Survey on Security Attacks in Vehicular Ad hoc

Networks (VANETs)

Mohammed Saeed Al-kahtani

Computer Engineering Dept., Salman bin Abdulaziz University, Saudi Arabia

alkahtani@sau.edu.sa

Abstract Vehicular Ad hoc Networks (VANETs) are

emerging mobile ad hoc network technologies incorporating

mobile routing protocols for inter-vehicle data communications

to support intelligent transportation systems. Among others

security and privacy are major research concerns in VANETs

due to the frequent vehicles movement, time critical response

and hybrid architecture of VANETs that make them different

than other Ad hoc networks. Thus, designing security

mechanisms to authenticate and validate transmitted message

among vehicles and remove adversaries from the network are

significantly important in VANETs. This paper presents

several existing security attacks and approaches to defend

against them, and discusses possible future security attacks

with critical analysis and future research possibilities.

Keywords: Vehicular Ad hoc Networks (VANET); Security;

Privacy; Road Side Unit; On-board Unit; Wormhole; Sybil;

Certificate; Masquerade; Black hole etc.

I. INTRODUCTION

Recently, Vehicular Ad hoc Networks (VANETs) have

achieved widespread applicability in different application

domains related to transportation systems such as providing

public safety and assistance, driving improvement, toll

collection, roadside service finders, traffic monitoring and

control, highway Internet access and enhancing safety and

efficiency of highway systems. VANETs are also known as

Wireless Access in Vehicular Environment (WAVE) [13]

that supports Intelligent Transportation Systems (ITS) [3]

through Dedicated Short-Range Communication (DSRC).

Figure 1 illustrates the architecture of a VANET.

In VANETs, there are two types of communications: (1)

vehicle to vehicle (V2V) and (2) vehicle to infrastructure

(V2I). Vehicles have On Board Units (OBUs), which consist

of Omni directional antennas, processors, GPS unit, and

sensors for V2V communications. Vehicles also perform

V2I communications with roadside infrastructures, which

are placed within a fixed distance of each other depending

upon the communication range of the roadside devices, also

known as Road Side Units (RSUs). RSUs communicate each

other through wireless medium or wired connections. They

can also be mobile. The V2I communications can be further

extended to provide applications such as Internet since RSUs

can be connected to a network. The V2V communications

can be used to send emergency and real-time information

such as an accident or road traffic information so that other

vehicles can take alternative routes to prevent traffic

congestions.

RSU

DSRC

Cellular

Base station

Vehicle

3G, WiMAX

Internet

Internet

V2V

V2I

Figure 1: Vehicular Ad hoc Networks (VANETs)

Since VANETs support emergency real-time

applications and also deal with life critical information they

should follow the security requirements such as privacy,

confidentiality, integrity, and non-repudiation to provide

secured communications against attackers, and malicious

nodes. Various security attacks such as Denial of Service

(DOS) [17], Sybil attack [6, 9, 12], Wormhole attack [19,

23], Illution attack [14] and Purposeful attack [16] not only

affect the privacy of the drivers and vehicles but also

compromise traffic safety and eventually lead to loss of life.

Hence, extensive researches are being conducted to provide

security in VANETs. The main purpose of providing the

security and privacy in VANETs is based on the fact that at

no point during the communication in VANETs the true

identity of the drivers should be exposed since adversaries

may use this information for launching attacks with false

identities and never get caught. However, vehicles and

drivers have to disclose their identities to RSUs to

978-1-4673-2393-2/12/$31.00 ©2012 IEEE

communicate with them. Hence, the security and privacy

issues must be handled carefully so that the adversaries

cannot misuse them.

In this paper, we present several security and privacy

attacks in VANETs with their defending mechanisms, and

classify these mechanisms. Thus, the main contributions of

this paper are to (i) identify different security attacks, (ii)

present, classify and compare their defending mechanism in

VANETs (iii) identify future possibilities in this area.

The remainder of this paper is organized as follows.

Section II presents different security attributes and types of

malicious nodes in VANETs. In Section III, we present

security attacks and their defending mechanisms with

examples. In Section IV, we classify the security and privacy

approaches of VANETs. Section VI concludes the paper

with discussion, and some future research ideas.

II. SECURITY ATTRIBUTES

In the following subsections, we present security

attributes in Vehicular Ad hoc Networks (VANETs) and

types of malicious vehicles.

A. Security Attributes

There are several important requirements to achieve

security in VANETs, which are discussed as follows. [17].

Authentication: Vehicles should respond only to the

messages transmitted by legitimate members of the network.

Thus, it is very important to authenticate the sender of a

message.

Data Verification: Once the sender vehicle is authenticated

the receiving vehicle performs data verifications to check

whether the message contains the correct or corrupted data.

Availability: The network should be available even if it is

under an attack using alternative mechanisms without

affecting its performance.

Road Clear

Malicious Car

Traffic Jam AheadBC D

.

Figure 2: Data Integrity

Data Integrity: It ensures that data or messages are not

altered by attackers. Otherwise, users are directly affected by

the altered emergency data. For example, if a vehicle B

sends a message to a malicious vehicle C and

C this

message to a legitimate vehicle D, it (D) will be affected by

this message since D will change the road and be in trouble

later on. Figure 2 demonstrates such a scenario of data

integrity.

Non-repudiation: A sender must not deny a message

transmission whenever an investigation or identity of a

vehicle is required.

Privacy: The profile or a driver personal information must

be maintained against unauthorized access.

Real-time constraints: Since vehicles are connected to

VANETs for a short duration, real-time constraints should

be maintained.

B. Types of Malicious Vehicles

In VANETs, malicious vehicles launch attacks on

legitimate vehicles in several ways. Thus, malicious or

attacker vehicles are classified as follows.

Insiders Vs Outsiders

In a network, a member node who can communicate

with other members of the network is known as an Insider

and can attack in various ways. Outsiders who cannot

communicate directly with the members of the network have

a limited capacity to attack (i.e., have less variety of attacks).

Malicious Vs Rational

A malicious attacker uses various methods to damage

the member nodes and the network without looking for its

personal benefit. On the contrary, a rational attacker expects

personal benefit from the attacks. Thus, these attacks are

more predictable and follow some patterns.

Active Vs Passive

An active attacker can generate new packets to damage

the network whereas a passive attacker only eavesdrop the

wireless channel but cannot generate new packets (i.e., less

harmful).

III. SECURITY ATTACKS AND APPROACES

In this section, we present several security attacks on

Vehicular Ad hoc Networks (VANETs), and defending

mechanisms of some of these attacks [7, 9, 17, 19, 20, 24].

Bogus Information

Attackers may transmit incorrect or bogus information

in the network for their advantage. For instance, an attacker

may transmit wrong information about the traffic conditions

in order to make its movement easier on the road. This

attack is related to the authentication security requirements.

Elliptic Curve Digital Signature Algorithm (ECDSA)

[16] is a message authentication scheme that uses hashing

technique to keep messages more secured and provides

strong authentication for the destination vehicles. This

scheme works by generating public and private keys from

the source vehicle. This public key is available to all

vehicles in VANETs. The source vehicle hashes the message

and encrypts it using a secured hash algorithm and private

key and sends the message to the destination vehicle. At the

destination, the message is decrypted using the public key,

which is the hash of the message. This scheme is more

secured on message authentications since hashing is a strong

technique. Changes in messages will also change in the hash

message, which makes it unique.

Denial of Service (DoS)

Attackers may transmit dummy messages to jam the

channel and thus, reduce the efficiency and performance of

the network. Figure 3 illustrates that a malicious black car

transmits a

legitimate car behind it and also to an RSU to create a jam in

the network. The Distributed DoS (DDoS) is more severe

than the DoS where a number of malicious cars attack on a

legitimate car in distributed manner from different locations

and timeslots. Figure 4 demonstrates that a number of

malicious black cars attack on V1 from different locations

and time so that V1 cannot communicate with other

vehicles.

RSU

Vehicle

Lane Close

Ahead

Lane Close

Ahead

Malicious Car

Figure 3: Denial of Service (DOS) Attack

RSU

Lane Close Ahead

Lane Close Ahead

Malicious

Car

Accident Ahead

V1

Figure 4: Distributed Denial of Service (DDoS) Attack

Masquerade

A vehicle fakes its identity and pretends to be another

vehicle for its own advantage. It is achieved using message

fabrication, alteration, and replay. For instance, a malicious

vehicle or attacker can pretend to be an ambulance to

defraud other vehicles to slow down and yield.

Black Hole Attack

A black hole is an area of the network where the

network traffic is redirected. However, either there is no

node in that area or the nodes reside in that area refuse to

participate in the network. This causes data packets to be

lost. Figure 5 illustrates a black hole attack where the black

hole is formed by a number of malicious nodes, which

refuses to transmit the messages received from the legitimate

cars C and D to the cars E and F.

RSU

Malicious Car

Accident Ahead

Black Box

RSU

C

D

E

F

Figure 5: Black hole attack

Existing solutions to black hole attacks consider

designing protocols having more than one route to the

destination, which imposes processing overload to the

network. Moreover, this solution might be suitable to

MANETs rather than VANETs, which has several mobile

nodes and higher end-to-end delay to find additional nodes

or paths. Another solution could use packet sequence

numbers in a packet header so that if any packet is lost the

destination can identify from the missing packet sequence

number.

Malware and Spam

Malware and spam attacks, such as viruses and spam

can cause serious disruptions in the normal VANETs

operations. Malware and spam attacks are normally

executed by malicious insiders rather than outsiders

whenever on board units (OBU) of vehicles and road side

units (RSUs) perform software updates. These attacks

increase transmission latency, which can be alleviated by

using a centralized administration.

Timing Attack

Transmitting data at the right time from one vehicle to

another vehicle is significantly important to achieve data

integrity and security. In timing attacks, whenever malicious

vehicles receive any emergency message they do not

forward it to the neighboring vehicles at the right time but

they add some timeslots to the original message to create

delay. Thus, neighboring vehicles of the attackers receive

the message after they actually require it. Figure 6 illustrates

that whenever the malicious black vehicle receives the

it to the

vehicle whenever it is at the right position F but transmits by

adding some timeslots so that whenever the vehicle receives

the message it is on the spot F1 where the accident has

happened.

Malicious Car

Accident AheadC

D

E

FF1

Figure 6: Timing Attack

Global Positioning System (GPS) Spoofing

The GPS satellite maintains a location table with the

geographic location and vehicles identity in the network. An

attacker can produce false readings in the GPS positioning

system to deceive vehicles to think that they are in a

different location. The attackers use the GPS satellite

simulator to generate signals that are stronger than those

generated by the actual satellite system.

Man in the Middle Attack (MiMA)

In this attack, malicious vehicles listen to the

communication among vehicles and inject false information

between vehicles. Figure 7 demonstrates a MiMA attack

where the malicious vehicle C listens to the communication

between vehicles B and D as well as sends wrong

information to the vehicle E that C receives from the vehicle

A.

Lane Close

Ahead

Malicious Car

A

B

C

D

E

F

Figure 7: Man-in-the-Middle Attack

Sybil Attack

In Sybil attack [4, 25], an attacker generates multiple

identities to simulate multiple nodes. Each node transmits

messages with multiple identities. Thus, other vehicles

realize that there are many vehicles in the network at the

same time. This attack is very dangerous since a vehicle can

claim to be in different positions at the same time, thereby

creating chaos and huge security risks in the network.

Sybil attacks can be detected through resource testing [7,

20]. This approach assumes that all physical entities are

limited to some resources. The work done in [7] uses

computational PUZZLES to test computational resources of

each node. However, this technique is not appropriate for

VANETs [20] since an attacker node can have more

computational resources than an ordinary node. Thus, radio

resource testing [20] is used to eliminate this problem.

Sybil attacks can be eliminated using public key

cryptography [18] where each vehicle is authenticated using

public keys. Key revocation is another approach that reduces

the influence of Sybil attacks detected in wireless sensor

networks [2, 22] using a predefined propagation model. This

model measures the distance of a node through RSSI

approach, where the differences of the signal strength

between transmitted and received signals is used and

matched with claimed position. If the claimed

position is too far from the evaluated distance this node is

suspected as a Sybil attacker.

However, these approaches are mostly based on several

assumptions, which are not realistic to reduce the Sybil

attacks in VANETs. The work done in [9] tries to find a

success rate of Sybil attacks based on the assumptions of

transmission power or antenna. To measure the success they

evaluate the number of cheated nodes from the sender and

receiver s points of view. From the sender points of view

they evaluate the sender s transmission power tuning and

from receiver s points of view they calculate the impact of

using bi-directional antennas over Omni-directional

antennas. They only consider the receipt signal strength and

directions. They do not consider any special propagation

model to compute the location of a node but only use a free

space propagation model to calculate the distance between

transmitters and receivers. Their main purpose of this work

is to estimate the effects of assumptions and antennas to

detect Sybil attackers. They have shown that Sybil attacks

can be detected easily using bi-directional antennas in

receiver side. Thus, the usage of more antennas is

significant in VANETs.

RSU1

Curren

t

Tim

estam

p

Init

ial

Req

ues

t

RSU2

Req

uest

from

prev

ious

carAggre

gat

edT

imes

tam

p

Vehicle 2Vehicle 1

Figure 8: Timestamp series approach

Timestamp series approach is another approach to

secure VANETs from Sybil attacks [25]. This approach

works well for an initial development stage of VANETs with

the availability of the RSU infrastructure and only a small

number of vehicles with communication capabilities. The

RSU issues digital certificates to each vehicle that passes

through it and assumes that two vehicles cannot pass

multiple RSUs at the same time. Thus, a Sybil attacker node

is detected if a vehicle receives multiple messages with the

very similar timestamp certificates. This approach is also

economic since it does not use computational expensive

public key infrastructure (PKI) or Internet accessible RSUs.

Figure 8 illustrates the working scenario of timestamp series

approach.

RobSAD [5] is another approach that detects Sybil

attacks in the initial deployment stage of VANETs. The

method is based on the differences between the normal and

abnormal motion trajectories of vehicles. Each node can

detect attacks independently with the little support from

RSUs. In VANETs, authorized infrastructures (i.e., RSUs)

can provide vehicles digital signatures along with timestamp

on-demand or periodically. Each node can record these

signatures and use to compare and measure the differences

from the neighboring nodes signature vectors to detect Sybil

nodes independently. Thus, this is a very effective, unique

and robust approach with higher detection rate and lower

system requirements. This is because each node does not

require collaborating with neighboring nodes but can detect

attacks independently by comparing digital signatures. This

approach uses infrastructure only to broadcast the digital

signatures along with timestamp to other vehicular nodes.

Wormhole Attack

Wormhole is a severe attack in VANETS and other ad

hoc networks. In this attack, two or more malicious nodes

create a tunnel to transmit data packets from one end of the

network to the malicious node at the other end and these

packets are broadcasted to the network. The malicious nodes

take the control of such a short network connection or link,

threaten the security of transmitting data packets and delete

them.

Malicious Car

Tunnel

Listen privacy information and

transmit through tunnelMalicious Car

Figure 9: Wormhole Attack

Wormhole attacks disrupt the multicast and broadcast

operations for transmitting messages tin VANETS as well

as in on-demand routing protocols such as AODV or DSR.

The AODV protocol does not use any authentication and

protection mechanisms for routing packets and thus, is

affected by wormhole attacks. The malicious nodes or

wormholes can gain unauthorized access to perform Denial

of Service (DoS) attacks. Figure 9 illustrates a wormhole

attack where black malicious cars at two end of the network

form a tunnel to transmit confidential information.

Packet leash [12] is a well known approach to prevent

wormhole attacks. For instance, TIK is a packet leashes-

based protocol for detecting and defending against

wormhole attacks. Temporal leashes ensure that each

packet has an upper bound of distance to travel (which is at

most at the speed of light). All nodes are tightly

synchronized with a clock and the clock difference between

any two nodes is known by all other nodes in the network.

The TIK protocol uses asymmetric cryptography to provide

an instant authentication of the received packets where it

uses n public keys for n nodes and hash functions for

keeping up-to-date keys information and received packets.

An attack is detected by calculating the differences between

the packet travel distance and allowed distance to travel.

An efficient approach called, HEAP [33], which is an

improvement of previously proposed packet leashes method,

used to detect the wormhole attacks in the AODV routing

protocol of VANETs, which is more secure and has low

overhead. Instead of using local leashes the HEAP uses

geographical leashes, which is more effective to detect

malicious nodes. However, geographical leaches limit the

packets travel distance. To eliminate this problem, HEAP

assumes that packets should be dropped whenever their

travel distances are more than the value claimed. Otherwise,

the packets are accepted.

Illusion Attack

It is a new security threat on VANETs where an

adversary broadcasts the traffic warning messages based on

the current road condition, which produces illusion to

vehicles at their neighborhood. It can spread the illusion

largely de

responses, which can cause the traffic jam, car accidents and

decrease the performance of VANETs. Existing message

authentication approaches cannot secure networks against

the illusion attack because the adversary directly controls

and misleads the sensors (of its own car) to produce and

broadcast the incorrect traffic information.

Plausibility Validation Network (PVN) [19] is a new

security model to secure VANETs against illusion attacks.

PVN works by collecting raw data and verifying

whether the collected data are plausible or not. It takes two

types of inputs: incoming data from antennas and data

collected by sensors. These data are categorized by an input

data header. PVN has a rule database and data checking

module which helps to check the validity of input data and

take necessary action accordingly. A message is trustworthy

if it passes all verifications. Otherwise, it is considered as an

invalid message and dropped automatically. PVN can

cooperate with various types cryptography methods and

defend against more attacks.

Purposeful/Intentional Attack

Intentional or purposeful attack by insiders is very

difficult to prevent as they are authenticated and trusted to

perform the peer communications with neighbors.

In VANETs, it is very important to defend against

misbehavior, which are generated by purposeful attackers or

malfunctioning hardware (unintentional). A misbehaving

node can deny transmitting messages that it receives from

other nodes, misinterpret messages, use the bandwidth

improperly or inject bogus message. A technique has been

proposed in [14] to defense against misbehavior in V2V and

V2I communications. This technique considers anonymous

communications to prevent misbehavior and keeps the

privacy of vehicles. A threshold authentication technique is

used where a threshold value is setup to authenticate

misbehavior or malicious nodes a number of times. It

guarantees that any authentication over the threshold value

Impersonation Attack

In V2V communications, one vehicle can broadcast the

security messages to other vehicles that may have impact on

other vehicles and the traffic control system. Thus, all

messages should be authenticated and signed to reduce the

communication overhead. On the other hand, in

impersonation attacks, a malicious vehicle sends message on

behalf of other vehicles to create chaos, traffic jam,

accidents or other security attacks and hides itself.

Thus, the work done in [26] proposes a scheme, called

SPECS to ensure the security and privacy issues of V2V

communications and detect the impersonation attacks. This

approach is based on the idea of IBV protocol [28] which

suffers from impersonation attack and cannot fulfill privacy

requirements. To protect the identity of each vehicle it uses

pseudo-identity and a shared secret key mi between a vehicle

and RSU. The security scheme works as follows

To authenticate a vehicle with a nearby RSU the

scheme uses PKI with its real identity RIDi and password

PWDi. The RA authenticates the vehicle and generates the

shared secret key mi for the vehicle and RSU. TA forwards

mi with a hash function and an encrypted block, which

contains mi and system secret key, s. This encrypted block

can only be decrypted by authorized vehicles. The RSU

transmits this block to vehicles. Each time the vehicle passes

a new RSU a new shared secret key is generated. To

generate the signature it uses the shared secret key and one

way hash function with the signing key. As mi is only known

to a vehicle, RSU and TA attackers or other vehicles cannot

generate the valid signing key to sign the message. Invalid

signatures or attackers can be detected using a batch

verification process by RSU. In IBV, if any invalid signature

is found using the batch verification process the whole batch

is dropped. However, SPECS does not drop the whole batch;

it used binary search and divides the batch in two halves and

checks the invalidity on each half. If an attacker is found it

notifies other vehicles and repeats the process until the

search reaches a pre-defined level or all signatures are

validated. After verifying the signature the RSU broadcasts

the message to all vehicles without the hash value, which is

stored into positive and negative bloom filters. Any vehicle

wants to know the validity of a received message will create

the hash value and compare with the bloom filters hash

value. A message is valid if the hash value of this message is

found in the positive bloom filter. Otherwise, the message is

considered as invalid. Table I lists different types of security

attacks with attacker types and respective security attributes.

Table I: Comparison of security attacks with their types and

security requirements.

Name of Attack Attacker Type Security Attributes or

Requirements

Bogus Information Insider Data Integrity,

Authentication

Denial of Service

(DoS)

Malicious, active,

insider, network

attack

Availability

Masquerading Active, insider Authentication

Black hole Passive, outsider Availability

Malware Malicious, insider Availability

Spamming Malicious, insider Availability

Timing attack Malicious, insider Data integrity

GPS Spoofing Outsider Authentication

Man-in-the-

Middle

Insider, monitoring

attack

Data Integrity,

Confidentiality

Sybil Insider, network

attack

Authentication

Wormhole or

Tunneling

Outsider, malicious,

monitoring attack

Authentication,

Confidentiality

Illusion Attack Insider, malicious Authentication

Purposeful attack Active, insiders,

malfunctioning

hardware

Authentication

Impersonation Insider, network

attack

Authentication

IV. CLASSIFICATION OF SECURITY SCHEMES

Existing security and privacy schemes of Vehicular Ad

hoc Networks (VANETs) can be classified into the

following categories.

A. Public Key Approaches

In these approaches, each node is provided with a pair

of secret and public keys. Public Key Infrastructure (PKI)

should efficiently handle key management to provide

security. A scheme using PKI is proposed whenever a

vehicle has two extra hardware units: Event Data Recorder

(EDR) to record all events and Tamper Proof Hardware

(TPH) to perform cryptographic process.

The work done by Hesham et al. [10] proposes a

dynamic key distribution protocol that handles key

management without the need to store a large number of

keys for PKI support and thus, reduces the usages of Tamper

Proof Device (TPD). In this approach, vehicles unique

information such as Electronic license Plate (ELP), chassis

number that creates Vehicle Authentication Code (VAC) is

used a secret key between a certificate authority (CA) and a

vehicle. A CA is responsible for issuing, distributing,

renewing and revoking public key certificates [1].

This protocol has strong resistance against Denial of

Service (DoS) attack since it uses ELP and a secret key that

is encrypted with unique VAC. Moreover, Man-in-the

Middle attack is not possible since message between RSU,

OBU, and CA is confidential only to the message receiver

and Sybil attack is not possible since the unique identity,

VAC of each vehicle cannot be tampered.

The work done by Gazdar et al. [8] proposes efficient

dynamic cluster-based architecture of the Public Key

infrastructure (PKI) for Vehicular Ad hoc Networks

(VANETs) based on a trust model. Each vehicle will have a

trust value in the range [0, 1] where a new vehicle in the

network starts with 0.1. The vehicle with trust value 1 is the

most authentic and confident vehicle. Base on this trust

value, vehicles will have four different roles as Certificate

Authority (CA), Registration Authority (RA), Gateway

(GW) and Member Node (MN). A CA and RA which have

the trust value equal to 1 issues certificates to the vehicles in

a cluster and protect CA against attacker by avoiding direct

communication between an unknown vehicle and CA,

respectively. A GW is used for inter-cluster communication.

Other vehicles including MNs have to show good behavior

and cooperation to increase their trust values. In the

proposed architecture, a hierarchical monitoring process is

used to observe the behavior of vehicles, where a vehicle

with higher trust value monitors a vehicle with lower trust

level. Authors perform simulation to investigate the effect of

transmission range, vehicle speed and a number of

confidence vehicles on the security of VANETs.

Efficient Certificate Management Scheme (ECMV)

[27] is a PKI-based scheme, which provides an efficient

certificate management between different authorities and

hence, the OBU can update its certificates anywhere at any

instant. Even if the adversary manages to get into the

network, ECMV has an efficient certificate revocation

procedure to remove the adversary. This scheme reduces the

complexity of certificate managements to a great extent and

is very effective in providing security and scalability.

B. Symmetric and Hybrid Approaches

In these schemes nodes communicate after they share

and agree on a secret key that is used for communication.

Most security schemes of VANETs are based on either

public or symmetric keys. Recently, a hybrid system that

uses both symmetric and public keys has been proposed for

security in VANETs. It uses two types of communications:

pair-wise and group communication. Pair-wise

communication is used when two vehicles need to

communicate each other whereas in group communication

more than two vehicles communicate. Hybrid approaches

use symmetric keys for pair-wise communications to avoid

the overhead of using the key pair. However, symmetric

keys should not be used in the authentication process since it

prevents non repudiation. The size of a key is 1024 bits and

AES is used for encryption.

C. Certificate Revocation Approaches

A public key infrastructure (PKI) is widely used to

provide security in VANETs which includes certificate

revocation (i.e., terminating the membership of a vehicle)

[1]. Certificate revocation is performed by CA in two ways:

centralized or decentralized. In the centralized approach, a

central authority is responsible only for taking the revocation

decision whereas in decentralized approach, a group of

vehicles which are neighbors of the revoked vehicle take

such a decision.

This scheme is centralized and uses pervasive

infrastructure and not considered efficient since RSU sends

the certificate revocation list (CRL) list to OBU and thus, the

deployment cost becomes high. Some modified approaches

have been proposed such as Revocation Protocol of Tamper

Proof device (RTPD), Distributed Revocation Protocol

(DRP), Revocation Protocol using Compressed Revocation

Lists (RCCRL). RSU aided Certificate Revocation (RCR) is

another newly proposed scheme where a Trusted Third Party

(TTP) grants secret keys for each RSU so that it can sign

messages in its range. Once a certificate is detected as

invalid, certificate authorities (CA) issues messages to the

RSU which broadcasts messages to all vehicles to revoke

that particular certificate and stop communication with it.

D. ID-based Cryptography

Public Key Infrastructure (PKI) and symmetric key

cryptography are not the best schemes to provide security in

VANETs since they are infrastructure-less. Hence, ID-based

cryptography that covers the best features of other security

schemes is also being explored by the research community.

For instance, ID-based cryptography reduces the

computational cost in the ID-based Signature (IBS) process

for VANETs, and is preferable for authentication using the

ID-based Online/Offline Signature (IBOOS) scheme.

IBOOS increases efficiency by separating signing process

into an offline (executed initially at RSUs or vehicles) and

online phase (executed in vehicles during V2V

communications), in which the verification is more efficient

than that of IBS.

The work done by Lu et al. [11] proposes an ID-based

authentication framework that utilizes both IBS and IBOOS.

This framework utilizes self-defined pseudonyms instead of

real-world IDs without exposing vehicles privacy. This

framework is efficient in term of processing time, storage

and communication overhead. This is because this scheme

preloads a pool of IDs of regional RSUs in each vehicle,

which are very small in size and do not change frequently as

compared to other approaches that pre-stores IDs of all

RSUs. This scheme uses IBS for Vehicle-to-Roadside (V2R)

and Roadside-to-Vehicle (R2V) authentications whereas

IBOOS is used for V2V authentications. Evaluation results

show that this framework efficiently preserves the privacy in

VANETs.

Another work done by Pan et al. [21] proposes an

analytical model to quantify the location privacy based on a

simple scheme called Random Changing Pseudonyms (RCP)

where each vehicle changes its pseudonym after a random

point. However, it is very important to provide unlinkability

between two successive pseudonyms of a vehicle.

Otherwise, an intruder might be able to locate the vehicle by

mapping between successive pseudonyms. Moreover, the

probability of unlinkability between pseudonyms is affected

by the effectiveness of different pseudonym changing

schemes to protect location privacy. Thus, the analytical

model to quantify the effectiveness of pseudonym changing

schemes is an important research problem to provide

security in VANETs.

V. DISCUSSION AND FUTURE WORKS

Vehicular Ad hoc Networks (VANETs) are becoming

popular in transportation systems since they provide road

safety, traffic management, and Internet access on highway

and distribute safety information to drivers and passengers.

However, it poses a great challenge to implement VANETs

in value-added services due to the intruder vehicles and

several security attacks. Thus, providing security and

privacy in VANETs are considered as the most important

research issue in this area.

Additionally, mobility of vehicles and dynamic nature

of the network impose a great challenge to eliminate

malicious vehicles and design secured data transmission

protocols. Though extensive researches are being conducted

to provide security and privacy in VANETs most of these

approaches consider reducing computational and

communication overhead, and processing delay for

authentication between the source and destination vehicles.

Beside, most existing security schemes of VANETs do not

support the security checks while handing over a vehicle

from one Road Side Unit (RSU) to another RSU [15]. The

protocols for high priority applications are still in

exploratory level in terms of security measures. In addition,

the following aspects should be considered as future

research possibilities in this area.

Distributing certificates securely, validating them very

fast and computationally efficient way should be given

more attention while designing secured routing

protocols for VANETs.

Determining the mobility pattern of vehicles and

linking the mobility pattern with malicious vehicles

could be considered as a potential research in

providing security and privacy in VANETs.

Determining and assigning trust values to vehicles and

establishing trust among vehicles are significantly

important to provide the integrity and reliability of

applications in VANETs.

The change of MAC addresses along with the

pseudonyms has not received sufficient attention. If the

IP address changes with the pseudonym the MAC

address should also change. Otherwise, adversaries can

easily track the target vehicle by its MAC address.

VANETs can provide Internet services on highways.

Users normally use Internet on highways for

emergency communications (e.g., checking emails, and

instant messaging) and social network applications

(e.g., facebook, twitter). Thus, designing secured

communication protocols for VANETs to protect user

profiles and private data from malicious vehicles

should be given the highest priority in this area of

research.

REFERENCES

[1]

Innovations in Information Technology (IIT), 2011 International

Conference on, pp.214-219, 25-27 April 201.1

[2

ACM/SIGMOBILE Workshop on

Dependability Issues in Wireless Ad Hoc Networks and Sensor Networks,

pages 1 8, 2006.

[3] S. Biswas, R. Tatchikou, and F. -to-Vehicle Wireless

IEEE

Communications Magazine, vol.44, no 1, pp. 74-82, January 2006.

[4] -based encryption from the Weil

Proc. of Crypto2001, LNCS, pp. 213-229, Springer-Verlag, 2001.

[5] Chen Chen, Xin Wang, Weili Han, and Binyu Zang

Distributed Computing

Systems Workshops, ICDCS Workshops '09. 29th IEEE International

Conference on, 2009, pp. 270-276, 2009.

[6] Chenxi Zhang, Xiaodong Lin, Rongxing Lu, and Pin-

An Efficient RSU Aided Message Authentication Scheme in Vehicular

Communications. ICC'08. IEEE International

Conference on, pp. 1451-1457, 2008.

[7] J In First International Workshop on

Peer-to-Peer Systems, pages 251 260, 2002.

[8] T. Gazdar, A. Benslimane and A. Belghith

Vehicular Technology Conference

(VTC Spring), 2011 IEEE 73rd, pp.1-5, 15-18 May 2011

[9

IEEE International Conference on Mobile Ad hoc and Sensor

Systems, 2007 -6, 2007

[10] A. Hesham, A. Abdel-Hamid and M.A. El-

distribution protocol for PKI- Wireless Days (WD), 2011

IFIP, pp.1-3, 10-12 Oct. 2011

[11] Huang Lu, Jie -based authentication

Computing,

Communications and Applications Conference (ComComAp), 2012, pp.

345-350, 11-13 Jan. 2012

[12] Y.C. Hu, A. Perrig and D.B Johnson cket leashes: a defense

INFOCOM 2003. Twenty-

Second Annual Joint Conference of the IEEE Computer and

Communications. IEEE Societies, vol. 3, pp. 1976-1986, 2003.

[13] D. Jiang and L. Delgrossi

In Proceedings

of IEEE Vehicular Technology Conference (VTC) spring, pp. 2036-2040,

May 2008.

[14] Jinyuan Sun, Yuguang Fang

Military

Communications Conference MILCOM 2008. IEEE, pp. 1-7, 2008.

[15] Md Mahbubul Haque, Jelena Misic, Vojislav Misic, Subir Biswas and

in Encyclopedia of

Wireless and Mobile Communications, September, 2009.

[16] M. Manvi, M.S. Kakkasageri, and D.G. Adiga

Authentication in Vehicular Ad Hoc Networks: E

Future Computer and Communication, ICFCC 2009. International

Conference on, 2009, pp. 16-20.

[17] Maxim Raya and Jean-

Proceedings of the 3rd ACM workshop on Security of ad

hoc and sensor networks (SASN '05), 2005.

[18] Maxim Raya, P. Papadimitratos and Jean-Pierre

IEEE Wireless Communications Magazine,

Special Issue on Inter-Vehicular Communications, pp. 8 15, 2006.

[19] Nai-Wei Lo, Hsiao-Chien Tsai

Applications - Globecom Workshops,

2007 IEEE, pp.1-8, 2007.

[20

International symposium on

information processing in sensor networks, pages 259 268, 2004.

[21] Yuanyuan Pan, Jianqing Li, Li Feng

Network

Computing and Information Security (NCIS), 2011 International

Conference on, vol.2, pp.141-145, 14-15 May 2011.

[22] W. Pires, T. de Paula Figueiredo, HC. Wong, and A. Loureiro,

IEEE

International Parallel & Distributed Processing Symposium, 2004.

[23] S.M. Safi, A. Movaghar and M. Mohammadizadeh

Internet. AH-ICI 2009, First

Asian Himalayas International Conference on, 2009, pp. 1-6

[24] I.A. Sumra, I. Ahmad, H. Hasbullah and J.-L. bin Ab Manan,

Ultra Modern Telecommunications and Control

Systems and Workshops (ICUMT), 2011 3rd International Congress on,

pp.1-8, 5-7 Oct. 2011

[25] Soyoung Park, B. Aslam, D. Turgut and C.C. Zou

Sybil attack in vehicular ad hoc network

Military Communications Conference, MILCOM,IEEE, 2009, pp. 1-7

[26] Tat Wing Chim, S.M. Yiu, L.C.K. Hui and V.O.K Li

Privacy Issues for Inter- Sensor,

Mesh and Ad Hoc Communications and Networks Workshops, 2009.

SECON Workshops '09. 6th Annual IEEE Communications Society

Conference on, 2009, pp. 1-3.

[27] A. Wasef, Y. Jiang, X. Shen

, In: Proceedings of the IEEE GLOBECOM

2008, pp. 1-5.

[28] C. Zhang, R. Lu, X. Lin, P.H. Ho and X.

based Batch Verification Scheme for Vehic IEEE

, Apr. 2008, pp. 816 824.