Trust-IoV: A Trustworthy Forensic Investigation Framework for the Internet of Vehicles (IoV)
25 Jun 2017-pp 25-32
TL;DR: This article proposes TrustIoV – a digital forensic framework for the IoV systems that provides mechanisms to collect and store trustworthy evidence from the distributed infrastructure and maintains a secure provenance of the evidence to ensure the integrity of the stored evidence.
Abstract: The Internet of Vehicles (IoV) is a complex and dynamic mobile network system that enables information sharing between vehicles, their surrounding sensors, and clouds. While IoV opens new opportunities in various applications and services to provide safety on the road, it introduces new challenges in the field of digital forensics investigations. The existing tools and procedures of digital forensics cannot meet the highly distributed, decentralized, dynamic, and mobile infrastructures of the IoV. Forensic investigators will face challenges while identifying necessary pieces of evidence from the IoV environment, and collecting and analyzing the evidence. In this article, we propose TrustIoV – a digital forensic framework for the IoV systems that provides mechanisms to collect and store trustworthy evidence from the distributed infrastructure. Trust-IoV maintains a secure provenance of the evidence to ensure the integrity of the stored evidence and allows investigators to verify the integrity of the evidence during an investigation. Our experimental results on a simulated environment suggest that Trust-IoV can operate with minimal overhead while ensuring the trustworthiness of evidence in a strong adversarial scenario.
Citations
More filters
TL;DR: The purpose of this paper is to identify and discuss the main issues involved in the complex process of IoT-based investigations, particularly all legal, privacy and cloud security challenges, as well as some promising cross-cutting data reduction and forensics intelligence techniques.
Abstract: Today is the era of the Internet of Things (IoT). The recent advances in hardware and information technology have accelerated the deployment of billions of interconnected, smart and adaptive devices in critical infrastructures like health, transportation, environmental control, and home automation. Transferring data over a network without requiring any kind of human-to-computer or human-to-human interaction, brings reliability and convenience to consumers, but also opens a new world of opportunity for intruders, and introduces a whole set of unique and complicated questions to the field of Digital Forensics. Although IoT data could be a rich source of evidence, forensics professionals cope with diverse problems, starting from the huge variety of IoT devices and non-standard formats, to the multi-tenant cloud infrastructure and the resulting multi-jurisdictional litigations. A further challenge is the end-to-end encryption which represents a trade-off between users’ right to privacy and the success of the forensics investigation. Due to its volatile nature, digital evidence has to be acquired and analyzed using validated tools and techniques that ensure the maintenance of the Chain of Custody. Therefore, the purpose of this paper is to identify and discuss the main issues involved in the complex process of IoT-based investigations, particularly all legal, privacy and cloud security challenges. Furthermore, this work provides an overview of the past and current theoretical models in the digital forensics science. Special attention is paid to frameworks that aim to extract data in a privacy-preserving manner or secure the evidence integrity using decentralized blockchain-based solutions. In addition, the present paper addresses the ongoing Forensics-as-a-Service (FaaS) paradigm, as well as some promising cross-cutting data reduction and forensics intelligence techniques. Finally, several other research trends and open issues are presented, with emphasis on the need for proactive Forensics Readiness strategies and generally agreed-upon standards.
440 citations
Cites background or methods from "Trust-IoV: A Trustworthy Forensic I..."
...vehicles via the V2V and V2I interface [47]....
[...]
...Since RSUs are usually left unattended, a potential attacker might try to tamper with the RSUs and disable the forensics support [47]....
[...]
...This could significantly slow down the investigation, unless the RSUs are embedded with tamper-resistant packaging to protect them from the anti-forensics techniques [47]....
[...]
...a malicious smartphone app could attack a smart vehicle or a roadsite unit (RSU) via the vehicle-to-consumer electronics (V2CE) interface [47]....
[...]
...as [47], [142], [143] presented blockchain-based forensic applications for connected vehicles (see Section Mobility Forensics Frameworks)....
[...]
TL;DR: IoT’s novel factors affecting traditional computer forensics are explored, including its strengths and weaknesses, and several indispensable open research challenges are identified as future research directions.
232 citations
Cites methods from "Trust-IoV: A Trustworthy Forensic I..."
...To address the forensics related challenges, the study [45] has proposed a trustworthy investigation framework called Trust-IoV for the Internet of Vehicles systems....
[...]
TL;DR: The aim of this survey is to provide directions for future work in the area of Blockchain-based vehicular networks, and existing research works aiming to overcome vehicular challenges using the Blockchain technology are presented and compared.
67 citations
TL;DR: In this paper, the authors highlight vehicle networks' evolution from vehicular ad-hoc networks (VANET) to the internet of vehicles (IoVs), listing their benefits and limitations.
Abstract: Determining how to structure vehicular network environments can be done in various ways. Here, we highlight vehicle networks' evolution from vehicular ad-hoc networks (VANET) to the internet of vehicles (IoVs), listing their benefits and limitations. We also highlight the reasons in adopting wireless technologies, in particular, IEEE 802.11p and 5G vehicle-to-everything, as well as the use of paradigms able to store and analyze a vast amount of data to produce intelligence and their applications in vehicular environments. We also correlate the use of each of these paradigms with the desire to meet existing intelligent transportation systems' requirements. The presentation of each paradigm is given from a historical and logical standpoint. In particular, vehicular fog computing improves on the deficiences of vehicular cloud computing, so both are not exclusive from the application point of view. We also emphasize some security issues that are linked to the characteristics of these paradigms and vehicular networks, showing that they complement each other and share problems and limitations. As these networks still have many opportunities to grow in both concept and application, we finally discuss concepts and technologies that we believe are beneficial. Throughout this work, we emphasize the crucial role of these concepts for the well-being of humanity.
64 citations
01 Aug 2019
TL;DR: TACASHI offers a trust-aware social in-vehicle and intervehicle communication architecture for SIoV considering also the drivers honesty factor based on OSN, clearly outperforming previous proposals, known as RTM and AD-IoV.
Abstract: The Internet of Vehicles (IoV) has emerged as a new spin-off research theme from traditional vehicular ad hoc networks. It employs vehicular nodes connected to other smart objects equipped with a powerful multisensor platform, communication technologies, and IP-based connectivity to the Internet, thereby creating a possible social network called Social IoV (SIoV). Ensuring the required trustiness among communicating entities is an important task in such heterogeneous networks, especially for safety-related applications. Thus, in addition to securing intervehicle communication, the driver/passengers honesty factor must also be considered, since they could tamper the system in order to provoke unwanted situations. To bridge the gaps between these two paradigms, we envision to connect SIoV and online social networks (OSNs) for the purpose of estimating the drivers and passengers honesty based on their OSN profiles. Furthermore, we compare the current location of the vehicles with their estimated path based on their historical mobility profile. We combine SIoV, path-based and OSN-based trusts to compute the overall trust for different vehicles and their current users. As a result, we propose a trust-aware communication architecture for social IoV (TACASHI). TACASHI offers a trust-aware social in-vehicle and intervehicle communication architecture for SIoV considering also the drivers honesty factor based on OSN. Extensive simulation results evidence the efficiency of our proposal, ensuring high detection ratios >87% and high accuracy with reduced error ratios, clearly outperforming previous proposals, known as RTM and AD-IoV.
64 citations
Cites background from "Trust-IoV: A Trustworthy Forensic I..."
...[17] proposed a trust model for collecting evidence from IoV infrastructures, store them in vehicles tamper-proof devices, and then start intervehicle trust-based communication....
[...]
References
More filters
TL;DR: In this article, the authors present a cloud centric vision for worldwide implementation of Internet of Things (IoT) and present a Cloud implementation using Aneka, which is based on interaction of private and public Clouds, and conclude their IoT vision by expanding on the need for convergence of WSN, the Internet and distributed computing directed at technological research community.
9,593 citations
16 Jun 2011
TL;DR: The content and status of the DSRC standards being developed for deployment in the United States are explained, including insights into why specific technical solutions are being adopted, and key challenges remaining for successful DSRC deployment.
Abstract: Wireless vehicular communication has the potential to enable a host of new applications, the most important of which are a class of safety applications that can prevent collisions and save thousands of lives. The automotive industry is working to develop the dedicated short-range communication (DSRC) technology, for use in vehicle-to-vehicle and vehicle-to-roadside communication. The effectiveness of this technology is highly dependent on cooperative standards for interoperability. This paper explains the content and status of the DSRC standards being developed for deployment in the United States. Included in the discussion are the IEEE 802.11p amendment for wireless access in vehicular environments (WAVE), the IEEE 1609.2, 1609.3, and 1609.4 standards for Security, Network Services and Multi-Channel Operation, the SAE J2735 Message Set Dictionary, and the emerging SAE J2945.1 Communication Minimum Performance Requirements standard. The paper shows how these standards fit together to provide a comprehensive solution for DSRC. Most of the key standards are either recently published or expected to be completed in the coming year. A reader will gain a thorough understanding of DSRC technology for vehicular communication, including insights into why specific technical solutions are being adopted, and key challenges remaining for successful DSRC deployment. The U.S. Department of Transportation is planning to decide in 2013 whether to require DSRC equipment in new vehicles.
1,866 citations
16 May 2010
TL;DR: It is demonstrated that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems and present composite attacks that leverage individual weaknesses.
Abstract: Modern automobiles are no longer mere mechanical devices; they are pervasively monitored and controlled by dozens of digital computers coordinated via internal vehicular networks. While this transformation has driven major advancements in efficiency and safety, it has also introduced a range of new potential risks. In this paper we experimentally evaluate these issues on a modern automobile and demonstrate the fragility of the underlying system structure. We demonstrate that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems. Over a range of experiments, both in the lab and in road tests, we demonstrate the ability to adversarially control a wide range of automotive functions and completely ignore driver input\dash including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on. We find that it is possible to bypass rudimentary network security protections within the car, such as maliciously bridging between our car's two internal subnets. We also present composite attacks that leverage individual weaknesses, including an attack that embeds malicious code in a car's telematics unit and that will completely erase any evidence of its presence after a crash. Looking forward, we discuss the complex challenges in addressing these vulnerabilities while considering the existing automotive ecosystem.
1,463 citations
TL;DR: In this article, the authors present aspects related to this field to help researchers and developers to understand and distinguish the main features surrounding VANET in one solid document, without the need to go through other relevant papers and articles.
1,216 citations
TL;DR: Some of the VANET research challenges that still need to be addressed to enable the ubiquitous deployment and widespead adoption of scalable, reliable, robust, and secure VANet architectures, protocols, technologies, and services are outlined.
Abstract: Recent advances in hardware, software, and communication technologies are enabling the design and implementation of a whole range of different types of networks that are being deployed in various environments. One such network that has received a lot of interest in the last couple of years is the Vehicular Ad-Hoc Network (VANET). VANET has become an active area of research, standardization, and development because it has tremendous potential to improve vehicle and road safety, traffic efficiency, and convenience as well as comfort to both drivers and passengers. Recent research efforts have placed a strong emphasis on novel VANET design architectures and implementations. A lot of VANET research work have focused on specific areas including routing, broadcasting, Quality of Service (QoS), and security. We survey some of the recent research results in these areas. We present a review of wireless access standards for VANETs, and describe some of the recent VANET trials and deployments in the US, Japan, and the European Union. In addition, we also briefly present some of the simulators currently available to VANET researchers for VANET simulations and we assess their benefits and limitations. Finally, we outline some of the VANET research challenges that still need to be addressed to enable the ubiquitous deployment and widespead adoption of scalable, reliable, robust, and secure VANET architectures, protocols, technologies, and services.
1,132 citations