A Data Intensive Reputation Management

Scheme for Vehicular Ad Hoc Networks

A Data Intensive Reputation Management

Scheme for Vehicular Ad Hoc Networks

Anand Patwardhan, Anupam Joshi, Tim Finin, and Yelena YeshaAnand Patwardhan, Anupam Joshi, Tim Finin, and Yelena Yesha

Anand PatwardhanDoctoral Candidate

Department of Computer Science and Electrical EngineeringUniversity of Maryland Baltimore County

Anand PatwardhanDoctoral Candidate

Department of Computer Science and Electrical EngineeringUniversity of Maryland Baltimore County

V2VCOM 2006

V2VCOM 2006

OutlineOutline

• Data management in VANETs• Security perspective• Trust-based security• Distributed data-intensive reputation

management• Algorithm for screening data• Simulation results

GPS satellite

Onboard Computer with various sensors:•GPS location•Cameras•Engine Condition•Tire pressure etc.

Localized and distributedWireless

Access points

Various formsof connectivity

GPS

Localized Info-Stream Services

Situation Awareness allows Adaptation

Location& directions

GSM, GPRS, EDGE, E-VDO

WiMax

Hazard warnings,Detours,

Inclement weather,Road conditions,

Traveler info.

VANET connectivity Update propagation

ObjectivesObjectives

• Objectives• Situation awareness for smart-vehicles

• adapt to current conditions• optimal utilization of surface transport infrastructure

• Provisioning context sensitive travel information locally and directly

• a growing need to provide context-sensitive information to mobile handheld devices and car-computers with travel related information)

• Distributed control and fault tolerance • ensure continued functioning in face of infrastructure failures

arising from natural calamities or terrorist attacks

• Prevalent Enabling Technologies• Smart cars with arrays of sensors (GPS, cameras, etc.)• Multimodal wireless communication (GSM, WiFi etc.)• Distributed sensor networks embedded in the transport

infrastructure

BackgroundBackground

• Highly dynamic conditions• Lack of centralized trust authority• Data and security guarantees• Information processing and decision making• Distributed collaborative processes• Softer security guarantees• Trust based security

Dynamic conditionsDynamic conditions

• Network• Mobility of devices• Arbitrary topologies• Limited connectivity

• Mobility• Time frames important (message transmission and

surface velocity)• Radio ranges, interference, and obstructions

• Environment• Road conditions, congestion, inclement weather,

hazards etc.

Trust and Risk ManagementTrust and Risk Management

• Conventional PKI, variants, or Web-of-Trust (PGP) infeasible• Limited connectivity• I&A difficult• No guarantees of intent

• Security properties• Confidentiality, integrity – cryptographic methods• Availability – multiple sources, epidemic updates

• Reliability of source?• Malicious entities, selfish-interest, non-cooperative

nodes?

VANET Security PerspectiveVANET Security Perspective

• Data• Authenticity, reliability (quality), and timeliness

• Network• Reliable routes• Cooperative and trustworthy peers• Intrusion and fault resilience

• Identification and Authentication• Unique persistent identifiers (e.g. SUCVs)• Decentralized reputation management

Examples of collaborative processes

Examples of collaborative processes

• Routing• On demand route setup• Maintenance

• Data dissemination• Relay data packets for others• Caching

• Intrusion detection• Reputation management• Service discovery

Stimulating collaborationStimulating collaboration

• Cost of collaboration• Storage• Communication• Reputation management

• Self-interest• What is the payoff? (incentives)

• Higher availability (cooperation)• Improved response times• Reliability

• Reciprocity (tit-for-tat)• Avenues for recourse

Data dissemination modelData dissemination model

• Anchored sources (trusted) carousel information updates

• Mobile devices propagate these further via epidemic updates (collaboration)

• Burden of collecting relevant information and verifying it is placed on the consumer devices

• Validation of data is achieved either• Trusted source (trivial case)• Agreement• Post-validation by trusted source

Segment validation algorithmSegment validation algorithm

Simulation setupSimulation setup• Glomosim v. 2.0.3• Transmission range 100m• Simulated area: Dupont Circle, Washington

DC• Geographic area of 700m by 900m• 802.11• Mobility speeds 15 to 25 m/s• Pause times of 0 to 30 s• 38 anchored resources (trusted)• 50 to 200 mobile devices (vehicles)• Simulation time: 30 mins

Simulated areaSimulated area

Autonomous and AssistedAutonomous and Assisted

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29

0

2

4

6

8

10

12

14

16

18

20

22

24

26

28

30

32

34

36

Time (mins)

Anchors

5-6

4-5

3-4

2-3

1-2

0-1

1 3 5 7 9 11 13 15 16 19 21 23 25 26 29

0

2

4

6

8

10

12

14

16

16

20

22

24

26

26

30

32

34

36

Time (mins)

Anchors

5-64-5

3-42-3

1-20-1

Trusted sources onlyTrusted sources only Trusted sources and assistedTrusted sources and assisted

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29

0

2

4

6

8

10

12

14

16

18

20

22

24

26

28

30

32

34

36

Time (mins)

Anchors

5-6

4-5

3-4

2-3

1-2

0-1

Validated segmentsValidated segments

Effect of malicious nodesEffect of malicious nodes

0

200

400

600

800

1000

1200

1400

TD0 VD0 ID0 TM0

50

100

150

200

0

200

400

600

800

1000

1200

1400

TD30 VD30 ID30 TM30

50

100

150

200

0

200

400

600

800

1000

1200

1400

TD60 VD60 ID60 TM60

50

100

150

200

0% malicious0% malicious 30% malicious30% malicious 60% malicious60% malicious

Ongoing and Future workOngoing and Future work

• Distributed data-intensive reputation management

• Trust relationships built using persistent identities for further trustworthy collaboration:• Basis for Distributed intrusion detection• Service discovery

• Reciprocative/adaptive levels of cooperation• Contention management

• Adaptive radio-ranges to increase throughput

Questions?Questions?