Visible to the public Biblio

Filters: Keyword is Sybil attack  [Clear All Filters]
2020-06-01
Pruthi, Vardaan, Mittal, Kanika, Sharma, Nikhil, Kaushik, Ila.  2019.  Network Layers Threats its Countermeasures in WSNs. 2019 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS). :156—163.

WSN can be termed as a collection of dimensionally diffused nodes which are capable of surveilling and analyzing their surroundings. The sensors are delicate, transportable and small in size while being economical at the same time. However, the diffused nature of these networks also exposes them to a variety of security hazards. Hence, ensuring a reliable file exchange in these networks is not an easy job due to various security requirements that must be fulfilled. In this paper we concentrate mainly on network layer threats and their security countermeasures to overcome the scope of intruders to access the information without having any authentication on the network layer. Various network layer intrusions that are discussed here include Sinkhole Attack, Sybil Attack, Wormhole Attack, Selective Forwarding Attack, Blackhole Attack And Hello Flood Attack.

2020-03-02
Wheeler, Thomas, Bharathi, Ezhil, Gil, Stephanie.  2019.  Switching Topology for Resilient Consensus Using Wi-Fi Signals. 2019 International Conference on Robotics and Automation (ICRA). :2018–2024.

Securing multi-robot teams against malicious activity is crucial as these systems accelerate towards widespread societal integration. This emerging class of ``physical networks'' requires research into new methods of security that exploit their physical nature. This paper derives a theoretical framework for securing multi-agent consensus against the Sybil attack by using the physical properties of wireless transmissions. Our frame-work uses information extracted from the wireless channels to design a switching signal that stochastically excludes potentially untrustworthy transmissions from the consensus. Intuitively, this amounts to selectively ignoring incoming communications from untrustworthy agents, allowing for consensus to the true average to be recovered with high probability if initiated after a certain observation time T0 that we derive. This work is different from previous work in that it allows for arbitrary malicious node values and is insensitive to the initial topology of the network so long as a connected topology over legitimate nodes in the network is feasible. We show that our algorithm will recover consensus and the true graph over the system of legitimate agents with an error rate that vanishes exponentially with time.

Swathi, P, Modi, Chirag, Patel, Dhiren.  2019.  Preventing Sybil Attack in Blockchain Using Distributed Behavior Monitoring of Miners. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–6.

Blockchain technology is useful with the record keeping of digital transactions, IoT, supply chain management etc. However, we have observed that the traditional attacks are possible on blockchain due to lack of robust identity management. We found that Sybil attack can cause severe impact in public/permissionless blockchain, in which an attacker can subvert the blockchain by creating a large number of pseudonymous identities (i.e. Fake user accounts) and push legitimate entities in the minority. Such virtual nodes can act like genuine nodes to create disproportionately large influence on the network. This may lead to several other attacks like DoS, DDoS etc. In this paper, a Sybil attack is demonstrated on a blockchain test bed with its impact on the throughput of the system. We propose a solution directive, in which each node monitors the behavior of other nodes and checks for the nodes which are forwarding the blocks of only particular user. Such nodes are quickly identified, blacklisted and notified to other nodes, and thus the Sybil attack can be restricted. We analyze experimental results of the proposed solution.

Li, Wei, Zhang, Dongmei.  2019.  RSSI Sequence and Vehicle Driving Matrix Based Sybil Nodes Detection in VANET. 2019 IEEE 11th International Conference on Communication Software and Networks (ICCSN). :763–767.

In VANET, Sybil nodes generated by attackers cause serious damages to network protocols, resource allocation mechanisms, and reputation models. Other types of attacks can also be launched on the basis of Sybil attack, which bring more threats to VANET. To solve this problem, this paper proposes a Sybil nodes detection method based on RSSI sequence and vehicle driving matrix - RSDM. RSDM evaluates the difference between the RSSI sequence and the driving matrix by dynamic distance matching to detect Sybil nodes. Moreover, RSDM does not rely on VANET infrastructure, neighbor nodes or specific hardware. The experimental results show that RSDM performs well with a higher detection rate and a lower error rate.

Lastinec, Jan, Keszeli, Mario.  2019.  Analysis of Realistic Attack Scenarios in Vehicle Ad-Hoc Networks. 2019 7th International Symposium on Digital Forensics and Security (ISDFS). :1–6.

The pace of technological development in automotive and transportation has been accelerating rapidly in recent years. Automation of driver assistance systems, autonomous driving, increasing vehicle connectivity and emerging inter-vehicular communication (V2V) are among the most disruptive innovations, the latter of which also raises numerous unprecedented security concerns. This paper is focused on the security of V2V communication in vehicle ad-hoc networks (VANET) with the main goal of identifying realistic attack scenarios and evaluating their impact, as well as possible security countermeasures to thwart the attacks. The evaluation has been done in OMNeT++ simulation environment and the results indicate that common attacks, such as replay attack or message falsification, can be eliminated by utilizing digital signatures and message validation. However, detection and mitigation of advanced attacks such as Sybil attack requires more complex approach. The paper also presents a simple detection method of Sybil nodes based on measuring the signal strength of received messages and maintaining reputation of sending nodes. The evaluation results suggest that the presented method is able to detect Sybil nodes in VANET and contributes to the improvement of traffic flow.

Gyawali, Sohan, Qian, Yi.  2019.  Misbehavior Detection Using Machine Learning in Vehicular Communication Networks. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.

Vehicular networks are susceptible to variety of attacks such as denial of service (DoS) attack, sybil attack and false alert generation attack. Different cryptographic methods have been proposed to protect vehicular networks from these kind of attacks. However, cryptographic methods have been found to be less effective to protect from insider attacks which are generated within the vehicular network system. Misbehavior detection system is found to be more effective to detect and prevent insider attacks. In this paper, we propose a machine learning based misbehavior detection system which is trained using datasets generated through extensive simulation based on realistic vehicular network environment. The simulation results demonstrate that our proposed scheme outperforms previous methods in terms of accurately identifying various misbehavior.

Gupta, Diksha, Saia, Jared, Young, Maxwell.  2019.  Peace Through Superior Puzzling: An Asymmetric Sybil Defense. 2019 IEEE International Parallel and Distributed Processing Symposium (IPDPS). :1083–1094.

A common tool to defend against Sybil attacks is proof-of-work, whereby computational puzzles are used to limit the number of Sybil participants. Unfortunately, current Sybil defenses require significant computational effort to offset an attack. In particular, good participants must spend computationally at a rate that is proportional to the spending rate of an attacker. In this paper, we present the first Sybil defense algorithm which is asymmetric in the sense that good participants spend at a rate that is asymptotically less than an attacker. In particular, if T is the rate of the attacker's spending, and J is the rate of joining good participants, then our algorithm spends at a rate f O($\surd$(TJ) + J). We provide empirical evidence that our algorithm can be significantly more efficient than previous defenses under various attack scenarios. Additionally, we prove a lower bound showing that our algorithm's spending rate is asymptotically optimal among a large family of algorithms.

Ayaida, Marwane, Messai, Nadhir, Wilhelm, Geoffrey, Najeh, Sameh.  2019.  A Novel Sybil Attack Detection Mechanism for C-ITS. 2019 15th International Wireless Communications Mobile Computing Conference (IWCMC). :913–918.

Cooperative Intelligent Transport Systems (C-ITS) are expected to play an important role in our lives. They will improve the traffic safety and bring about a revolution on the driving experience. However, these benefits are counterbalanced by possible attacks that threaten not only the vehicle's security, but also passengers' lives. One of the most common attacks is the Sybil attack, which is even more dangerous than others because it could be the starting point of many other attacks in C-ITS. This paper proposes a distributed approach allowing the detection of Sybil attacks by using the traffic flow theory. The key idea here is that each vehicle will monitor its neighbourhood in order to detect an eventual Sybil attack. This is achieved by a comparison between the real accurate speed of the vehicle and the one estimated using the V2V communications with vehicles in the vicinity. The estimated speed is derived by using the traffic flow fundamental diagram of the road's portion where the vehicles are moving. This detection algorithm is validated through some extensive simulations conducted using the well-known NS3 network simulator with SUMO traffic simulator.

2020-02-26
Tandon, Aditya, Srivastava, Prakash.  2019.  Trust-Based Enhanced Secure Routing against Rank and Sybil Attacks in IoT. 2019 Twelfth International Conference on Contemporary Computing (IC3). :1–7.

The Internet of Things (IoT) is an emerging technology that plays a vital role in interconnecting various objects into a network to provide desired services within its resource constrained characteristics. In IoT, the Routing Protocol for Low power and Lossy network (RPL) is the standardized proactive routing protocol that achieves satisfying resource consumption, but it does not consider the node's routing behavior for forwarding data packets. The malicious intruders exploit these loopholes for launching various forms of routing attacks. Different security mechanisms have been introduced for detecting these attacks singly. However, the launch of multiple attacks such as Rank attack and Sybil attacks simultaneously in the IoT network is one of the devastating and destructive situations. This problem can be solved by establishing secure routing with trustworthy nodes. The trustworthiness of the nodes is determined using trust evaluation methods, where the parameters considered are based on the factors that influence in detecting the attacks. In this work, Providing Routing Security using the Technique of Collective Trust (PROTECT) mechanism is introduced, and it aims to provide a secure RPL routing by simultaneously detecting both Rank and Sybil attacks in the network. The advantage of the proposed scheme is highlighted by comparing its performance with the performance of the Sec-Trust protocol in terms of detection accuracy, energy consumption, and throughput.

2019-11-26
Pradhan, Srikanta, Tripathy, Somanath, Nandi, Sukumar.  2018.  Blockchain Based Security Framework for P2P Filesharing System. 2018 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS). :1-6.

Peer to Peer (P2P) is a dynamic and self-organized technology, popularly used in File sharing applications to achieve better performance and avoids single point of failure. The popularity of this network has attracted many attackers framing different attacks including Sybil attack, Routing Table Insertion attack (RTI) and Free Riding. Many mitigation methods are also proposed to defend or reduce the impact of such attacks. However, most of those approaches are protocol specific. In this work, we propose a Blockchain based security framework for P2P network to address such security issues. which can be tailored to any P2P file-sharing system.

2019-02-18
Shamieh, F., Alharbi, R..  2018.  Novel Sybil Defense Scheme for Peer–to–peer Applications. 2018 21st Saudi Computer Society National Computer Conference (NCC). :1–8.

The importance of peer-to-peer (P2P) network overlays produced enormous interest in the research community due to their robustness, scalability, and increase of data availability. P2P networks are overlays of logically connected hosts and other nodes including servers. P2P networks allow users to share their files without the need for any centralized servers. Since P2P networks are largely constructed of end-hosts, they are susceptible to abuse and malicious activity, such as sybil attacks. Impostors perform sybil attacks by assigning nodes multiple addresses, as opposed to a single address, with the goal of degrading network quality. Sybil nodes will spread malicious data and provide bogus responses to requests. To prevent sybil attacks from occurring, a novel defense mechanism is proposed. In the proposed scheme, the DHT key-space is divided and treated in a similar manner to radio frequency allocation incensing. An overlay of trusted nodes is used to detect and handle sybil nodes with the aid of source-destination pairs reporting on each other. The simulation results show that the proposed scheme detects sybil nodes in large sized networks with thousands of interactions.

Wang, G., Wang, B., Wang, T., Nika, A., Zheng, H., Zhao, B. Y..  2018.  Ghost Riders: Sybil Attacks on Crowdsourced Mobile Mapping Services. IEEE/ACM Transactions on Networking. 26:1123–1136.
Real-time crowdsourced maps, such as Waze provide timely updates on traffic, congestion, accidents, and points of interest. In this paper, we demonstrate how lack of strong location authentication allows creation of software-based Sybil devices that expose crowdsourced map systems to a variety of security and privacy attacks. Our experiments show that a single Sybil device with limited resources can cause havoc on Waze, reporting false congestion and accidents and automatically rerouting user traffic. More importantly, we describe techniques to generate Sybil devices at scale, creating armies of virtual vehicles capable of remotely tracking precise movements for large user populations while avoiding detection. To defend against Sybil devices, we propose a new approach based on co-location edges, authenticated records that attest to the one-time physical co-location of a pair of devices. Over time, co-location edges combine to form large proximity graphs that attest to physical interactions between devices, allowing scalable detection of virtual vehicles. We demonstrate the efficacy of this approach using large-scale simulations, and how they can be used to dramatically reduce the impact of the attacks. We have informed Waze/Google team of our research findings. Currently, we are in active collaboration with Waze team to improve the security and privacy of their system.
Singh, S., Saini, H. S..  2018.  Security approaches for data aggregation in Wireless Sensor Networks against Sybil Attack. 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT). :190–193.
A wireless sensor network consists of many important elements like Sensors, Bass station and User. A Sensor can measure many non electrical quantities like pressure, temperature, sound, etc and transmit this information to the base station by using internal transreceiver. A security of this transmitted data is very important as the data may contain important information. As wireless sensor network have many application in the military and civil domains so security of wireless sensor network become a critical concern. A Sybil attack is one of critical attack which can affect the routing protocols, fair resourse allocation, data aggregation and misbehavior detection parameters of network. A number of detection techniques to detect Sybil nodes have already designed to overcome the Sybil attack. Out of all the techniques few techniques which can improve the true detection rate and reduce false detection rate are discussed in this paper.
Gupta, Diksha, Saia, Jared, Young, Maxwell.  2018.  Proof of Work Without All the Work. Proceedings of the 19th International Conference on Distributed Computing and Networking. :6:1–6:10.

Proof-of-work (PoW) is an algorithmic tool used to secure networks by imposing a computational cost on participating devices. Unfortunately, traditional PoW schemes require that correct devices perform computational work perpetually, even when the system is not under attack. We address this issue by designing a general PoW protocol that ensures two properties. First, the network stays secure. In particular, the fraction of identities in the system that are controlled by an attacker is always less than 1/2. Second, our protocol's computational cost is commensurate with the cost of an attacker. That is, the total computational cost of correct devices is a linear function of the attacker's computational cost plus the number of correct devices that have joined the system. Consequently, if the network is attacked, we ensure security, with cost that grows linearly with the attacker's cost; and, in the absence of attack, our computational cost is small. We prove similar guarantees for bandwidth cost. Our results hold in a dynamic, decentralized system where participants join and depart over time, and where the total computational power of the attacker is up to a constant fraction of the total computational power of correct devices. We show how to leverage our results to address important security problems in distributed computing including: Sybil attacks, Byzantine Consensus, and Committee Election.

Hernandez, Nestor, Rahman, Mizanur, Recabarren, Ruben, Carbunar, Bogdan.  2018.  Fraud De-Anonymization for Fun and Profit. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :115–130.
The persistence of search rank fraud in online, peer-opinion systems, made possible by crowdsourcing sites and specialized fraud workers, shows that the current approach of detecting and filtering fraud is inefficient. We introduce a fraud de-anonymization approach to disincentivize search rank fraud: attribute user accounts flagged by fraud detection algorithms in online peer-opinion systems, to the human workers in crowdsourcing sites, who control them. We model fraud de-anonymization as a maximum likelihood estimation problem, and introduce UODA, an unconstrained optimization solution. We develop a graph based deep learning approach to predict ownership of account pairs by the same fraudster and use it to build discriminative fraud de-anonymization (DDA) and pseudonymous fraudster discovery algorithms (PFD). To address the lack of ground truth fraud data and its pernicious impacts on online systems that employ fraud detection, we propose the first cheating-resistant fraud de-anonymization validation protocol, that transforms human fraud workers into ground truth, performance evaluation oracles. In a user study with 16 human fraud workers, UODA achieved a precision of 91%. On ground truth data that we collected starting from other 23 fraud workers, our co-ownership predictor significantly outperformed a state-of-the-art competitor, and enabled DDA and PFD to discover tens of new fraud workers, and attribute thousands of suspicious user accounts to existing and newly discovered fraudsters.
Sengupta, Jayasree, Ruj, Sushmita, Das Bit, Sipra.  2018.  An Efficient and Secure Directed Diffusion in Industrial Wireless Sensor Networks. Proceedings of the 1st International Workshop on Future Industrial Communication Networks. :41–46.
Industrial Wireless Sensor Networks (IWSNs) are an extension of the Internet of Things paradigm that integrates smart sensors in industrial processes. However, the unattended open environment makes IWSNs vulnerable to malicious attacks, such as node compromise in addition to eavesdropping. The compromised nodes can again launch notorious attacks such as the sinkhole or sybil attack which may degrade the network performance. In this paper, we propose a lightweight, Secure Directed Diffusion (SDD) protocol. The algorithm for the proposed protocol uses bilinear pairing to derive a location-based key (LK) by binding the ID and geographic location of a node, thereby ensuring neighborhood authentication. Thus, authenticated nodes can prevent eavesdropping, node compromise including sinkhole and sybil attacks while ensuring confidentiality, authenticity, integrity with reduced latency. Finally, through security analysis, we prove that basic security is maintained and above-mentioned attacks are also prevented. We also compute storage, computation and communication overheads which show that SDD performs at least 2.6 times better in terms of storage overhead and at least 1.3 times better in terms of communication overhead over the other state-of-the-art competing schemes for attack preventions in WSN domain.
2018-11-19
Ali, S., Khan, M. A., Ahmad, J., Malik, A. W., ur Rehman, A..  2018.  Detection and Prevention of Black Hole Attacks in IOT Amp;Amp; WSN. 2018 Third International Conference on Fog and Mobile Edge Computing (FMEC). :217–226.

Wireless Sensor Network is the combination of small devices called sensor nodes, gateways and software. These nodes use wireless medium for transmission and are capable to sense and transmit the data to other nodes. Generally, WSN composed of two types of nodes i.e. generic nodes and gateway nodes. Generic nodes having the ability to sense while gateway nodes are used to route that information. IoT now extended to IoET (internet of Everything) to cover all electronics exist around, like a body sensor networks, VANET's, smart grid stations, smartphone, PDA's, autonomous cars, refrigerators and smart toasters that can communicate and share information using existing network technologies. The sensor nodes in WSN have very limited transmission range as well as limited processing speed, storage capacities and low battery power. Despite a wide range of applications using WSN, its resource constrained nature given birth to a number severe security attacks e.g. Selective Forwarding attack, Jamming-attack, Sinkhole attack, Wormhole attack, Sybil attack, hello Flood attacks, Grey Hole, and the most dangerous BlackHole Attacks. Attackers can easily exploit these vulnerabilities to compromise the WSN network.

2018-06-20
Chowdhury, S. K., Sen, M..  2017.  Attacks and mitigation techniques on mobile ad hoc network \#x2014; A survey. 2017 International Conference on Trends in Electronics and Informatics (ICEI). :11–18.

A mobile ad hoc network is a type of ad hoc network in which node changes it locations and configures them. It uses wireless medium to communicate with other networks. It also does not possess centralized authority and each node has the ability to perform some tasks. Nodes in this type of network has a routing table depending on which it finds the optimal way to send packets in forward direction but link failure should be updated in node table to encompass that. In civilian environment like meeting rooms, cab networking etc, in military search and rescue operations it has huge application.

Waraich, P. S., Batra, N..  2017.  Prevention of denial of service attack over vehicle ad hoc networks using quick response table. 2017 4th International Conference on Signal Processing, Computing and Control (ISPCC). :586–591.

Secure routing over VANET is a major issue due to its high mobility environment. Due to dynamic topology, routes are frequently updated and also suffers from link breaks due to the obstacles i.e. buildings, tunnels and bridges etc. Frequent link breaks can cause packet drop and thus result in degradation of network performance. In case of VANETs, it becomes very difficult to identify the reason of the packet drop as it can also occur due to the presence of a security threat. VANET is a type of wireless adhoc network and suffer from common attacks which exist for mobile adhoc network (MANET) i.e. Denial of Services (DoS), Black hole, Gray hole and Sybil attack etc. Researchers have already developed various security mechanisms for secure routing over MANET but these solutions are not fully compatible with unique attributes of VANET i.e. vehicles can communicate with each other (V2V) as well as communication can be initiated with infrastructure based network (V2I). In order to secure the routing for both types of communication, there is need to develop a solution. In this paper, a method for secure routing is introduced which can identify as well as eliminate the existing security threat.

2018-05-02
Gu, P., Khatoun, R., Begriche, Y., Serhrouchni, A..  2017.  k-Nearest Neighbours classification based Sybil attack detection in Vehicular networks. 2017 Third International Conference on Mobile and Secure Services (MobiSecServ). :1–6.

In Vehicular networks, privacy, especially the vehicles' location privacy is highly concerned. Several pseudonymous based privacy protection mechanisms have been established and standardized in the past few years by IEEE and ETSI. However, vehicular networks are still vulnerable to Sybil attack. In this paper, a Sybil attack detection method based on k-Nearest Neighbours (kNN) classification algorithm is proposed. In this method, vehicles are classified based on the similarity in their driving patterns. Furthermore, the kNN methods' high runtime complexity issue is also optimized. The simulation results show that our detection method can reach a high detection rate while keeping error rate low.

Yao, Y., Xiao, B., Wu, G., Liu, X., Yu, Z., Zhang, K., Zhou, X..  2017.  Voiceprint: A Novel Sybil Attack Detection Method Based on RSSI for VANETs. 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :591–602.

Vehicular Ad Hoc Networks (VANETs) enable vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications that bring many benefits and conveniences to improve the road safety and drive comfort in future transportation systems. Sybil attack is considered one of the most risky threats in VANETs since a Sybil attacker can generate multiple fake identities with false messages to severely impair the normal functions of safety-related applications. In this paper, we propose a novel Sybil attack detection method based on Received Signal Strength Indicator (RSSI), Voiceprint, to conduct a widely applicable, lightweight and full-distributed detection for VANETs. To avoid the inaccurate position estimation according to predefined radio propagation models in previous RSSI-based detection methods, Voiceprint adopts the RSSI time series as the vehicular speech and compares the similarity among all received time series. Voiceprint does not rely on any predefined radio propagation model, and conducts independent detection without the support of the centralized infrastructure. It has more accurate detection rate in different dynamic environments. Extensive simulations and real-world experiments demonstrate that the proposed Voiceprint is an effective method considering the cost, complexity and performance.

Allodi, Luca, Etalle, Sandro.  2017.  Towards Realistic Threat Modeling: Attack Commodification, Irrelevant Vulnerabilities, and Unrealistic Assumptions. Proceedings of the 2017 Workshop on Automated Decision Making for Active Cyber Defense. :23–26.
Current threat models typically consider all possible ways an attacker can penetrate a system and assign probabilities to each path according to some metric (e.g. time-to-compromise). In this paper we discuss how this view hinders the realness of both technical (e.g. attack graphs) and strategic (e.g. game theory) approaches of current threat modeling, and propose to steer away by looking more carefully at attack characteristics and attacker environment. We use a toy threat model for ICS attacks to show how a realistic view of attack instances can emerge from a simple analysis of attack phases and attacker limitations.
2018-04-11
Medjek, F., Tandjaoui, D., Romdhani, I., Djedjig, N..  2017.  Performance Evaluation of RPL Protocol under Mobile Sybil Attacks. 2017 IEEE Trustcom/BigDataSE/ICESS. :1049–1055.

In Sybil attacks, a physical adversary takes multiple fabricated or stolen identities to maliciously manipulate the network. These attacks are very harmful for Internet of Things (IoT) applications. In this paper we implemented and evaluated the performance of RPL (Routing Protocol for Low-Power and Lossy Networks) routing protocol under mobile sybil attacks, namely SybM, with respect to control overhead, packet delivery and energy consumption. In SybM attacks, Sybil nodes take the advantage of their mobility and the weakness of RPL to handle identity and mobility, to flood the network with fake control messages from different locations. To counter these type of attacks we propose a trust-based intrusion detection system based on RPL.

Putra, Guntur Dharma, Sulistyo, Selo.  2017.  Trust Based Approach in Adjacent Vehicles to Mitigate Sybil Attacks in VANET. Proceedings of the 2017 International Conference on Software and E-Business. :117–122.

Vehicular Ad-Hoc Network (VANET) is a form of Peer-to-Peer (P2P) wireless communication between vehicles, which is characterized by the high mobility. In practice, VANET can be utilized to cater connections via multi-hop communication between vehicles to provide traffic information seamlessly, such as traffic jam and traffic accident, without the need of dedicated centralized infrastructure. Although dedicated infrastructures may also be involved in VANET, such as Road Side Units (RSUs), most of the time VANET relies solely on Vehicle-to-Vehicle (V2V) communication, which makes it vulnerable to several potential attacks in P2P based communication, as there are no trusted authorities that provide authentication and security. One of the potential threats is a Sybil attack, wherein an adversary uses a considerable number of forged identities to illegitimately infuse false or biased information which may mislead a system into making decisions benefiting the adversary. Avoiding Sybil attacks in VANET is a difficult problem, as there are typically no trusted authorities that provide cryptographic assurance of Sybil resilience. This paper presents a technique to detect and mitigate Sybil attacks, which requires no dedicated infrastructure, by utilizing just V2V communication. The proposed method work based on underlying assumption that says the mobility of vehicles in high vehicle density and the limited transmission power of the adversary creates unique groups of vehicle neighbors at a certain time point, which can be calculated in a statistical fashion providing a temporal and spatial analysis to verify real and impersonated vehicle identities. The proposed method also covers the mitigation procedures to create a trust model and announce neighboring vehicles regarding the detected tempered identities in a secure way utilizing Diffie-Hellman key distribution. This paper also presents discussions concerning the proposed approach with regard to benefits and drawbacks of sparse road condition and other potential threats.

2018-03-19
Medjek, F., Tandjaoui, D., Romdhani, I., Djedjig, N..  2017.  A Trust-Based Intrusion Detection System for Mobile RPL Based Networks. 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). :735–742.

Successful deployment of Low power and Lossy Networks (LLNs) requires self-organising, self-configuring, security, and mobility support. However, these characteristics can be exploited to perform security attacks against the Routing Protocol for Low-Power and Lossy Networks (RPL). In this paper, we address the lack of strong identity and security mechanisms in RPL. We first demonstrate by simulation the impact of Sybil-Mobile attack, namely SybM, on RPL with respect to control overhead, packet delivery and energy consumption. Then, we introduce a new Intrusion Detection System (IDS) scheme for RPL, named Trust-based IDS (T-IDS). T-IDS is a distributed, cooperative and hierarchical trust-based IDS, which can detect novel intrusions by comparing network behavior deviations. In T-IDS, each node is considered as monitoring node and collaborates with his peers to detect intrusions and report them to a 6LoWPAN Border Router (6BR). In our solution, we introduced a new timer and minor extensions to RPL messages format to deal with mobility, identity and multicast issues. In addition, each node is equipped with a Trusted Platform Module co-processor to handle identification and off-load security related computation and storage.