Redundancy-based statistical analysis for insider attack detection in VANET aggregation schemes

In Vehicular Ad-hoc Networks (VANETs), vehicles exchange messages to enhance safety, driving efficiency, and comfort. The limited wireless channel capacity is a challenge especially for traffic efficiency applications, such as traffic information systems. In such systems, a large number of traffic or road status observations needs to be disseminated quickly to interested vehicles, often via multi-hop forwarding and in a larger geographic area than what is needed for traffic safety applications. In-network aggregation protocols are a viable tool to enhance scalability of such applications. But from a security perspective, they open new attack vectors for insider attackers, because vehicles collaboratively merge and modify messages during dissemination. Moreover, countermeasures using too much communication bandwidth negatively affect scalability. In this paper, we present a bandwidth-efficient protection mechanism for in-network aggregation based on data-consistency checking. We combine data mining techniques to detect false information with a filtering technique for forwarding paths that limits the influence of attackers on aggregated data. Simulation results show that our approach can successfully detect common attacks on aggregation while maintaining bandwidth efficiency.