Miao Xu,Wenyuan Xu,Jesse Walker,Benjamin Moore

DOI: https://doi.org/10.1145/2517968.2517973

2013-01-01

Abstract:Wireless sensor networks are increasingly being integrated into the modern automobile with the intention of improving safety and reducing costs. However, it has been shown that the first widely-deployed and mandatory in-car sensor networks --Tire Pressure Monitoring Systems (TPMSs) -- employ no cryptographic algorithms for protecting their wireless communication, incurring serious security and privacy risks for consumers. In this paper, we design and evaluate cost-effective secure communication protocols that can resolve the privacy and security vulnerabilities of existing TPMSs as well as other forthcoming in-car wireless sensor networks. Our implementation on Arduino platforms shows that the proposed protocol incurs modest overhead and is applicable to resource-constrained embedded systems.

Zeinab El-Rewini,Karthikeyan Sadatsharan,Daisy Flora Selvaraj,Siby Jose Plathottam,Prakash Ranganathan

DOI: https://doi.org/10.1016/j.vehcom.2019.100214

IF: 6.7

2020-06-01

Vehicular Communications

Abstract:As modern vehicles are capable to connect to an external infrastructure and Vehicle-to-Everything (V2X) communication technologies mature, the necessity to secure communications becomes apparent. There is a very real risk that today's vehicles are subjected to cyber-attacks that target vehicular communications. This paper proposes a three-layer framework (sensing, communication and control) through which automotive security threats can be better understood. The sensing layer is made up of vehicle dynamics and environmental sensors, which are vulnerable to eavesdropping, jamming, and spoofing attacks. The communication layer is comprised of both in-vehicle and V2X communications and is susceptible to eavesdropping, spoofing, man-in-the-middle, and sybil attacks. At the top of the hierarchy is the control layer, which enables autonomous vehicular functionality, including the automation of a vehicle's speed, braking, and steering. Attacks targeting the sensing and communication layers can propagate upward and affect the functionality and can compromise the security of the control layer. This paper provides the state-of-the-art review on attacks and threats relevant to the communication layer and presents countermeasures.

telecommunications,transportation science & technology

Mir Ali Rezazadeh Baee,Leonie Simpson,Xavier Boyen,Ernest Foo,Josef Pieprzyk

DOI: https://doi.org/10.1186/s13638-021-01968-6

2021-05-21

EURASIP Journal on Wireless Communications and Networking

Abstract:Abstract In intelligent vehicular networks, vehicles have enhanced sensing capabilities and carry computing and communication platforms to enable new versatile systems known as Vehicular Communication (VC) systems. Vehicles communicate with other vehicles and with nearby fixed equipment to support different applications, including those which increase driver awareness of the surroundings. This should result in improved safety and may optimize traffic. However, VC systems are vulnerable to cyber attacks involving message manipulation. Research aimed at tackling this problem has resulted in the proposal of multiple authentication protocols. Several existing survey papers have attempted to classify some of these protocols based on a limited set of characteristics. However, to date there is no generic framework to support the comparison of these protocols and provide guidance for design and evaluation. Most existing classifications either use computation complexity of cryptographic techniques as a criterion, or they fail to make connections between different important aspects of authentication. This paper provides such a framework, proposing a new taxonomy to enable a consistent means of classifying authentication schemes based upon seven main criteria. The main contribution of this study is a framework to enable protocol designers and investigators to adequately compare and select authentication schemes when deciding on particular protocols to implement in an application. Our framework can be applied in design, making choices appropriate for the intended context in both intra-vehicle and inter-vehicle communications. We demonstrate the application of our framework using two different types of case study: individual analysis and hypothetical design. Additionally, this work makes several related contributions. We present the network model, outline the applications, list the communication patterns and the underlying standards, and discuss the necessity of using cryptography and key management in VC systems. We also review the threats, authentication, and privacy requirements in vehicular networks.

telecommunications,engineering, electrical & electronic

Ishtiaq Rouf,Robert D. Miller,Hossen A. Mustafa,Travis Taylor,Sangho Oh,Wenyuan Xu,Marco Gruteser,Wade Trappe,Ivan Seskar

2010-01-01

Abstract:Wireless networks are being integrated into the modern automobile. The security and privacy implications of such in-car networks, however, have are not well understood as their transmissions propagate beyond the confines of a car's body. To understand the risks associated with these wireless systems, this paper presents a privacy and security evaluation of wireless Tire Pressure Monitoring Systems using both laboratory experiments with isolated tire pressure sensor modules and experiments with a complete vehicle system. We show that eavesdropping is easily possible at a distance of roughly 40m from a passing vehicle. Further, reverse-engineering of the underlying protocols revealed static 32 bit identifiers and that messages can be easily triggered remotely, which raises privacy concerns as vehicles can be tracked through these identifiers. Further, current protocols do not employ authentication and vehicle implementations do not perform basic input validation, thereby allowing for remote spoofing of sensor messages. We validated this experimentally by triggering tire pressure warning messages in a moving vehicle from a customized software radio attack platform located in a nearby vehicle. Finally, the paper concludes with a set of recommendations for improving the privacy and security of tire pressure monitoring systems and other forthcoming in-car wireless sensor networks.

Rajkumar Singh Rathore,Chaminda Hewage,Omprakash Kaiwartya,Jaime Lloret

DOI: https://doi.org/10.3390/s22176679

IF: 3.9

2022-09-04

Sensors

Abstract:In-vehicle communication has become an integral part of today's driving environment considering the growing add-ons of sensor-centric communication and computing devices inside a vehicle for a range of purposes including vehicle monitoring, physical wiring reduction, and driving efficiency. However, related literature on cyber security for in-vehicle communication systems is still lacking potential dedicated solutions for in-vehicle cyber risks. Existing solutions are mainly relying on protocol-specific security techniques and lacking an overall security framework for in-vehicle communication. In this context, this paper critically explores the literature on cyber security for in-vehicle communication focusing on technical architecture, methodologies, challenges, and possible solutions. In-vehicle communication network architecture is presented considering key components, interfaces, and related technologies. The protocols for in-vehicle communication have been classified based on their characteristics, and usage type. Security solutions for in-vehicle communication have been critically reviewed considering machine learning, cryptography, and port-centric techniques. A multi-layer secure framework is also developed as a protocol and use case-independent in-vehicle communication solution. Finally, open challenges and future dimensions of research for in-vehicle communication cyber security are highlighted as observations and recommendations.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Umesh Kumar Lilhore,Sarita Simaiya,Surjeet Dalal,Yogesh Kumar Sharma,Shilpi Tomar,Arshad Hashmi,Lilhore, Umesh Kumar,Simaiya, Sarita,Dalal, Surjeet,Sharma, Yogesh Kumar,Tomar, Shilpi,Hashmi, Arshad

DOI: https://doi.org/10.1007/s11277-024-10859-0

IF: 2.017

2024-03-06

Wireless Personal Communications

Abstract:Reliable communication is essential in the Internet of Vehicles (IoV) framework, where the efficient transmission of important information is required to ensure vehicle safety and smart traffic control. This investigation centers on the issue of developing trustworthy connectivity in the IoV components through implementing a robust infrastructure for Wireless Sensor Networks (WSNs). This article introduces a new approach to data encryption by combining Improved Elliptic Curve Cryptography (IECC), AES-256, with dynamic key management (DKM). The current study addresses the primary challenge of balancing efficient communications and data protection in the IoV. The hybrid cryptography method we employ utilizes the data confidentiality offered by AES-256, the computational capabilities of IECC, and the periodic updating of keys delivered by a DKM framework. Employing this amalgamation of methods diminishes the performance burden linked to traditional encryption techniques. We conducted a comprehensive range of diagnostic procedures and analyses to assess the effectiveness of the proposed approach. The findings revealed substantial benefits compared to existing encryption methods, i.e., i.e., RSA, 3-DES, AES-256, and ECCC. The proposed hybrid security method exhibited a significant 30% decrease in message transmission time corresponding to the exclusive use of AES-256. The suggested architecture incorporates sensor nodes into vehicles and infrastructure aspects, facilitating the gathering and transmitting of crucial data. This reduction is especially important in the limited resources of IoV, where energy and computational aspects are scarce. In addition, by automatically updating encryption keys, the DKM system strengthens privacy and makes it difficult for rivals to intercept communication. The hybrid approach, incorporating DKM, demonstrated an impressive success rate of more than 99% in preventing intrusion efforts during simulated attack circumstances. This surpasses the vulnerabilities of encryption methods that rely on a single technique. The results highlight the tangible benefits of our method. It has wide-ranging consequences for various IoV applications, such as automatic traffic and smart transport management. Our research adds to the current discussion on protecting data in IoV in the growing WSN environment. We demonstrate the practicality of our hybrid encryption technique with DKM as an efficient way to improve data security alongside communication performance in IoV. It successfully tackles the difficulty of finding a middle ground between these crucial elements in a limited-resource setting.

telecommunications

Ivan Edmar Carvajal Roca,Jian Wang,Jun Du,Shuangqing Weit

DOI: https://doi.org/10.1109/iwcmc48107.2020.9148360

2020-01-01

Abstract:Despite the benefits of electric and autonomous vehicles, current in-vehicle networks lack a robust and feasible security framework that considers the authentication, confidentiality, and integrity for the communication of Electronic Control Units (ECUs). Although a centralized key management mechanism offers an efficient solution, the security fully relies on this centralized unit, which leads to a single point of failure problem. In this paper, we present a semi-centralized key management framework to secure in-vehicle networks. It provides a decentralized and dynamic key distribution during the vehicle's operation and considers different aspects such as ECU's broadcast communication, ECU manufacturing process and ECU authentication without the use of certificates from external third parties. Finally, the implementation and the simulation of our framework validate the feasibility and practical use of our approach.

Jawdat Alshaer

DOI: https://doi.org/10.48550/arXiv.1907.09719

2019-07-23

Abstract:A few years ago, Automotive area in the IoT was seen as theoretical concept and today we are already seeing the possibilities of not only driverless cars, but applications of IoT in the intelligent vehicles including parking, maintaining environment, protecting lives and smoothing the flow vehicle movements. We have realized the urgent need of using simple and efficient secure protocol in Vehicular Ad Hoc Network (VANET) to be practical in the fast mobility of the network nodes, and taking advantage of the existence of base stations gateways along the road to inherit the protocol to different VANETs, this will reduce the initialization of communication overhead time and the security keys initialization each time a node passes to new base station zone. In this research, we applied security protocol used in sensor networks to achieve security in VANET, the simulation analysis shows that secure practical communication is achieved which can be inherited to other sub VANETs. The contribution of this article is enhancing proposed protocols with as less cryptography computation overhead as possible to make it applicable in the high mobility nature of VANET using security primitives; which guarantees security while allowing fast authenticating during vehicle passing one VANET to the next one depending on its direction in the transportation networks.

Cryptography and Security

Ghassan Samara

DOI: https://doi.org/10.48550/arXiv.1207.0967

2012-07-04

Abstract:Vehicular communication networks is a promising and emerging technology to facilitat road safety, Safety of life, traffic management, and infotainment dissemination for drivers and passengers. One of the ultimate goals in the design of such networking is to resist various malicious abuses and security attacks. In this research new security mechanisms are proposed to achieve secure certificate revocation, which is considered among the most challenging design objective in vehicular ad hoc networks.

Cryptography and Security

Pablo Marcillo,Diego Tamayo-Urgilés,Ángel Leonardo Valdivieso Caraguay,Myriam Hernández-Álvarez

DOI: https://doi.org/10.3390/s22239123

2022-11-24

Abstract:Recently, the number of vehicles equipped with wireless connections has increased considerably. The impact of that growth in areas such as telecommunications, infotainment, and automatic driving is enormous. More and more drivers want to be part of a vehicular network, despite the implications or risks that, for instance, the openness of wireless communications, its dynamic topology, and its considerable size may bring. Undoubtedly, this trend is because of the benefits the vehicular network can offer. Generally, a vehicular network has two modes of communication (V2I and V2V). The advantage of V2I over V2V is roadside units' high computational and transmission power, which assures the functioning of early warning and driving guidance services. This paper aims to discover the principal vulnerabilities and challenges in V2I communications, the tools and methods to mitigate those vulnerabilities, the evaluation metrics to measure the effectiveness of those tools and methods, and based on those metrics, the methods or tools that provide the best results. Researchers have identified the non-resistance to attacks, the regular updating and exposure of keys, and the high dependence on certification authorities as main vulnerabilities. Thus, the authors found schemes resistant to attacks, authentication schemes, privacy protection models, and intrusion detection and prevention systems. Of the solutions for providing security analyzed in this review, the authors determined that most of them use metrics such as computational cost and communication overhead to measure their performance. Additionally, they determined that the solutions that use emerging technologies such as fog/edge/cloud computing present better results than the rest. Finally, they established that the principal challenge in V2I communication is to protect and dispose of a safe and reliable communication channel to avoid adversaries taking control of the medium.

Yun Wu,Liangshun Wu,Hengjin Cai

DOI: https://doi.org/10.1016/j.compeleceng.2022.108542

2022-12-13

Abstract:Vehicle and road side unit communications are crucial to the information network in Intelligent Transportation System (ITS). There are two fundamental problems with the current communication security solutions: (1) encryption technology alone is not sufficient to verify the authenticity of the messages transmitted from vehicles to road side units, (2) existing solutions fail to build a complete framework in the way that they are case-dependent and apply to limited scenarios. This paper first presents a cloud-vehicle-road architecture that explains the precise message contents as well as the message generation and transmission process. A binary classification model is deployed to assess uploaded traffic-related messages to improve traffic efficiency based on cross-sectional data. A novel graph temporal neural network with attention is designed for misbehavior detection of vehicles based on time-sequential data. According to simulation results, the system's overall performance can be effectively improved regarding security and availability.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Nuwan Weerasinghe,Muhammad Arslan Usman,Chaminda Hewage,Eckhard Pfluegel,Christos Politis

DOI: https://doi.org/10.3390/fi15050157

2023-04-24

Future Internet

Abstract:Implementing 5G-enabled Vehicle-to-Everything (V2X) intelligent transportation systems presents a promising opportunity to enhance road safety and traffic flow while facilitating the integration of artificial intelligence (AI) based solutions. Yet, security and privacy concerns pose significant challenges that must be addressed. Therefore, researchers have focused on improving the security and integrity of vehicle data sharing, with a particular emphasis on V2X application layer security and privacy requirements. This is crucial given that V2X networks can consist of vehicles manufactured by different companies and registered in various jurisdictions, which may only be within communication range for a few seconds. Thus, it is necessary to establish a trusting relationship between vehicles quickly. The article proposes a threshold cryptography-based key exchange protocol that meets the key requirements for V2X data sharing and privacy, including the rapid establishment of trust, the maintenance of vehicle anonymity, and the provision of secure messages. To evaluate the feasibility and performance of the proposed protocol, a tailored testbed that leverages the NS-3 network simulator, a commercial 5G network, and public cloud infrastructure is used. Overall, the proposed protocol provides a potential solution for addressing security and privacy concerns in V2X networks, which is essential for successfully implementing and adopting this technology.

Jiaoyue Chen,Qihui Zuo,Wenquan Jin,Yujing Wu,Yihu Xu,Yinan Xu

DOI: https://doi.org/10.3390/electronics13132524

IF: 2.9

2024-06-27

Electronics

Abstract:With the rapid development of vehicle electronic communication technology, in-vehicle bus network system communicates with external electronic devices such as mobile phones and OBD II, causing in-vehicle bus networks to face severe network security threats. This study aims to explore the security scheme of in-vehicle bus networks based on a key management system to ensure the confidentiality, integrity, authenticity, and availability of vehicle communication, and innovatively propose a key management system. This key management system uses data encryption and signature algorithms based on the elliptic curve cryptographic domain, which is mainly composed of key generation and key distribution modules. By designing a key life cycle management strategy for In-Vehicle Ethernet and using the digital envelope technique, data encryption and digital signatures are combined to ensure the secure generation and distribution of keys. Experimental simulation results show that the session key negotiation speed of the proposed key management system for In-Vehicle Ethernet in this study is 1.533 ms, which improves the speed by 80.5% compared with the traditional key management system. The key management system proposed in this study improves the real-time information processing efficiency in In-Vehicle Ethernet and lays a solid foundation for the stable development of intelligent connected vehicles.

engineering, electrical & electronic,physics, applied,computer science, information systems

Prasanna Venkatesan E,Kristen Titus W

DOI: https://doi.org/10.48550/arXiv.2105.06105

2021-05-13

Abstract:Vehicular Ad Hoc Networks (VANETs) improves traffic management and reduce the amount of road accidents by providing safety applications. However, VANETs are vulnerable to variety of security attacks from malicious entities. An authentication is an integral a neighborhood of trust establishment and secure communications between vehicles. The Road-side Unit (RSU) evaluates trust-value and the Agent Trusted Authority (ATA) helps in computing the trust-value of auto supported its reward-points. The communication between nodes is enhanced, this can reduce 50% of road accidents. The security of the VANET is improved. We propose the utilization of Elliptic Curve Cryptography in the design of an efficient data encryption/decryption system for sensor nodes in a wireless network. Elliptic Curve Cryptography can provide impressive levels of security standards while keeping down the cost of certain issues, primarily storage space. Sensors will benefit from having to store relatively smaller keys coupled with increased computational capability and this will be a stronger design as the bit-level security is improved. Thus, reducing the time delay between the nodes and to provide better results between them we have made use of this method. The implementation of this work is done with NS2 software.

Cryptography and Security,Networking and Internet Architecture

Ruhul Amin,Isha Pali,Venkatasamy Sureshkumar

DOI: https://doi.org/10.1016/j.jisa.2020.102729

IF: 4.96

2021-05-01

Journal of Information Security and Applications

Abstract:<p>Software-Defined Network (SDN) improves the performance of the network model by managing the whole system through a programmed software. Nowadays, the concept of SDN can be applied in several application areas such as Wireless Sensor Network (WSN), Internet of Things (IoT) communications, cloud–fog computing, Vehicular Ad-hoc Networks (VANETs), etc. To improve the overall network performance, we have integrated SDN technology in the VANET system for Vehicle to Vehicle(V2V) communication. Security is a major concern in the SDN enabled VANET system. The main objective of this paper is to design an authentication protocol which will establish a common session key for secure communication. Further, this paper provides a solution to protect against the RSU compromisation attack which is always a challenging task. The simulation using the Scyther tool confirms that all the private information is being protected during the protocol run. Moreover, informal security analysis shows that the protocol has no security weaknesses. Besides, the proposed protocol achieves better performance in the aspect of security features and also in terms of computation and communication overheads.</p>

computer science, information systems

Yu Yao,Feng Shu,Zeqing Li,Xu Cheng,Lenan Wu

DOI: https://doi.org/10.1109/tits.2023.3271452

IF: 8.5

2023-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Vehicle-to-vehicle (V2V) communication applications face significant challenges to security and privacy since all types of possible breaches are common in connected and autonomous vehicles (CAVs) networks. As an inheritance from conventional wireless services, potential eavesdropping is one of the main threats to V2V communications. In our work, the anti-eavesdropping scheme in CAVs networks is developed through the use of cognitive risk control (CRC)-based vehicular joint radar-communication (JRC) system. In particular, the supplement of off-board measurements acquired using V2V links to the perceptual information has presented the potential to enhance the traffic target positioning precision. Then, transmission power control is performed utilizing reinforcement learning, the result of which is determined by a task switcher. Based on the threat evaluation, a multiple armed bandit problem is designed to implement the secret key switching procedure when it is needed. Through constant perception-execution loops (PELs), the security and confidentiality is improved for the authorized vehicles in their behavioral interactions with the illegal eavesdropper. Numerical experiments have presented that the developed approach has anticipated performance in terms of some risk assessment indicators.

engineering, electrical & electronic,transportation science & technology, civil

Shlomi Dolev,Lukasz Krzywiecki,Nisha Panwar,Michael Segal

DOI: https://doi.org/10.48550/arXiv.1508.01324

2015-08-06

Abstract:In recent future, vehicles will establish a spontaneous connection over a wireless radio channel, coordinating actions and information. Vehicles will exchange warning messages over the wireless radio channel through Dedicated Short Range Communication (IEEE 1609) over the Wireless Access in Vehicular Environment (802.11p). Unfortunately, the wireless communication among vehicles is vulnerable to security threats that may lead to very serious safety hazards. Therefore, the warning messages being exchanged must incorporate an authentic factor such that recipient is willing to verify and accept the message in a timely manner

Cryptography and Security,Networking and Internet Architecture

Jiongen Xiao,Yi Liu,Yi Zou,Dacheng Li,Tao Leng

DOI: https://doi.org/10.1155/2024/5808088

IF: 2.249

2024-06-08

Journal of Advanced Transportation

Abstract:Internet of Vehicles can improve driving and riding experience, provide information needs, reduce environmental pollution, and improve transportation efficiency, thereby promoting the rapid development and application of intelligent transportation. Especially through the advantages of the rapidity of information exchange and the flexibility of real‐time data processing, an autonomous vehicle can provide barrier‐free, safe, and sustainable transportation. At present, the rapid progress of the Internet of Things has promoted the continuous development of a fully autonomous vehicle. However, the autonomous vehicle network uses wireless communication technology, and the openness of its communication channel makes the communication process vulnerable to various security attacks. Therefore, this paper proposes a practical and efficient secure communication in the autonomous vehicle. This scheme utilizes elliptic curve cryptography, which can protect the security of multiparty communication between vehicle, cloud server, and user with lower computation and communication overhead. This paper provides security verification for the scheme by using Scyther. An informal security analysis shows that this scheme can resist multiple attacks. Through a comparative analysis and performance evaluation of the schemes, we found that the scheme improves security while maintaining efficiency.

transportation science & technology,engineering, civil

Yuning Li,Kaitian Li,Xuebin Shao

DOI: https://doi.org/10.62051/ijgem.v2n3.28

2024-04-25

Abstract:As an important part of intelligent transportation, the information security of connected vehicles has become increasingly prominent. As a key technology to ensure the information security of networked vehicles, commercial cryptography plays an important role in vehicle identity authentication, data encryption and secure communication. In this paper, the status quo, challenges and future development trend of commercial cryptography application in connected vehicles are discussed, and some suggestions are put forward to strengthen technology research and development, standardization and industry cooperation. By continuously optimizing the application strategy of commercial cryptography, the information security level of connected vehicles can be effectively improved, providing strong support for the security development of the industry.