An attack-and-defence game for security assessment in vehicular ad hoc networks

Recently, there is an increasing interest in Security and Privacy issues in Vehicular ad hoc networks (or VANETs). However, the existing security solutions mainly focus on the preventive solutions while lack a comprehensive security analysis. The existing risk analysis solutions may not work well to evaluate the security threats in vehicular networks since they fail to consider the attack and defense costs and gains, and thus cannot appropriately model the mutual interaction between the attacker and defender. In this study, we consider both of the rational attacker and defender who decide whether to launch an attack or adopt a countermeasure based on its adversary’s strategy to maximize its own attack and defense benefits. To achieve this goal, we firstly adopt the attack-defense tree to model the attacker’s potential attack strategies and the defender’s corresponding countermeasures. To take the attack and defense costs into consideration, we introduce Return On Attack and Return on Investment to represent the potential gain from launching an attack or adopting a countermeasure in vehicular networks. We further investigate the potential strategies of the defender and the attacker by modeling it as an attack-defense game. We then give a detailed analysis on its Nash Equilibrium. The rationality of the proposed game-theoretical model is well illustrated and demonstrated by extensive analysis in a detailed case study.

[1]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[2]  Jolyon Clulow,et al.  Suicide for the common good: a new strategy for credential revocation in self-organizing systems , 2006, OPSR.

[3]  Frank Stajano,et al.  Location Privacy in Pervasive Computing , 2003, IEEE Pervasive Comput..

[4]  Guang Gong,et al.  Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation , 2006 .

[5]  Mudhakar Srivatsa,et al.  The fable of the bees: incentivizing robust revocation decision making in ad hoc networks , 2009, CCS.

[6]  B.J. Matt Toward hierarchical identity-based cryptography for tactical networks , 2004, IEEE MILCOM 2004. Military Communications Conference, 2004..

[7]  Xiaodong Lin,et al.  Security in service-oriented vehicular networks , 2009, IEEE Wirel. Commun..

[8]  Xiaohui Liang,et al.  STAP: A social-tier-assisted packet forwarding protocol for achieving receiver-location privacy preservation in VANETs , 2011, 2011 Proceedings IEEE INFOCOM.

[9]  Patrick Th. Eugster,et al.  DICTATE: DIstributed CerTification Authority with probabilisTic frEshness for ad hoc networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[10]  Qi Han,et al.  SAS: A Secure Data Aggregation Scheme in Vehicular Sensing Networks , 2010, 2010 IEEE International Conference on Communications.

[11]  Haojin Zhu,et al.  A Novel Attack Tree Based Risk Assessment Approach for Location Privacy Preservation in the VANETs , 2011, 2011 IEEE International Conference on Communications (ICC).

[12]  Adrian Perrig,et al.  Flooding-resilient broadcast authentication for VANETs , 2011, MobiCom.

[13]  David C. Parkes,et al.  On non-cooperative location privacy: a game-theoretic analysis , 2009, CCS.

[14]  Barbara Kordy,et al.  Attack-Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent , 2010, GameSec.

[15]  Yuguang Fang,et al.  AC-PKI: anonymous and certificateless public-key infrastructure for mobile ad hoc networks , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[16]  Panagiotis Papadimitratos,et al.  Fast Exclusion of Errant Devices from Vehicular Networks , 2008, 2008 5th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[17]  Maxim Raya,et al.  Revocation games in ephemeral networks , 2008, CCS.

[18]  Maxim Raya,et al.  The security of vehicular ad hoc networks , 2005, SASN '05.

[19]  Stefano Bistarelli,et al.  Strategic Games on Defense Trees , 2006, Formal Aspects in Security and Trust.

[20]  Zhiyi Fang,et al.  Securing Vehicular Ad Hoc Networks , 2007, 2007 2nd International Conference on Pervasive Computing and Applications.

[21]  Uwe Hansmann,et al.  Pervasive Computing , 2003 .