1. P2 DAP-Sybil Attacks Detection in Vehicular Ad hoc Networks..

2. OUTLINE INTRODUCTION. EXITING SYSTEM. PROBLEM STATEMNET. PROPOSED WORK. REFERENCE.

3. INTRODUCTION What is ad hoc network ? Adhoc network refer to a network connection established for single session. What is VANET ? The vehicular ad hoc network (VANET) is a special communication pattern to provide communication information within the roadside box-to-vehicle and inter-vehicle with the aid of wireless network. VANET are begin increasingly supported for traffic control, accident avoidance and management of parking lots and public area.

4. Architecture of VANET RSB Overheard traffic information V2R V2 V1 V2V V3 Overheard traffic info or DMV

5. Assumption on VANET Architecture 1.DMV is a trusted party that maintains vehicles records and distributes certified pseudonyms to vehicles.DMV has enough resources to generate pseudonyms (certified public key )quickly and store all vehicles related information. 2.Vehicles are untrusted party. they communicate with each other in a multihop manner. A message exchange among vehicles is singed with a DMV certified pseudonyms. 3.RSB are wireless access point.they are scattered along the road and connected to DMV via a backhaul network, acting as intermediate to the DMV. the RSB monitor vehicular activity, identify suspicious behavior and report to DMV for confirmation and punishment

6. There are two type of communication in VANET. 1.Vehicular to Vehicular Communication(V2V). Vehicles communicates with each other through wireless medium. 11.Vehicular to Road Side Box(V2R) It is the direct wireless exchange of relevant information between vehicles and the communication units placed on the side of roads i.e. road side box. Application of VANET 1. Traffic Information 2. Road Condition and weather Info. 3. Increase Traveler Safety. 4. Electronic Toll Collection 5. Accident avoidance in road.

7. Sybil Attack What is Sybil Attack ? If vehicle use multiple pseudonyms to sign an event such that other thing multiple vehicle report same event the action consider as Sybil Attack A Sybil attack is a type of attack in which a malicious node illegally create duplicate multiple vehicle identities. Fig. Node Participate in Sybil Attack Node in Sybil Attack Sybil Node Malicious Node or Sybil Attacker

8. Malicious node/Sybil Attacker:- The node which copy the identities of other nodes. Sybil node:- Additional identities created by the malicious node are known as Sybil nodes

9. Exiting System P 2 DAP Scheme are used for handling Sybil attack. The main purpose is to detect Sybil attacks and revoke malicious vehicles immediately after detection. this scheme is distributed in three stage 1.Complete Two-Stage P 2 DAP Scheme 2.E-P 2 DAP – Detecting Events Instead of Sybil Attack. 3.T-P 2 DAP – Detecting Collusion

10. Complete Two-Stage P2DAP Scheme The DMV knows the total number of vehicles, and sequentially generates a sufficient number of yearly pseudonyms for all the vehicles. After generating a pseudonym p, the DMV first hashes (p | κc) using a one-way hash function, where κc is a global key. It then selects a set of bits from the hashed result to create hash collisions. The selected bits are referred as “coarse- grained hash value”. After that, the pseudonym p is placed into a group, which stores the pseudonyms with the same coarse-grained hash values. In other words, for each pseudonym pl in the m-th coarse- grained group, we have H(pl|κc) = Γm, where H is a one-way hash function, and Γm is the coarse-grained hash value for group m

11. We refer such groups as “coarse-grained groups”. The key κc will be distributed to all the RSBs. DMV calculates the hash value for the above p with a new key κf, and selects a set of bits from the result. The bits selected from the new hash value are referred as the “fine-grained hash value”. The pseudonym p is then placed into a subgroup of the coarse- grained group, namely fine grained group, in which all the pseudonyms have the same fine-grained hash value. For each pseudonym pl in the n-th fine-grained group under the m- th coarse-grained group, we have H(pl |κf) = Θn, where Θn is the fine-grained hash value for the subgroup n. H(p|κc) = H(p|κc), H(p|κf) = H(p|κf ), In Simplest Coarse Gained Hash Value is Calculated at RSB Site DMV Calculates Fine Gained Hash Value because DMV do not give Secret Key to RSB

12. E-P2DAP – Detecting Events Instead of Sybil Attack. In the C-P2DAP scheme, an RSB reports to the DMV whenever it finds any set of pseudonyms that hash to the same coarse-grained values. when an event is reported by a large number of vehicles, C-P2DAP can cause false alarms. Assumptions (1). Each false (faked) event is generated by only one malicious vehicle. (2). Benign vehicles will not report false events. For an event (ti, lj, ek), the RSB collects a list of pseudonyms Li,j,k used to sign the event. If ∀ p, p ∈ Li,j,k, H(p|κc) = H(p|κc), i.e., all the pseudonyms used to sign (ti, lj, ek) have the same coarse-grained hash value, then the event is probably sent from only one vehicle, and is likely a faked event. In this case, the RSB generates a report with the same format as in C-P2DAP and sends it to the DMV.

13. DMV only needs to examine the pseudonyms in two cases: 1) an attacker reports a false event and carries out a Sybil attack; 2) a true event is reported by multiple benign vehicles whose pseudonyms have the same coarse-grained hash value, which is a false alarm The number of false alarms is likely to be small compared to the total number of the pseudonyms that RSBs process. That Reduces the overhead of DMV.

14. T-P2DAP – Detecting Collusion One issue with the E-P2DAP scheme is that it cannot detect colluding vehicles, i.e., two or more malicious vehicles reporting the same faked event. Faked event is generated by minimum two vehicles but vehicle number will not be exceed the threshold τ. for a pseudonym list Li,j,m, the RSB calculates the coarse-grained hash value for each pseudonym p ∈ Li,j,k, and obtains a set of coarse-grained hash values Sc. If |Sc| ≤ τ and two or more pseudonyms in Li,j,k map to the same coarsegrained hash value, the RSB suspects the event to be fake and reports to the DMV.

15. Drawback of Existing System. Drawback of Existing System. By this Three Scheme we Only detect the sybil attack but can not revoke it. By this scheme overhead of traffic increases because malicious vehicle try to get the pseudonyms from DMV so overhead increases.

16. Proposed Work Proposed Work 1. Network Generation and Vehicle Registration with public authentication Key. 2.Detection of Sybil Attack. 2.1 Encryption of Message 2.2 Key Exchange 2.3 Decryption 3. Revoking The Sybil Attack

17. Block Diagram Block Diagram

18. Network Generation and Vehicle Registration with public authentication Key Create Region Create DMV OR RSB. Create Node or Vehicle With Parameter IP Address, ID, UID, Max and min wait time, Max and Min Speed. DMV Can Register the Vehicle with Public Authentication Key before vehicle can transmit the message.

19. Detection Of Sybil Attack Encryption of Message In this Phase Source Node can Encrypt the with Public Key Cryptography. In phase1, each vehicle should be registered in a group and receive its public authentication key (AK) before any message transmission. For signing a message, the vehicle uses group authentication key and encryption function and sends it along with original message to other vehicle and RSU

20. Key Exchange Algorithm RSU don’t have Private Key of Regional DMV so it sends request to Regional DMV for OBUid decryption. Regional DMV don’t have private key of Vehicle so it sends request to Home DMV for getting Private key of Vehicle. Home DMV reply private key to Regional DMV.

21. Alice and Bob agree to use a modulus p = 23 and base g = 5 (which is a primitive root modulo 23). Alice chooses a secret integer a = 6, then sends Bob A = g a mod p ◦ A = 5 6 mod 23 = 8 Bob chooses a secret integer b = 15, then sends Alice B = g b mod p ◦ B = 5 15 mod 23 = 19 Alice computes s = B a mod p ◦ s = 19 6 mod 23 = 2 Bob computes s = A b mod p ◦ s = 8 15 mod 23 = 2 Alice and Bob now share a secret (the number 2).

22. Algorithm used for Sybil attack detection 1- EH(PUAK(M)) from source node S 2- EH(SKA(IDA| HAK(M))) from source node S 3- E(PUCA(IDA, HSKA(IDA| HAK(M)))) from node S 4- SEND(RQST(M,HAK(M),CAh,OBUId) from source node S to local RSU other vehicle in local region) 5- EH(PUAK(M)) in RSU and IF(HAK(M)==HAK(M)) THEN go to step 7 else go to step 6 6- REPORT to CAl “the message is fault” 7- D(SKCl(IDA, HSKA(IdA| HAK(M))) in CAl 8- REQST(PUA) to CAh 9- RPLY(PUA) to CAl 10- EH(SKA(IDA|HAK(M))) and IF(HSKA(IDA|HAK(M))==HSKA(IDA|HAK(M))) THEN Sybil attack detect.

23. Revoking the Sybil Attack When any Home DMV Detects the sybil Attack it then Sends the request to regional DMV for revoking the node or Vehicle. So Regional DMV now Block or remove the node from region. So now Node Ultimately removes from root as well as Network.