Performance and security evaluation of intra-vehicular communication architecture
23 May 2016-pp 302-308
TL;DR: The results verify the feasibility of proposed architecture by providing required level of service quality and it outperforms the existing secure architectures and protect the wireless intra-vehicular communication system from IP based attacks.
Abstract: In this paper, we propose a secure intra-vehicular wireless communication architecture based on Host Identity Protocol (HIP). It ultimately improves the security of wireless intra-vehicular communication systems. The performance evaluation of the proposed architecture is performed in a ski tunnel which emulates the real underground transportation environment. Our results verify the feasibility of proposed architecture by providing required level of service quality. Also, it outperforms the existing secure architectures. More importantly, the proposed architecture protect the wireless intra-vehicular communication system from IP based attacks.
Citations
More filters
TL;DR: This paper presents a comprehensive survey and taxonomy of the existing security solutions for V2X communication technology, and provides discussions and comparisons with regard to some pertinent criteria.
78 citations
Cites background from "Performance and security evaluation..."
...For instance, Mármol and Pérez (2012) proposed a security model that worked on detecting selfish nodes that transmit false or bogus messages. The model defined a fuzzy set to classify each node with three different trust levels. Based on the source node trustworthiness level, the receiver can decide whether it has to receive, forward or drop it. Also, fuzzy logic models were proposed in (Rafique et al. (2016)) to detect packet dropping attack....
[...]
...For instance, Mármol and Pérez (2012) proposed a security model that worked on detecting selfish nodes that transmit false or bogus messages....
[...]
TL;DR: Numerical results show the desirable performance of the hybrid scheme for IoT-IVWSNs in comparison to the existing MAC and sole history-based or priority-based strategies in the context of packet delivery ratio and transmission delay.
12 citations
01 Jan 2016
TL;DR: A scalable secure flat-VPLS architecture is proposed based on a Host Identity Protocol (HIP) that contains a session key-based security mechanism and an efficient broadcast mechanism that increase the forwarding and security plane scalability of VPLS networks.
Abstract: Ethernet based VPLS (Virtual Private LAN Service) is a transparent, protocol independent, multipoint L2VPN (Layer 2 Virtual Private Network) mechanism to interconnect remote customer sites over IP (Internet Protocol) or MPLS (Multiprotocol Label Switching) based provider networks. VPLS networks are now becoming attractive in many Enterprise applications, such as DCI (data center interconnect), voice over IP (VoIP) and videoconferencing services due to their simple, protocol-independent and cost efficient operation. However, these new VPLS applications demand additional requirements, such as elevated security, enhanced scalability, optimum utilization of network resources and further reduction in operational costs. Hence, the motivation of this thesis is to develop secure and scalable VPLS architectures for future communication networks. First, a scalable secure flat-VPLS architecture is proposed based on a Host Identity Protocol (HIP). It contains a session key-based security mechanism and an efficient broadcast mechanism that increase the forwarding and security plane scalability of VPLS networks. Second, a secure hierarchical-VPLS architecture is proposed to achieve control plane scalability. A novel encrypted label-based secure frame forwarding mechanism is designed to transport L2 frames over a hierarchical VPLS network. Third, a novel Distributed Spanning Tree Protocol (DSTP) is designed to maintain a loop free Ethernet network over a VPLS network. With DSTP it is proposed to run a modified STP (Spanning Tree Protocol) instance in each remote segment of the VPLS network. In addition, two Redundancy Identification Mechanisms (RIMs) termed Customer Associated RIMs (CARIM) and Provider Associated RIMs (PARIM) are used to mitigate the impact of invisible loops in the provider network. Lastly, a novel SDN (Software Defined Networking) based VPLS (Soft-VPLS) architecture is designed to overcome tunnel management limitations in legacy secure VPLS architectures. Moreover, three new mechanisms are proposed to improve the performance of legacy tunnel management functions: 1) A dynamic tunnel establishment mechanism, 2) a tunnel resumption mechanism and 3) a fast transmission mechanism. The proposed architecture utilizes a centralized controller to command VPLS tunnel establishment based on real-time network behavior. Hence, the results of the thesis will help for more secure, scalable and efficient system design and development of VPLS networks. It will also help to optimize the utilization of network resources and further reduction in operational costs of future VPLS networks.
9 citations
01 Aug 2017
TL;DR: This paper summarized the results of a thesis which focused on increasing the scalability, flexibility and compatibility of secure VPLS networks, and proposed a scalable secure flat-VPLS architecture based on Host Identity Protocol (HIP) to increase the forwarding and security plane scalability.
Abstract: Ethernet based VPLS (Virtual Private LAN Service) networks are now becoming attractive in many enterprise applications due to simple, protocol-independent and cost efficient operation. However, new VPLS applications demand additional requirements, such as elevated security, enhanced scalability and improved flexibility. This paper summarized the results of a thesis which focused to increase the scalability, flexibility and compatibility of secure VPLS networks. First, we propose a scalable secure flat-VPLS architecture based on Host Identity Protocol (HIP) to increase the forwarding and security plane scalability. Then, a secure hierarchical-VPLS architecture has been proposed by extending the previous proposal to achieve control plane scalability as well. To solve the compatibility issues of Spanning Tree Protocol (STP) in VPLS networks, a novel Distributed STP (DSTP) is proposed. Lastly, we propose a novel SDN (Software Defined Networking) based VPLS (SoftVPLS) architecture to overcome tunnel management limitations in legacy secure VPLS architectures. Simulation models and testbed implementations are used to verify the performance of proposed solutions.
3 citations
Posted Content•
TL;DR: In this paper, the authors present a comprehensive survey and taxonomy of the existing security solutions for V2X communication technology and provide discussions and comparisons with regard to some pertinent criteria.
Abstract: In recent years, vehicles became able to establish connections with other vehicles and infrastructure units that are located in the roadside. In the near future, the vehicular network will be expanded to include the communication between vehicles and any smart devices in the roadside which is called Vehicle-to-Everything (V2X) communication. The vehicular network causes many challenges due to heterogeneous nodes, various speeds and intermittent connection, where traditional security methods are not always efficacious. As a result, an extensive variety of research works has been done on optimizing security solutions whilst considering network requirements. In this paper, we present a comprehensive survey and taxonomy of the existing security solutions for V2X communication technology. Then, we provide discussions and comparisons with regard to some pertinent criteria. Also, we present a threat analysis for V2X enabling technologies. Finally, we point out the research challenges and some future directions.
References
More filters
TL;DR: This work addresses the problem of security and protection of private user information within the SeVeCom project, having developed a security architecture that provides a comprehensive and practical solution that can be quickly adopted and deployed.
Abstract: Significant developments have taken place over the past few years in the area of vehicular communication systems. Now, it is well understood in the community that security and protection of private user information are a prerequisite for the deployment of the technology. This is so precisely because the benefits of VC systems, with the mission to enhance transportation safety and efficiency, are at stake. Without the integration of strong and practical security and privacy enhancing mechanisms, VC systems can be disrupted or disabled, even by relatively unsophisticated attackers. We address this problem within the SeVeCom project, having developed a security architecture that provides a comprehensive and practical solution. We present our results in a set of two articles in this issue. In this first one, we analyze threats and types of adversaries, identify security and privacy requirements, and present a spectrum of mechanisms to secure VC systems. We provide a solution that can be quickly adopted and deployed. In the second article we present our progress toward the implementation of our architecture and results on the performance of the secure VC system, along with a discussion of upcoming research challenges and our related current results.
566 citations
"Performance and security evaluation..." refers background in this paper
...An analysis of security requirements and types of threats to a vehicular communication system are presented in [3]....
[...]
...Most of the existing wireless intra-vehicle communication systems are based on Wi-Fi systems [1] [2] [3] [5]....
[...]
11 Sep 2009
TL;DR: This paper tries to explain WPA2 versions, problems and enhancements that have done solve the WPA major weakness, and makes a comparison among WEP and WPA and WEP2 as all wireless security protocols in Wi-Fi technology.
Abstract: Wireless technology has been gaining rapid popularity for some years. Adaptation of a standard depends on the ease of use and level of security it provides. In this case, contrast between wireless usage and security standards show that the security is not keeping up with the growth paste of end user's usage. Current wireless technologies in use allow hackers to monitor and even change the integrity of transmitted data. Lack of rigid security standards has caused companies to invest millions on securing their wireless networks. There are three major types of security standards in wireless. In our previous papers which registered in ICFCC 2009 Malaysia and ICCDA 2009 Singapore [1] [2], we explained the structure of WEP and WPA as first and second wireless security protocols and discussed all their versions, problems and improvements. Now, we try to explain WPA2 versions, problems and enhancements that have done solve the WPA major weakness. Finally we make a comparison among WEP and WPA and WPA2 as all wireless security protocols in Wi-Fi technology. In the next phase we hope that we will publish a complete comparison among wireless security techniques by add the WiMax security technique and make a whole comparison among all security protocols in this area.
152 citations
"Performance and security evaluation..." refers background in this paper
...WEP is vulnerable to replay attack, packet forgery attack, weak initialization vector (IV) and the lack of key management; and hence it is considered completely dead protocol in terms of security [8] [9] [10]....
[...]
04 Aug 2008
TL;DR: This book presents a well-structured, readable and compact overview of the core protocol with relevant extensions to the Internet architecture and infrastructure, and will be a valuable reference for practicing engineers in equipment manufacturing companies and telecom operators, as well as network managers, network engineers, network operators and telecom engineers.
Abstract: Within the set of many identifier-locator separation designs for the Internet, HIP has progressed further than anything else we have so far. It is time to see what HIP can do in larger scale in the real world. In order to make that happen, the world needs a HIP book, and now we have it. - Jari Arkko, Internet Area Director, IETF One of the challenges facing the current Internet architecture is the incorporation of mobile and multi-homed terminals (hosts), and an overall lack of protection against Denial-of-Service attacks and identity spoofing. The Host Identity Protocol (HIP) is being developed by the Internet Engineering Task Force (IETF) as an integrated solution to these problems. The book presents a well-structured, readable and compact overview of the core protocol with relevant extensions to the Internet architecture and infrastructure. The covered topics include the Bound End-to-End Tunnel Mode for IPsec, Overlay Routable Cryptographic Hash Identifiers, extensions to the Domain Name System, IPv4 and IPv6 interoperability, integration with SIP, and support for legacy applications. Unique features of the book: All-in-one source for HIP specifications Complete coverage of HIP architecture and protocols Base exchange, mobility and multihoming extensions Practical snapshots of protocol operation IP security on lightweight devices Traversal of middleboxes, such as NATs and firewalls Name resolution infrastructure Micromobility, multicast, privacy extensions Chapter on applications, including HIP pilot deployment in a Boeing factory HOWTO for HIP on Linux (HIPL) implementation An important compliment to the official IETF specifications, this book will be a valuable reference for practicing engineers in equipment manufacturing companies and telecom operators, as well as network managers, network engineers, network operators and telecom engineers. Advanced students and academics, IT managers, professionals and operating system specialists will also find this book of interest.
122 citations
"Performance and security evaluation..." refers background or methods in this paper
...We use the same terminology which was used in [12] [13]....
[...]
...As HIP is using the IPSec ESP (Encapsulating Security Payload) protocol [12], [13], points of security do not forward out anything else but authenticated ESP packets which provides the protection against information snooping on the wireless link....
[...]
...It also provides the end-to-end data encryption and mutual authentication [12]....
[...]
Patent•
20 Aug 1997TL;DR: In this article, the lead transceiver unit initiates a command by sending a command message and each of the remote transceivers receiving the command message transmits a reply message which repeats the command messages and contains the status of the sending remote.
Abstract: A radio-based system for a train including a lead transceiver unit and multiple remote transceiver units. The lead transceiver unit initiates a command by sending a command message. Each of the remote transceivers receiving the command message transmits a reply message which repeats the command message and contains the status of the sending remote. Remote transceivers not receiving the lead transceiver's transmitted command message, but receiving a reply message from one of the other remote transceivers, transmit a reply message containing the remote's status. The lead transceiver detects whether reply messages are received from the remote transceivers and may transmit a request in response. One or more remote transceivers may store and re-transmit reply messages from other transceivers in response to the request.
89 citations
27 Aug 2007
TL;DR: This paper surveys existing wireless techniques used in the railway industry for both communications and signalling purposes and presents the work in progress on low-cost, low-power wireless sensor networking architecture to monitor the health of railway wagons attached to a moving locomotive.
Abstract: Advances in information and communications technology have enabled the adoption of wireless communication techniques in all sectors for the transmission of information in all forms between any two points. Wireless communications and distributed computing have promoted the development of vehicle- monitoring systems to reduce the maintenance and inspection requirements of railway systems while maintaining safety and reliability. This paper surveys existing wireless techniques used in the railway industry for both communications and signalling purposes. Finally we present our work in progress on low-cost, low-power wireless sensor networking architecture to monitor the health of railway wagons attached to a moving locomotive.
83 citations
"Performance and security evaluation..." refers background in this paper
...Most of the existing wireless intra-vehicle communication systems are based on Wi-Fi systems [1] [2] [3] [5]....
[...]
...In [2], authors conducted a survey on wireless techniques which are used in the railway industry....
[...]