Vehicular Ad-Hoc Network (VANET), a vital component of Intelligent Transportation Systems (ITS) technology, relies on communication between dynamically connected vehicles and static Road Side Units (RSU) to offer various applications (e.g., collision avoidance alerts, steep-curve warnings and infotainment). VANET has a massive potential to improve traffic efficiency, and road safety by exchanging critical information between nodes (vehicles and RSU), thus reducing the likelihood of traffic accidents. However, this communication between nodes is subject to a variety of attacks, such as Man-In-The-Middle (MITM) attacks which represent a major risk in VANET. It happens when a malicious node intercepts or tampers with messages exchanged between legitimate nodes. In this paper, we studied the impact on network performance of different strategies which attackers can adopt to launch MITM attacks in VANET, such as fleet or random strategies. In particular, we focus on three goals of MITM attacks—message delayed, message dropped and message tampered. The simulation results indicate that these attacks have a severe influence on the legitimate nodes in VANET as the network experience high number of compromised messages, high end-to-end delays and preeminent packet losses.
Abstract-When showing that a software system meets certain security requirements, it is often necessary to work with formal and informal descriptions of the system behavior, vulnerabilities, and threats from potential attackers. In earlier work, Haley et al. [1] showed structured argumentation could deal with such mixed descriptions. However, incomplete and uncertain information, and limited resources force practitioners to settle for good-enough security. To deal with these conditions of practice, we extend the method of Haley et al. with risk assessment. The proposed method, RISA (RIsk assessment in Security Argumentation), uses public catalogs of security expertise to support the risk assessment, and to guide the security argumentation in identifying rebuttals and mitigations for security requirements satisfaction. We illustrate RISA with a realistic example of PIN Entry Device.
The version in the Kent Academic Repository may differ from the final published version. Users are advised to check http://kar.kent.ac.uk for the status of the paper. Users should always cite the published version of record.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.