TY - JOUR
T1 - Detecting Sybil Attacks Using Proofs of Work and Location in VANETs
AU - Baza, Mohamed
AU - Nabil, Mahmoud
AU - Mahmoud, Mohamed M.E.A.
AU - Bewermeier, Niclas
AU - Fidan, Kemal
AU - Alasmary, Waleed
AU - Abdallah, Mohamed
N1 - Publisher Copyright:
© 2004-2012 IEEE.
PY - 2022
Y1 - 2022
N2 - Vehicular Ad Hoc Networks (VANETs) have the potential to enable the next-generation Intelligent Transportation Systems (ITS). In ITS, data contributed by vehicles can build a spatio-temporal view of traffic statistics, which can improve road safety and reduce slow traffic and jams. To preserve drivers' privacy, vehicles should use multiple pseudonyms instead of only one identity. However, vehicles may exploit this abundance of pseudonyms and launch Sybil attacks by pretending to be multiple vehicles. Then, these Sybil (or fake) vehicles report false data, e.g., to create fake congestion or pollute traffic management data. In this article, we propose a Sybil attack detection scheme using proofs of work and location. The idea is that each road side unit (RSU) issues a signed time-stamped tag as a proof for the vehicle's anonymous location. Proofs sent from multiple consecutive RSUs are used to create a trajectory which is used as vehicle anonymous identity. Also, contributions from one RSU are not enough to create trajectories, rather the contributions of several RSUs are needed. By this way, attackers need to compromise an infeasible number of RSUs to create fake trajectories. Moreover, upon receiving the proof of location from an RSU, the vehicle should solve a computational puzzle by running proof of work (PoW) algorithm. Then, it should provide a valid solution (proof of work) to the next RSU before it can obtain a proof of location. Using the PoW can prevent the vehicles from creating multiple trajectories in case of low-dense RSUs. To report an event, the vehicle has to send the latest trajectory to an event manager. Then, the event manager uses a matching technique to identify the trajectories sent from Sybil vehicles. The scheme depends on the fact that the Sybil trajectories are bounded physically to one vehicle, and therefore, their trajectories should overlap. Extensive experiments and simulations demonstrate that our scheme achieves high detection rate of Sybil attacks with low false negative and acceptable communication and computation overhead.
AB - Vehicular Ad Hoc Networks (VANETs) have the potential to enable the next-generation Intelligent Transportation Systems (ITS). In ITS, data contributed by vehicles can build a spatio-temporal view of traffic statistics, which can improve road safety and reduce slow traffic and jams. To preserve drivers' privacy, vehicles should use multiple pseudonyms instead of only one identity. However, vehicles may exploit this abundance of pseudonyms and launch Sybil attacks by pretending to be multiple vehicles. Then, these Sybil (or fake) vehicles report false data, e.g., to create fake congestion or pollute traffic management data. In this article, we propose a Sybil attack detection scheme using proofs of work and location. The idea is that each road side unit (RSU) issues a signed time-stamped tag as a proof for the vehicle's anonymous location. Proofs sent from multiple consecutive RSUs are used to create a trajectory which is used as vehicle anonymous identity. Also, contributions from one RSU are not enough to create trajectories, rather the contributions of several RSUs are needed. By this way, attackers need to compromise an infeasible number of RSUs to create fake trajectories. Moreover, upon receiving the proof of location from an RSU, the vehicle should solve a computational puzzle by running proof of work (PoW) algorithm. Then, it should provide a valid solution (proof of work) to the next RSU before it can obtain a proof of location. Using the PoW can prevent the vehicles from creating multiple trajectories in case of low-dense RSUs. To report an event, the vehicle has to send the latest trajectory to an event manager. Then, the event manager uses a matching technique to identify the trajectories sent from Sybil vehicles. The scheme depends on the fact that the Sybil trajectories are bounded physically to one vehicle, and therefore, their trajectories should overlap. Extensive experiments and simulations demonstrate that our scheme achieves high detection rate of Sybil attacks with low false negative and acceptable communication and computation overhead.
KW - Intelligent transportation systems
KW - VANET
KW - proof-of-location
KW - proof-of-work
KW - sybil attack
KW - threshold signatures
UR - https://www.scopus.com/pages/publications/85084765065
U2 - 10.1109/TDSC.2020.2993769
DO - 10.1109/TDSC.2020.2993769
M3 - Article
AN - SCOPUS:85084765065
SN - 1545-5971
VL - 19
SP - 39
EP - 53
JO - IEEE Transactions on Dependable and Secure Computing
JF - IEEE Transactions on Dependable and Secure Computing
IS - 1
ER -