Research On Internal Attack Detection Methods For Vehicular Ad Hoc Networks

As an important branch of mobile ad hoc networks in the field of Intelligent Transportation,Vehicular Ad Hoc Networks(VANETs)has attracted widely attention of industry and academia for providing road safety,traffic management and even value-added services application by communicating between vehicles and vehicles.However,VANETs is faced with an amount of challenges while providing convenience for people.Among them,the security issue is the primary problem of VANETs which needs to be solved.Due to the fact that VANETs has large-scale,openness of wireless channel,dynamic change network topology,broadcast message and so on,it is vulnerable to be threatened by various internal attack such as forging messages,tampering messages,Sybil attack and so on.These attacks not only damage the benefits of VANETs,but also affect the normal operation of VANETs,seriously hinder the development and popularization of VANETs.The researchers proposed a variety of detection methods for internal attacks in VANETs.According to the different detection objects,these methods can be divided into two categories: false messages detection methods and false identities detection methods.False message detection is aimed to the threats of message security,detects false information,injected invalid information and so on.False identity detection is aimed to the threats of identity security,to detect Sybil attack which is a typical of false identity attack.Based on analyzing and summarizing the existing detection methods of false message and detection methods of Sybil attacks,we find current false information detection methods have large calculation overhead,which resulting in a larger delay problem,and Sybil attack detection methods have rarely consider attacker and conspired vehicles launch Sybil attack.We design a false information method for large-scale traffic alert information and a detection method for conspiracy Sybil attack in the privacy protection traffic environment.The main contributions of the papers are as follows:(1)Current detection methods of false information are difficult to quickly and efficiently identify false information from the large-scale traffic alert information,to address this issue,we propose a false traffic information detection method based on weak classifier integration.This method firstly expands the features contained in the alarm information,then designs division feature rule to divide the comprehensive features set of the alarm information into multiple features subsets,and uses the corresponding weak classifier to process feature subset in parallel according to the characteristics of each feature subset.Finally,the processing result of feature subset is integrated and the authenticity of alarm information is judged by the credibility of alarm information.Since multiple weak classifiers deal with feature subsets at the same time,the overall computational cost of detection is reduced,and assuring the timeliness of detection false information.The rich characteristics of nodes improve the overall detection rate.(2)Current Sybil attack detection methods rarely consider attacker and conspired vehicles launch Sybil attack,and fail to balance the Sybil attack detection and privacy protect.To solve these problems,we propose a detection method to resist the conspiracy Sybil attack based on spatio-temporal analysis.The method uses anonymous RSU to release timestamp token as identity in VANETs,and then set a table to record RSU that last passed and timestamp by TA,the table is called request information table,which can defend the generation stolen and conspired Sybil identity.We check whether existing multiple alert messages of the same alert event have the same timestamp token to detect the Sybil attack,and based on the adjacent relation tag of RSU which is embedded in the timestamp token to detect conspiracy Sybil attack.In this paper,the detection method not only defends and detects various types of Sybil attacks,but also protects the privacy of vehicle's identity and position,along with less computation overhead and communication overhead.