You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
1. INTRODUCTION<br />
privacy at the same time in an efficient way, as the applications are delay sensitive. To make things<br />
even worse, the network is very heterogenous, different vehicles can have different equipment and<br />
abilities, so no unique solution can solve every problem.<br />
When defining the key vulnerabilities and challenges of vehicular ad hoc networks, it is crucial<br />
to first define and characterize the possible attackers. In many papers [Raya and Hubaux, 2007;<br />
Hu et al., 2005] the attacker can be characterized as follows:<br />
Insider vs. Outsider: The key difference between an insider and an outsider attacker is that<br />
an insider poses legitimate and valid cryptographic credentials, while an outsider does not<br />
have any valid credentials. It is obvious that an insider attacker can mount stronger attacks,<br />
then an outsider.<br />
Malicious vs. Rational: The main goal of a malicious attacker is to disrupt the normal operation<br />
of the network without any further goal, while a rational attacker wants to make some<br />
profit with his attack. In general, it is easier to handle a rational attacker, because his steps<br />
can be foreseen easier.<br />
Active vs. Passive: A passive attacker only eavesdrops the messages of the vehicles, while an<br />
active attacker can send, modify, or delete messages.<br />
Local vs. Global: A local attacker mounts his attack on a small area (or on some non continuous<br />
small areas), while a global attacker has influence on broader areas.<br />
In the following, some basic and sophisticated attacks are presented to give the reader an idea<br />
about the threats in vehicular ad hoc networks.<br />
An insider attacker can diffuse bogus information to affect the behavior of other drivers. The<br />
source of the information can be a cheated sensor reading or a modified location data.<br />
In wireless networking, the wormhole attack [Hu et al., 2006] consists in tunneling packets<br />
between two remote nodes. Similarly, in VANETs, an attacker that controls at least two entities<br />
remote from each other and a high speed communication link between them can tunnel packets<br />
broadcasted in one location to another, thus disseminating erroneous (but correctly signed)<br />
messages in the destination area.<br />
According to [Kroh et al., 2006] the following security concepts must be used in a vehicular<br />
ad hoc network to handle most of the possible attacks: identification and authentication concepts,<br />
privacy concepts, integrity concepts, access control and authorization concepts. The concepts are<br />
introduced in Section 3.8 with a special attention on providing privacy to the users of the system.<br />
In Chapter 3, the privacy of VANETs is analyzed, especially the privacy provided by pseudonyms<br />
considering outsider rational passive local attackers. A pseudonym change algorithm is<br />
provided as well considering an outsider rational passive global attacker.<br />
1.3 Introduction to Wireless Sensor Networks<br />
The following description of Wireless Sensor Networks (WSNs) and the related security problems<br />
is based on [Akyildiz et al., 2002; Chan and Perrig, 2003; Li et al., 2009; Lopez, 2008; Perrig et<br />
al., 2004; Sharma et al., 2012; Yick et al., 2008]. The interested reader can get a broader view and<br />
deeper understanding on WSNs by reading the cited papers instead of only relying on this short<br />
introduction.<br />
A sensor network is composed of a large number of sensor nodes, which are typically densely<br />
deployed. One sensor node consists of some sensor circuits which can measure some environmental<br />
variable, central processing unit which is typically a microcontroller, and radio circuit which<br />
enables the communication with other nearby nodes. The goal of a wireless sensor network can<br />
be one of many applications: military applications (e.g. battlefield surveillance), environmental<br />
applications (e.g. forest fire detection), critical infrastructure protection (e.g. surveillance of water<br />
pipes), health applications (e.g. drug administration in hospitals), home applications (e.g. smart<br />
environment).<br />
4