallel manner. The Majority Voting (Hard and Soft) mechanism is adopted for a final prediction. A comparison is made between Majority Voting Hard and soft to choose the best approach. With the proposed approach, 95% accuracy is achieved. The proposed framework is also evaluated using the Receiver operating characteristics curve (ROC-curve).

Yanpeng Cui,Qixun Zhang,Zhiyong Feng,Ying Zhou,Zhiqing Wei,Ping Zhang,Jinlin Peng

DOI: https://doi.org/10.1109/tvt.2024.3377630

IF: 6.8

2024-01-01

IEEE Transactions on Vehicular Technology

Abstract:As the derivative of the vehicular ad hoc network, the flying ad hoc network (FANET) will play a crucial role in the B5G/6G era since it provides wide coverage and on-demand deployment services in a distributed manner. The detection of Sybil attacks is essential to ensure trusted communication in FANET. Nevertheless, the conventional methods only utilize the untrusted information that UAV nodes passively “heard” from the “auditory” domain (AD), resulting in severe communication disruptions and even collision accidents. In this paper, we present a novel VA-mapping solution that matches the neighbors observed from AD and “visual” domain (VD), which is the first solution that enables UAVs to accurately correlate what they “see” from and “hear” to detect the Sybil attacks. The overhead in AD is reduced by the proposed topology-aware beacon interval. Relative entropy is utilized to describe the similarity of observed characteristics from dual domains. The dynamic weight algorithm is proposed to distinguish neighbors according to the characteristics’ popularity. The matching model of AD and VD is established and solved by the proposed vampire bat optimizer. Experiment results show that the proposed VA-mapping solution removes the unreliability of individual characteristics and single domains. It reduces the overhead without sacrificing the accuracy of the neighbor list. Furthermore, it outperforms the conventional RSSI-based and mobility-based methods in Sybil detection.

telecommunications,engineering, electrical & electronic,transportation science & technology