Professional Documents
Culture Documents
Detecting and Correcting Malicious Data in Vanets: Philippe Golle, Dan Greene, Jessica Staddon Palo Alto Research Center
Detecting and Correcting Malicious Data in Vanets: Philippe Golle, Dan Greene, Jessica Staddon Palo Alto Research Center
Target
Scope
Impact
Attack Nature
Adversary may report
False information about other parts of VANET
False information about itself
Remote targets
Further away
Data received from neighbor nodes may be
conflicting
Easier for an adversary to setup
Attack Scope
Scope is measured by the area of nodes that
have data of uncertain validity
Scope is limited if the area of affected nodes is
small
May be local or remote area to the malicious nodes
Extended attack if larger area of nodes is
affected
Approach used is designed to slow local attacks
growing into extended attacks by using
information propagation
Attack Impact
Three outcomes of an attack
Undetected
Attack is completely successful
May occur when node is alone or completely surrounded
by malicious nodes
Detected
Attack is detected but uncertain data remains
Nodes have access to honest nodes, but insufficient
information to justify the risk in attempting to correct data
Corrected
Attack is detected and corrected with no remaining
uncertain data
Lots of honest nodes available, enough information to
identify false information and correct the attack
Model Exploitation
Attacker may choose an attack whose effects
are hidden by other incorrect explanations
chosen to be more likely in the ordering relation
of the model
Two ways to help prevent this
Model shows these hidden attacks to be more costly
than simpler attacks
Allow model to be changed, adjusts to short term and
long term changes
Even though the possibility of a complicated
attack is included in the model, most attackers
will use simple attacks, which makes the
sophisticated attackers job easier
Distinguisability
Inorder to tell nodes apart there are four
assumptions
Node can bind observations of its local
environment with the communication it receives
Node can tell its local neighbors apart
invalid based
Ifall the hypotheses matched to the set of
events are valid, then the explanation is valid
Explanations are ordered based on statistical
methods, for example, Occams razor
Example
Assume nodes are able to precisely sense the
location of neighbors within communication
range
There is a set of observed events K, which can
included observations about nodes made by
themselves
Model for the VANET will be valid if there is a
reflexive observation for every node, and every
non-reflexive observation agrees with the
reflexive observations
Example (2)
Each node comes up with an explanation
Label each observation in the set of events as
truthful, malicious, or spoof
The observations made by the node constructing the
explanation are truthful
Observers labeled as spoofs should not have any of