Classification of Security Attacks in VANET: A Review of Requirements and Perspectives

. Vehicular Ad Hoc Network (VANET) is a pillar of the envisioned Intelligent Transport System (ITS) and a subset of Mobile Ad Hoc Network that grants the communication in between the vehicles alongside with the absence of established communication infrastructure. Exposure to vulnerabilities of Vehicular Ad-Hoc Network (VANET) has been shown to be related to its nature of the environmental. For this reason, VANET security becomes a critical challenge that need to be resolved. In this paper, we assess the VANET security issues and discuss the challenges in VANET. Equally important, we comparatively review the security requirements, the type of attacks and capabilities of attackers present in VANET.


Introduction
Recently, Vehicular Ad Hoc Network (VANET) is fast becoming a key catalyst in the Internet of Things (IoT) area.In general, Vehicular Ad Hoc Network (VANET) is a portion of Mobile Ad Hoc Network (MANET) which receiving numerous attention from researchers and automotive industry [1].In addition, VANET is capable in improving road safety by allowing each of vehicles on the road communicates to each other with inadequate fixed infrastructures [2].VANET applications are graded into safety applications and nonsafety applications [3].The former relates to the safetycomfort application in which linked to the safety of users.It aids in providing an alert and warning information to the users regarding to any incidents occurs on the road such as accidents.The latter consists of the non-safety applications responsible in providing comfort to the users and acts as traffic-enhancer.Additionally, VANET provides legitimate information to the users on the road in order to increase the road and users safety.However, it is not guaranteed that vehicular network environment is get off from any jeopardized since VANET is exposed to the vulnerabilities.
It One of the key challenges in the implementation of VANET in relation to security is providing secure vehicular communication.The authors in [4] examined that there are lots of attacks and threat that can compromise the network and communication.The most potential attacks that VANET faces are classified into data threat and VANET system threat.Denial of service attacks is one of the malicious attacks that can deny the On-board units (OBU) or Road Side Units (RSU) from entering the network as well as interruption to the radio channels.
This paper is organized as follows; In Section 2, we discuss the architecture of VANET.Section 3 presents the characteristics of VANET.Section 4 reviews the taxonomy of security concept in VANET and divided into three subsections.The first sub-section reviews the type of the attackers, the second sub-section discuss the capabilities of the attackers while the last sub-section presents the series of attacks that compromised in VANET.In Section 5, we present the network challenges in VANET.Section 6 explains the security requirements in VANET.Conclusion is provided in Section 7.

The VANET Architecture
VANET can be categorized into three which are (1) Pure IV.TAXONOMY OF SECURITY CONCEPT IN VANET Cellular/WLAN architecture, (2) Pure ad hoc architecture and (3) Hybrid architecture.Figure 1 exhibits the network In VANET, vulnerabilities are presented due to the architecture in VANET .wireless medium used.As a result, VANET are exposed to various kinds of attacks that could disrupt the communication operations between vehicles.Thus, the security concept in VANET as shown in Figure 2  Generally, the communication and information exchanged in VANET independents from any fixed infrastructure.This possibly because of VANET environment is highly dynamic.According to authors in [3] proposed, the architecture of Fig. 1.The Network Architecture of VANET [3] The communications patterns in VANET can be classified into.

VANET Characteristics
VANET is well-known as the subspace of MANET.However there are few characteristics of VANET that makes different from MANET, whereas VANET exhibited complexity in designing it as well as more challenges compared to MANET [3].

Frequent Disconnected Network
Vehicles are moving while exchanging information.Due to the rapid topology changes, the connections between two vehicles are easily disconnected.Usually the disconnections occur in infrequent networks.

Rapid Topology Changes
Due to the fast moving of vehicles, VANET topology changes quickly.

Battery Power and Storage Capacity
The communications in MANET consumes battery power conversely in VANET, the power and storage is boundless.

Communication Environment.
Obstacles in VANET are presented in dense network as well as sparse network.Trees, buildings, and other objects could obstruct the communications in VANET especially in dense network.For this reason, routing protocol for sparse and dense networks should be considered.

Mobility Modelling
The pattern of mobility in VANET is dependent on the traffic environment, vehicle's speed and driving behaviour.facilitate the attackers to launch the attacks.Sub-section 4.   Hacker: The hacker is motivated by the enthusiasm and interest without getting back any benefit from the attacking.
 Malicious hacker: The malicious hacker is driven by the monetary purposes of organizational or for personal/political gain.
 Insider vs. Outsider: The former relates to the attacker that is authenticated in the network and known best about the network.The latter uses the attacker from the outside having a limited knowledge about the network that they want to penetrate.

Capabilities of Attackers
 Technical: Experience and Expertise With adequate experiences and skills, attackers are able to generate attacks against the network for example like extracting the program code and secret keys in order to launch the attacks. Resources: Attackers are dependent on three main key resources like tools, budget and manpower.Without these key resources, it is hard for the attackers to achieve their goals.
 Coverage Area: The coverage area of the attackers is depending on the attackers 'capabilities and nature of attacks.The rookie attackers could be controlled one of the Dedicated Short-Range Communication (DSCR) channel within the range of 1000 meters whilst the expertise could covered more area and DSCR channels compared to the rookie attackers.

Type of Attacks
The  In Figure 3 presents the extended level of timing attack occurs in VANET.

Fig. 5. Extended Level of Timing Attack [9]
Bogus Information and Bush Telegraph Bogus information attacks involving forwarding the counterfeit or false information throughout the network, intended to ignite disarray.In return, the attacker will gain the benefit from it [10].
 Attacks on Availability: Denial of Service Attack (DOS) Denial of Service attack is the most common intrusive attack against the availability.In fact, it can take place in each layer across the network.The purposes of the attacker could be denying the legal vehicles from accessing the network, control the vehicle resources and jamming the communication channels [11].DOS can be classified into three levels of attacks which are (  .A false route will be created and sent to the victim during the flooding of Route Request (RREQ) packet in flooding-based routing protocol [13]. Worm Hole Attack Entangle two attackers; a band wormhole is created when these two attackers are next to each other and advertising themselves to the other nodes that they have the shortest path to the destination.Both of the attackers will placed themselves in the most vital position in the network and forming an overlay tunnel over the wireless medium in order to intercept the communications throughout the network.This is the most preferable attack by the attackers because they can strengthens themselves when throughout the establishment at strong strategic location in VANET [14]. Greedy Drivers The purpose of greedy drivers is to conquer all the network resources for its own used.They can create havoc by set up forged traffic jammed information so that other nodes will deviated from the attacker path.The attacker wisely will be modified the MAC layer parameters in order to expedite this attack [15].

Attacks on Authentication / Identification
Masquerading To perform masquerading attack, an attacker needed to enter the network and has functioning onboard unit.Attacker can disguised itself as legitimate node and carry out any of attacks.The easiest attack to be launched in a network is masquerading attack [12]. Replay Attack: By injecting back the received packet into the network, the location table of the node is being poisoned by replaying beacons.This kind of attack is called as replay attack.On the other hand, in order to continuously defended from replay attack, VANET must maintained accurate source of time that used to keep cache of the received messages [12]. Position Faking It is easier for an attacker to alter its position in a network with unsecured communications.Under that circumstance, accurate authentication and frequent reporting of node positions are required.Through location reporting, masquerading or impersonation is futile.Possibly through position faking in unsecured communication will lead the attacker to falsify their own position, creating additional vehicle identifiers which known as Sybil attack or blocking other nodes from receiving important messages [12]. GPS Spoofing By making nodes thinking that they are in the different location, nodes are easily fooled by the attackers.This kind of attack can be carried out by producing false reading in the GPS devices.GPS spoofing permits the attackers to generate stronger signal than signal that generated by genuine satellite by using GPS satellite simulator [12]  Message Tampering In this attack, attackers could modify the messages that being exchanged in the V2V and V2I communications.Message tampering attacks are arising from the vulnerabilities in authentications [12]. Message Suppression/Fabrication/Alteration There are two ways those attackers can disable itself from responding to any beacons; either physically disabling the inter-vehicle communication or altering the application [12]. Key and/or Certificate Replication In this case, attackers could erode the system by making several nodes with the same identity.This attack can be carried out by replicating key management and/or certificate.The purpose of the attacker is to bemuse the authorities and forbid the identification of attacker [12]. Sybil Attack The attack is launched by sending wrong numerous messages to the other node but with different forgery identity of the sender.As a result, for example, other nodes will leave the road in order to ease the attacker to pass through the road freely.In this case, the real identities of the sender are hidden and the attackers created a delusion to the other nodes. Node Impersonation During the communication between the sender and receiver, the attacker may modified the message from the originator and send it to the receiver.Therefore, the malicious message may seems like originated from the sender.This problem could be curbing by assigning the unique identifier to each vehicle nodes.Henceforth, the real identity of the message originator could be detected.

Security Challenges in VANET
Security issues in VANET are critical due to vulnerabilities exist during information transmission which causing VANET exposed to the attacks.In order to maintain a secure vehicular communication and networks, VANET security system should satisfy with the requirements.Some of the requirements are essential for all networks, but some are definite for VANET only [17].Those requirements are; A. Authentication In order to allow the communication between vehicles which sending and receiving information, VANET should authenticate each of them.This process may comprise the identification of the sender identity and the legitimacy of the sender to use the network.

B. Availability
Availability is defined as the degree of the VANET system that must be operable and available when needed.
A fast response time also must applicable for some applications.

C. Privacy
Privacy is one of the most important requirements in VANET.Privacy must ensure that the identity of the drivers and the location of the vehicles are not being exposed.

D. Integrity
The information exchange in between the sender and the receiver should be free from the alteration attacks.Thus, information can be trusted.

E. Non-repudiation
It ensures that the origin of the information cannot be denying that it has sending the information.

Conclusion
In summary, safety is the main attention for the road users.
VANET has an ability to provide safety requirements by providing the information on the roads to the users.However, VANET is not immune from any vulnerabilities and threats.Because of that, secure solutions in order to enhance the security of the information in VANET must be deployed.Therefore, it is important to maintain the network availability and develop trust to the information in VANET.
3 defines the type of attacks based on (1) Attacks on Confidentiality, (2) Attacks on Integrity, , and (5) Attacks on Privacy.

Fig. 2 .
Fig. 2. Taxonomy of Security Concept in VANET communication medium used in VANET is through the open air which make possible for attackers to penetrate and invade the networks.The real intentions of the attackers are to create problems with the legitimate vehicles in the network[5].The attacks are classified as the following: Attacks on Confidentiality: Eavesdropping in VANET is targeting against the confidentiality and occurs in network layer.It operates by sniffing the conversation in between two nodes.As a result, this attack enables the attacker to intercept the communication, steal the password and important data.The attacker can masquerade itself as one of the node, or located itself as false RSU with the aim to catch up valuable information[6][7]. Attacks on Integrity: Timing Attack, without altering any contents in the message, the attacker carries on this attack by adding delay which causes the user to receive the message behind the time.Consequently, user may face traffic congestion or even worse, accidents.It is important to realize that the information and messages deliveries in VANET should be received by the users at the appropriate time[3][8].In addition, timing attack is divided into two levels which are (1) Basic Level and (2) Extended Level.Both levels are targeting users in the vehicular network, where the basic level only pointed to the user in peer-to-peer (P2P) communication while extended level is rigorous compared to basic level since it focuses on group of users[9].Figure1and 2 shows the basic level of timing attack occurs in VANET.