Showing papers by "Arzad A. Kherani published in 2009"

Distributed Misbehavior Detection in VANETs

Abstract: In any vehicular adhoc network, there is always a possibility of incorrect messages being transmitted either due to faulty sensors and/or intentional malicious activities. Detecting and evicting sources of such misbehavior is an important problem. We observe that the performance of misbehavior detection schemes will depend on the application under consideration and the mobility dynamics of the detecting vehicle. Further, the underlying tradeoff in any such detection algorithm is the balance between False Positives and False Negatives; one would like to detect as many misbehaviors as possible, while at the same time ensuring that the genuine vehicles are not wrongly accused. In this work we propose and analyze (via simulations) the performance of a Misbehavior Detection Scheme (MDS) for Post Crash Notification (PCN) application. We observe that the performance of this proposed scheme is not very sensitive to the exact dynamics of the vehicle on small scales, so that slight error in estimating the dynamics of the detecting vehicle does not degrade the performance of the MDS.

Misbehavior detection scheme with integrated root cause detection in VANET

Abstract: Securing communication using broadcast authentication schemes (BAS) in V2V does not always guarantee exchange of correct and/or accurate information. Misbehavior Detection Schemes (MDS) are aimed at detecting the exchange of such information. In this paper, we propose a MDS for Post Crash Notification (PCN) application based on root-cause analysis that is capable of detecting different types of misbehaviors possible, for example, a false crash alert raised in the absence of a crash and a crash alert raised with incorrect positional information.

Distributed algorithm for minimizing delay in multi-hop wireless sensor networks

Abstract: We consider a wireless sensor network with n sensor nodes. The sensed data needs to be transferred in a multi-hop fashion to a common processing center. We consider the standard data sampling/sensing scheme where the sensor nodes have a sampling process independent of the transmission scheme. In this paper, we study the problem of optimizing the end-to-end delay in a multi-hop single-sink wireless sensor network. We prove that the delay-minimization objective function is strictly convex for the entire network. We then provide a distributed optimization framework to achieve the required objective. The approach is based on distributed convex optimization and deterministic distributed algorithm without feedback control. Only local knowledge is used to update the algorithmic steps. Specifically, we formulate the objective as a network level delay minimization function where the constraints are the reception-capacity and service-rate probabilities. Using the Lagrangian dual composition method, we derive a distributed primal-dual algorithm to minimize the delay in the network.We further develop a stochastic delay control primal-dual algorithm in the presence of noisy conditions. We also present its convergence and rate of convergence. The proposal is extensively evaluated by analysis and simulations.

Performance of broadcast authentication for secure V2V safety applications: A holistic view

Abstract: Efficient broadcast authentication has seen a lot of work in the recent past. Most broadcast authentication protocols rely on an underlying Public Key Infrastructure (PKI) to provide a point of trust from which credentials for more efficient cryptographic mechanisms for broadcast authentication can be derived. Thus, there is a logical dependence of some cryptographic credentials (e.g., verifiers for one-time signatures) on others (e.g., certificates from the PKI). However, since V2V messages are transmitted using a random access broadcast, messages containing these credentials could be lost, thereby preventing the verification of credentials depending on the lost ones. Further, since the wireless bandwidth is precious, there have been proposals to optimize the transmission of certificates and other credentials over the air. The more infrequently these are transmitted, the more is the temporal dependence on the verification times of V2V messages. On the flip side, the more frequently these are transmitted, the more is the bandwidth overhead (i.e., greater packet size) and the more the chances of packet collisions over the air. We illustrate this dilemma by means of a case-study, and advocate a holistic approach to broadcast authentication.

Reliable and secure broadcast communication over resource constrained systems

Abstract: Compute platforms for wireless sensor networks and Vehicle-to-Vehicle (V2V) communications employ random channel access for message transmission and typically suffer from limited processing capability and on-board memory on a per-application basis because of the multiple processes going on in parallel. Appending digital signatures to transmitted messages in such systems increases information reliability, but requires an intemperate use of scarce resources, more so with an increased security requirement.It thus appears imperative to tradeoff security for network performance to conserve scarce resources for a given resource constrained platform. This requires a good understanding of the communication performance of these systems. We observe that resource constraints in these systems induce complex interaction between the security and MAC layers at a node, obviating the possibility of layer specific optimizations to improve system performance for broadcast applications. For example, reducing the channel access probability at the MAC layer reduces collision probabilities, in turn increasing the verification load on the security layer. There is hence a need to take a holistic approach to dimension such systems to improve performance. In achieving this objective, we provide:• an analytical framework to model these systems with or without an impersonation attacker. This analysis also takes into consideration the possibility of multiple digital signatures being attached to a message, so that the receiver has a choice of verifying one of these.• a characterization of the stability region of the system.• an information-theoretic approach towards reliable communication of application data over these systems. We view the combination of security-MAC-security layers as an erasure channel and provide attainable rates, jointly optimizing on sampling rate and channel transmission rate.