A collaborative protocol for anonymous reporting in vehicular ad hoc networks
Introduction
Road safety has become an important issue for governments and vehicle manufacturers in the last twenty years. Vehicular ad hoc networks (VANETs) [1] have recently emerged as a platform to support intelligent inter-vehicle communication to improve road safety. VANETs aim to provide vehicles and roads with capabilities to make roads more secure and to make driving time on the road more enjoyable, enabling communications among nearby vehicles (vehicle-to-vehicle communication) as well as between vehicles and nearby fixed equipment (vehicle-to-infrastructure communication). Concordantly, intelligent transportation systems (ITSs) have appeared to leverage the power of modern communication technologies, applied to both vehicles and infrastructure, in order to improve road safety.
Allowing drivers to report traffic accidents and violations through the VANET may lead to substantial improvements in road safety. Being able to do so anonymously in order to avoid personal and professional repercussions will undoubtedly increase user acceptance of such valuable service. Consider for example the potential risk incurred by a user who files a complaint against somebody who is also responsible for processing the corresponding violation. If such complaint were not anonymous, the reported individual may attempt to take action against the reporting user. Not to mention the fact that user behavior may be profiled on the basis of location and other sensitive information contained in the report.
Particularly in ad hoc networks, users may prefer not to place their trust on intermediaries such as anonymizing proxies [2] and mix networks [3], [4]. Privacy-enhancing technologies based on user collaboration avoid the need for these trusted third parties (TTP). On the other hand, it is crucial that the anonymity-enforcing mechanisms implemented be aware of their impact on network performance that translates into quality of user experience (QoE). Although there exists a number of collaborative anonymity systems in the literature [5], [6], to the best of our knowledge none of them is perfectly suited to the specific requirements of vehicular networks highlighted here.
With these challenges in mind, the main objective of this paper is to propose a new collaborative protocol for enforcing anonymity in multi-hop VANETs. The approach here presented is closely inspired by Crowds [5], a protocol according to which each user probabilistically decides to send a message directly to a common receiver, or else to forward it to a peer, who is asked to repeat the process. Our protocol differs from the original Crowds in that, first, it does take into account transmission losses, and secondly, it is specifically conceived for multi-hop VANETs, rather than for wired networks. Precisely, this second difference makes our approach dependent on the underlying multi-hop routing protocol, since the authority processing the reports may not be within communication range of every user. Motivated by this, this work assesses the suitability of our approach in combination with two standard routing protocols, AODV [7] and GPSR [8], and under two urban scenarios. Our extensive performance evaluation contemplates not only privacy, but also the impact on quality of service (QoS) of the privacy mechanism. On the one hand, QoS is measured in terms of packet loss, end-to-end delay and average number of hops; on the other, we measure anonymity as the attacker's probability of error when guessing the identity of the sender, in keeping with [9].
Section 2 examines the state of the art on anonymous-communication systems and reviews the routing protocols AODV and GPSR. Section 3 first describes the adversary model and anonymity metric assumed in this work. Afterwards, this section presents our anonymous-reporting protocol. Then, Section 4 is entirely devoted to the empirical evaluation of our approach under two distinct urban scenarios. Finally, conclusions are drawn in Section 5.
Section snippets
State of the art
As stated previously, our main contribution is an anonymous-reporting protocol that, on the one hand, is inspired by the anonymous-communication protocol Crowds [5], and on the other, builds on a generic multi-hop routing protocol. In this section, we first provide a broad perspective of anonymous-communication systems, and secondly, describe in detail two widely-used routing protocols, one of them intended for mobile ad hoc networks, and the other specifically conceived for vehicular networks.
A protocol for the anonymous reporting of traffic violations
This section presents the major contribution of this work, a protocol that enables users to report traffic violations anonymously in vehicular ad hoc networks. Before we get into the details of our protocol, Section 3.1 examines the particular scenario of vehicular networks assumed. Later, Section 3.2 specifies the adversarial model considered in this scenario, both in terms of the attacker's objective and its strategy to compromise user privacy. Afterwards, Section 3.3 proposes a measure of
Experimental results
This section presents a number of experimental results that will allow us to evaluate our anonymous-reporting protocol in terms of anonymity protection on the one hand, and QoS requirements on the other. With this purpose, we first describe the simulation environment in Section 4.1. Then, we assess our approach under two scenarios, namely a residential area and another representing a downtown district.
Conclusions
In recent years, vehicular ad hoc networks have caught the attention of both industry and academia, since they are seen as a means of improving road safety in current and future transportation systems. Among the potential safety applications enabled by such networks, one of the most promising is the reporting of traffic violations such as speeding or tailgating.
Allowing users to report traffic offenses through the VANET may contribute to improve road safety on the one hand, but on the other it
Acknowledgments
This work was partly supported by the Spanish Government through projects Consolider Ingenio 2010 CSD2007-00004 “ARES”, TEC2010-20572-C02-02 “Consequence” and by the Government of Catalonia under grant 2009 SGR 1362. Carolina Tripp has a FI-AGAUR grant of the “Comissionat per a Universitats i Recerca” from the Generalitat de Catalunya and the Social European Budget. She has also obtained a grant from the Autonomous University of Sinaloa, Mexico. Luis Urquiza is the recipient of a grant from the
References (29)
- et al.
Specification of a framework for the anonymous use of privileges
Telematics and Informatics
(Aug. 2006) - et al.
Private location-based information retrieval through user collaboration
Computer Communications
(2010) - et al.
The design and implementation of the NCTUns 1.0 network simulator
- et al.
Vehicular Networks. From Theory to Practice, ser. Chapman & Hall/CRC Computer and Information Science Series
(2009) Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
(1981)Tor: Overview. [Online]
- et al.
Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security
(1998) - et al.
Ad-hoc on-demand distance vector routing
- et al.
GPSR: greedy perimeter stateless routing for wireless networks
- et al.
On the measurement of privacy as an attacker's estimation error
International Journal of Information Security
(2012)
Mixmaster and Remailer Attacks
Mixminion: design of a type III anonymous remailer protocol
On the anonymity of timed pool mixes
Mixmaster protocol – Version 2, Internet Eng. Task Force, Internet Draft
Cited by (18)
A user collaboration privacy protection scheme with threshold scheme and smart contract
2021, Information SciencesCitation Excerpt :Later, Rebollo et al. [30] further improved their schemes and leveraged entropy as a metric to measure the uncertainty, and they also considered the user with the maximum value of entropy would provide the maximum uncertainty and assigned the user who had the maximum entropy to submit the set of queries. As the mobile user usually located in a road network, and the road network has much more restrictions than Euclidean space, the privacy preservation scheme used in a road network has to consider these restrictions, so Barba et al. [31] provided a collaborative protocol for randomly exchanging pseudonyms. Considered that, the real user is usually located in the central point of the anonymous area, which can be identified by the differential of average distances easily, Niu et al. [32] proposed a random walking scheme to select collaborative users in a larger range of area with random distance.
Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey
2020, Journal of Network and Computer ApplicationsCitation Excerpt :The main inconvenience of Crowds consists on the heavy communication overhead, mainly due to additional hops. Following Crowds protocol, Barba et al. proposed a privacy preserving scheme to report traffic violations in vehicular applications (Barba et al., 2013). Rather, their construction introduced acceptable computation and communication costs compared to Crowds.
A survey on ultra-dense network and emerging technologies: Security challenges and possible solutions
2017, Journal of Network and Computer ApplicationsFrom vehicular networks to vehicular clouds in smart cities
2016, Smart Cities and Homes: Key Enabling TechnologiesA blockchain-based quantum-secure reporting protocol
2021, Peer-to-Peer Networking and ApplicationsA trust infrastructure based authentication method for clustered vehicular ad hoc networks
2021, Peer-to-Peer Networking and Applications