Graph-Based Metrics for Insider Attack Detection in VANET Multihop Data Dissemination Protocols

Vehicular networks (VANETs) are a growing research area with a large number of use cases. Foreseen applications include safety applications, traffic efficiency enhancements, and infotainment services. To make future deployment successful, it is imperative that all applications are matched with proper security mechanisms. Current proposals mostly focus on entity authorization by establishing a public key infrastructure. Such proactive security efficiently excludes nonauthorized entities from the network. However, in the face of insider attackers possessing valid key material, we need to consider data-centric methods to complement entity-centric trust. A promising approach for consistency checks, particularly in multihop scenarios, is to exploit redundant information dissemination. If information is received from both honest and malicious vehicles, chances are that attacks can be detected. In this paper, we propose three graph-based metrics to gauge the redundancy of dissemination protocols. We apply our metrics to a baseline protocol, a geocast protocol, and an aggregation protocol using extensive simulations. In addition, we point out open issues and applications of the metrics, such as colluding attackers and eviction of attacker nodes based on detected attacks. Results show that Advanced Adaptive Geocast behaves almost optimally from a routing efficiency point of view but fails to offer sufficient redundancy for data consistency mechanisms in many scenarios. The simulated aggregation protocol shows sufficient redundancy to facilitate data consistency checking.