Congestion attack on Vehicular Ad-hoc Network
The goal of this project was to provide the security researchers a framework to experiment with Vehicular Ad-hoc network security. As a result of this research, I was able to develop and implement a secure congestion avoidance protocol that I published on ACM DIVANET'22 Conference.
View paperVehicular Ad-hoc Network and Vehicular Botnets
The Vehicular Ad-hoc Network (VANET) is a peer-to-peer network of vehicles and roadside infrastructure over wireless channels. With the advent of smart vehicles and vehicular cyber-physical systems (VCPS) such as VANETs, road traffic issues such as congestions, collisions, accidents can be solved in a cost effective manner. However, there haven't been enough security research on this novel technology.
This research explores the possibility of multiple cooperating vehicles in the VANET working toward a common malicious goal. This is a vehicular botnet. The VANET's authentication mechanism uses Public Key Infrastructure (PKI) which prevents identity spoofing. The proposed botnet protocol bypasses this security measure.
Exploiting the messages
In VANET, vehicles exchange cooperative traffic messages to avoid congestion, accidents etc. Under normal circumstances, the vehicles only disseminate messages about the road they are traversing. A vehicle converted into bot, however, can send messages about any road with any information. In order to stay undetected, the bots stay under the VANET's defensive filters' thresholds. The messages are customized such that the target road is advertised as a desirable route to all the cars. Since this type of bogus information is stored and disseminated by vehicles whether or not they are infected, malicious messages soon take over the network. As a result, the target road becomes congested very quickly.
Two modes of attack
Since not all vehicles will take the target road to reach their destination, there are two scenarios to consider to ensure maximum congestion in the most efficient way. Firstly, when the recipient vehicle has the target road in one of its choices of roads, the messages are crafted to incrementally blacklist all the other roads according to the distance from the target road by sending bogus information about them implying they're slower the further they are. This lures it into the target road. Secondly, when the recipient vehicle does not have the target road as a part of its potential routes, the bots will attempt to take it as close to the target road as possible in a similar way.
Project outcomes
The simulation shows that the botnet based on this framework can increase the global average trip time by 50% in 8 hours and 800% in 24 hours. The targeted road becomes unusable in 5 minutes with only 20% bots. A secure congestion avoidance protocol I implemented as a part of this research has recently been accepted as a full paper for the ACM DIVANET'22 conference.