A Secure and Privacy-Aware Route Tracing and Revocation Mechanism in VANET-based Clouds

Rasheed Hussain(후세인 라쉬드),Heekuck Oh(오희국) 한국정보보호학회 2014 정보보호학회논문지 Vol.24 No.5

많은 연구 끝에 VANET의 상용화를 눈앞에 두고 있다. VANET은 차량용 애드혹 네트워크의 약자로서, Cloud와 융합하는 방향으로 연구가 진행되고 있다. 하지만 놀랍게도 VANET 기반 클라우드로 진화한데 가장 큰 역할을 한 것은 차량과 통신기술의 발달이다. 이러한 기술이 확산되는 단계에서 연구자들은 항상 보안과 프라이버시에 대해 고민해 왔다. 게다가 VANET처럼 프라이버시, 익명철회, 경로추적 등 상반된 보안 이슈들이 서로 얽힌 상황은 연구자들을 더욱 고민에 빠지게 했다. 최근 Hussain 등은 VANET 기반 클라우드 프레임워크인 VuC (VANET using Clouds)를 제안하였다. VuC는 VANET과 클라우드가 VANET 사용자(서비스 가입자)에게 서비스를 제공하기 위해 협력하는 환경을 말한다. 본 논문은 Hussain 등이 제안한 VANET 기반 클라우드 프레임워크인 VuC에 초점을 두고 있으며, 특히 앞서 말한 프라이버시, 익명철회, 경로추적에 대한 문제를 다루고 있다. 제안하는 기법은 다중 익명화를 통해 프라이버시를 보호한다. 또한 비컨(Beacon)메시지를 클라우드에 저장하여 경로추적과 익명 철회에 활용한다. 익명철회 권한을 가진 기관들은 연합하여 사용자 노드가 선택한 경로를 특정 시간 동안 추적할 수 있으며, 필요한 경우 신원을 확인할 수 있다. 제안된 기법은 안전하고 조건부 익명성을 보장하며 기존의 기법에 비해 연산량이 적다 Vehicular Ad hoc Network (VANET) has gone through a rich amount of research and currently is making its way towards the deployment. However, surprisingly it evolved to rather more applications and services-rich breed referred to as VANET-based clouds due to the advancements in the automobile and communication technologies. Security and privacy have always been the challenges for the think tanks to deploy this technology on mass scale. It is even worse that some security issues are orthogonally related to each other such as privacy, revocation and route tracing. In this paper, we aim at a specific VANET-based clouds framework proposed by Hussain et al. namely VANET using Clouds (VuC) where VANET and cloud infrastructure cooperate with each other in order to provide VANET users (more precisely subscribers) with services. We specifically target the aforementioned conflicted privacy, route tracing, and revocation problem in VANET-based clouds environment. We propose a multiple pseudonymous approach for privacy reasons and leverage the beacons stored in the cloud infrastructure for both route tracing and revocation. In the proposed scheme, revocation authorities after colluding, can trace the path taken by the target node for a specified timespan and can also revoke the identity if needed. Our proposed scheme is secure, conditional privacy preserved, and is computationally less expensive than the previously proposed schemes.

A Secure and Privacy-Aware Route Tracing and Revocation Mechanism in VANET-based Clouds

후세인라쉬드,오희국 한국정보보호학회 2014 정보보호학회논문지 Vol.24 No.5

Vehicular Ad hoc Network (VANET) has gone through a rich amount of research and currently is making its way towardsthe deployment. However, surprisingly it evolved to rather more applications and services-rich breed referred to as VANET-basedclouds due to the advancements in the automobile and communication technologies. Security and privacy have always been thechallenges for the think tanks to deploy this technology on mass scale. It is even worse that some security issues areorthogonally related to each other such as privacy, revocation and route tracing. In this paper, we aim at a specificVANET-based clouds framework proposed by Hussain et al. namely VANET using Clouds (VuC) where VANET and cloud infrastructure cooperate with each other in order to provide VANET users (more precisely subscribers) with services. We specifically target the aforementioned conflicted privacy, route tracing, and revocation problem in VANET-based clouds environment. We propose a multiple pseudonymous approach for privacy reasons and leverage the beacons stored in the cloud infrastructure for both route tracing and revocation. In the proposed scheme, revocation authorities after colluding, can trace the path taken by the target node for a specified timespan and can also revoke the identity if needed. Our proposed scheme is secure, conditional privacy preserved, and is computationally less expensive than the previously proposed schemes.

Routing for Enhancing Source-Location Privacy in Wireless Sensor Networks of Multiple Assets

Yeonghwan Tscha 한국통신학회 2009 Journal of communications and networks Vol.11 No.6

In wireless sensor networks, a node that reports information gathered from adjacent assets should relay packets appropriately so that its location context is kept private, and thereby helping ensure the security of the assets that are being monitored. Unfortunately, existing routing methods that counter the local eavesdropping-based tracing deal with a single asset, and most of them suffer from the packet-delivery latency as they prefer to take a separate path of many hops for each packet being sent. In this paper, we propose a routing method, greedy perimeter stateless routing-based source-location privacy with crew size w (GSLP-w), that enhances location privacy of the packet-originating node (i.e., active source) in the presence of multiple assets. GSLP-w is a hybrid method, in which the next-hop node is chosen in one of four modes, namely greedy, random, perimeter, and retreat modes. Random forwarding brings the path diversity, while greedy forwarding refrains from taking an excessively long path and leads to convergence to the destination. Perimeter routing makes detours that avoid the nodes near assets so that they cannot be located by an adversary tracing up the route path. We study the performance of GSLP-w with respect to crew size w (the number of packets being sent per path) and the number of sources. GSLP-w is compared with phantom routing-single path (PR-SP), which is a notable routing method for source-location privacy and our simulation results show that improvements from the point of the ratio of safety period and delivery latency become significant as the number of source nodes increases.

Routing for Enhancing Source-Location Privacy in Wireless Sensor Networks of Multiple Assets

Tscha, Yeong-Hwan The Korea Institute of Information and Commucation 2009 Journal of communications and networks Vol.11 No.6

In wireless sensor networks, a node that reports information gathered from adjacent assets should relay packets appropriately so that its location context is kept private, and thereby helping ensure the security of the assets that are being monitored. Unfortunately, existing routing methods that counter the local eavesdropping-based tracing deal with a single asset, and most of them suffer from the packet-delivery latency as they prefer to take a separate path of many hops for each packet being sent. In this paper, we propose a routing method, greedy perimeter stateless routing-based source-location privacy with crew size w (GSLP-w), that enhances location privacy of the packet-originating node (i.e., active source) in the presence of multiple assets. GSLP-w is a hybrid method, in which the next-hop node is chosen in one of four modes, namely greedy, random, perimeter, and retreat modes. Random forwarding brings the path diversity, while greedy forwarding refrains from taking an excessively long path and leads to convergence to the destination. Perimeter routing makes detours that avoid the nodes near assets so that they cannot be located by an adversary tracing up the route path. We study the performance of GSLP-w with respect to crew size w (the number of packets being sent per path) and the number of sources. GSLP-w is compared with phantom routing-single path (PR-SP), which is a notable routing method for source-location privacy and our simulation results show that improvements from the point of the ratio of safety period and delivery latency become significant as the number of source nodes increases.

Optimal Routing and Uncertainty Processing using Geographical Information for e-Logistics Chain Execution

Kim, Jin Suk,Ryu, Keun Ho 한국경영과학회 2004 Management Science and Financial Engineering Vol.10 No.2

The integrated supply chain of business partners for e-Commerce in cyber space is defined as Logistics Chain if the cooperative activities are logistics-related. Logistics Chain could be managed effectively and efficiently by cooperative technologies of logistics chain execution. In this paper, we propose a routing and scheduling algorithm based on the Tabu search by adding geographical information into existing constraint for pick-up and delivery process to minimize service time and cost in logistics chain. And, we also consider an uncertainty processing for the tracing of moving object to control pick-up and delivery vehicles based on GPS/GIS/ITS. Uncertainty processing is required to minimize amount of telecommunication and database on vehicles tracing. Finally, we describe the Logistics Chain Execution (LCE) system to perform plan and control activities for postal logistics chain. To evaluate practical effects of the routing and scheduling system, we perform a pretest for the performance of the tabu search algorithm. And then we compare our result with the result of the pick-up and delivery routing plan generated manually by postmen.

Improvement of Flood Disaster Information Map using the Spatial Inundation Data

Sun, Ji-Eun,Lee, Ji-Soo,Hong, Won-Hwa Research India Publications 2015 International Journal of Applied Engineering Rese Vol.10 No.10

<P> Abnormal weather patterns around the globe are causing local torrential rain, which in turn, result in heavy human and property damage. Designated shelters and evacuation routes are provided to the public to mitigate damage but the survey indicates that more than half of them are located in areas that were flooded or have signs of flooding in the past. Objective of this study is to suggest consideration and improvement about location problem of current set shelters and lack of evacuation routes-provision. For this, survey and analysis were conducted for 60 designated shelters and around 40 evacuation routes in Gangseo-gu, Seoul, which was selected as high-risk district prone to natural disasters in 2011, and eventually suggest new ways to designate shelters and evacuation routes. </P>

VANET에서 프라이버시를 보호하는 효율적인 경로 추적 방법

이병우(Byeongwoo Lee),김상진(Sangjin Kim),오희국(Heekuck Oh) 한국정보보호학회 2010 정보보호학회논문지 Vol.20 No.4

차량 애드혹 네트워크에서는 차량의 프라이버시를 보장하지만 문제를 일으킨 차량을 식별할 수 있는 조건부 익명성이 제공되어야 한다. 이를 위해 제안된 기존 기법들은 개별 메시지의 익명성을 철회할 수 있는 기능을 제공하고 있다. 만약 차량의 운행 경로를 파악할 수 있다면 사고에서 책임소재 규명과 범죄 수사에 유용하게 사용될 수 있다. 기존 메시지 철회 기능을 이용하여 차량의 운행 경로를 파악할 수 있지만 대상 차량뿐만 아니라 다른 차량의 익명성도 철회가 되는 문제점이 있다. 본 논문은 대상 차량을 제외한 다른 차량의 프라이버시를 침해하지 않으면서 차량의 운행 경로를 파악할 수 있는 효율적인 기법을 제안한다. 제안한 방법은 기존에 사용되는 메시지 인증 기법과 독립적으로 추가하여 사용할 수 있으며, 신뢰기관의 권한 남용을 방지하기 위한 메커니즘을 포함하고 있다. In VANETs (Vehicular Ad hoc NETwork), conditional anonymity must be provided to protect privacy of vehicles while enabling authorities to identify misbehaving vehicles. To this end, previous systems provide a mechanism to revoke the anonymity of individual messages. In VANET, if we can trace the movement path of vehicles, it can be useful in determining the liability of vehicles in car accidents and crime investigations. Although route tracing can be provided using previous message revocation techniques, they violate privacy of other vehicles. In this paper, we provide a route tracing technique that protects privacy of vehicles that are not targeted. The proposed method can be employed independently of the authentication mechanism used and includes a mechanism to prevent authorities from abusing this new function.

On Sensor Network Routing for Cloaking Source Location Against Packet-Tracing

Yeonghwan Tscha 한국통신학회 2009 韓國通信學會論文誌 Vol.34 No.3

Most of existing routing methods in wireless sensor networks to counter the local eavesdropping-based packet-tracing deal with a single asset and suffer from the packet-delivery latency as they prefer to take a separate path of many hops for each packet being sent. Recently, the author proposed a routing method, GSLP-w(GPSR-based Source-Location Privacy with crew size w), that enhances location privacy of the packet-originating node(i.e., active source) in the presence of multiple assets, yet taking a path of not too long. In this paper, we present a refined routing(i.e., next-hop selection) procedure of it and empirically study privacy strength and delivery latency with varying the crew size w(i.e., the number of packets being sent per path). It turns out that GSLP-w offers the best privacy strength when the number of packets being sent per path is randomly chosen from the range [1,hs-b/4] and that further improvements on the privacy are achieved by increasing the random walk length TTLrw or the probability prw that goes into random walk(where, hs-b is the number of hops of the shortest path between packet-originating node s and sink b).

싱크홀 라우터 기반 IP 추적 시스템 설계 및 구현

이형우(Lee, Hyung-Woo) 한국산학기술학회 2009 한국산학기술학회논문지 Vol.10 No.10

최근 All-IP 네트워크 환경이 구축되면서 다양한 형태의 트래픽이 송수신되고 있으며, 이와 더불어 악의적 공격이 급증하고 있어 이에 대한 능동적 대응 방안이 제시되어야 한다. 기존 연구로는 SPIE 시스템을 통해 일방향 해쉬함수와 Bloom Filter 방식을 적용한 라우터 중심 패킷 경로 추적 기법이 제시되었으나, DDoS 공격이 발생할 경 우 이를 능동적으로 차단하면서 공격 근원지를 효율적으로 추적하기에는 문제점이 있다. 따라서 본 연구에서는 기존 SPIE 및 Sinkhole 기반 라우터 기법의 장단점에 대한 분석을 통해 두 방식의 장점을 결합하여 All-IP 네트워크 환경 에 적합한 IP 추적 방식을 설계하고 이를 구현하였다. 본 연구에서 제시한 기법은 기존의 Sinkhole 방식과 유사하게 공격 패킷에 대한 수집/모니터링 기능을 제공하면서도 추적 패킷 Manager 시스템을 기반으로 공격 패킷에 대한 판단 및 수집/제어기능을 제공하여 성능 향상과 함께 DDoS 공격에 대한 능동적 대응이 가능하였다. An advanced and proactive response mechanism against diverse attacks on All-IP network should be proposed for enhance its security and reliability on open network. There are two main research works related to this study. First one is the SPIE system with hash function on Bloom filter and second one is the Sinkhole routing mechanism using BGP protocol for verifying its transmission path. In this study, we proposed an advanced IP Tracing mechanism based on Bloom filter and Sinkhole routing mechanism. Proposed mechanism has a Manager module for controlling the regional router with using packet monitoring and filtering mechanism to trace and find the attack packet’s real transmission path. Additionally, proposed mechanism provides advanced packet aggregation and monitoring/control module based on existing Sinkhole routing method. Therefore, we can provide an optimized one in All-IP network by combining the strength on existing two mechanisms. And the Tracing performance also can be enhanced compared with previously suggested mechanism.

Routing Schemes for Source Location Privacy in Wireless Sensor Networks

Lilian Charles Mutalemwa(릴리안 찰스 무타람와),Seokjoo Shin(신석주) 한국통신학회 2018 韓國通信學會論文誌 Vol.43 No.9