A review on various security attacks in vehicular ad hoc networks

Mustafa Maad Hamdi, Lukman Audah, Mohammed Salah Abood, Sami Abduljabbar Rashid, Ahmed Shamil Mustafa, Hussain Mahdi, Ahmed Shakir Al-Hiti Faculty of Electrical and Electronic Engineering, Universiti Tun Hussein Onn Malaysia, Batu Pahat Johor, Malaysia School of Information and Electronics Engineering, Beijing Institute of Technology, Beijing, China Department of Computer Engineering Techniques, Al-Maarif University College, Al-Anbar, Iraq Computer Engineering Department, Faculty of Engineering, University of Diyala, Baquba, Diyala Province, Iraq Department of Electrical Engineering, Faculty of Engineering, University of Malaya, Kuala Lumpur, Malaysia


INTRODUCTION
Rapid wireless technology should be used to enhance the driving environment to enable road safety, infotainment, and effective transport. Deaths worldwide are growing dramatically, with over 1 2.2 million fatalities killing on roads globally per year, with over 50 million being wounding. Over the next five years, such estimates would rise by nearly 60% if no measures are implementing in addition to other harm such as loss of time generated by road delays.
VANET is a mobile ad hoc (MANET) route network designed to enhance travel security, traffic flow, and driving experience. This consists of the registration/administration of transportation on-board units (OBUs) and roadside units (RSUs) [1]- [3]. An OBU is constructed as a communication transmitter with other vehicles on the road in every vehicle, while an RSU with networked equipment is installed along the road.  [8] It should be noted that most previous works focused only on a few aspects of various security attacks in vehicular ad hoc networks, such as vehicular communication [17], security attacks [18], green communication networks [19], and security issues [20]. So in this paper summarizes the main contributions as: a. In this survey, the challenges in VANET were discussed, particularly in V2V and V2I and clarified security concerns, including confidentiality, authentication, integrity, availableness, and non-repudiation. With a literature survey for each case and made a comparison with previous studies as in Table 1. As well, security services have also has been discussed as a possible attack on the capabilities. b. Some researchers have been working to provide VANET authentication. However, confidentiality and availability are almost non-existent in most studies, such as in privacy and safety and so on, especially in [16], [21], [22]. To fill this gap, this article comprehensively surveys the latest advances, focuses on requirements, and then describes the various attack and threats examples. Furthermore, we discovered that encryption and authentication are crucial in VANETs. This paper's novelty shows that the proposed ACPN is feasible and adequate to UVC in the VANET for efficient privacy-preserving authentication with non-repudiation, according to analysis and performance evaluations. This paper's organization follows section 1, explaining the VANET and types of communication in VANET. Section 2, presenting the most challenges in VANETs. Section 3, explaining all kinds of security service in VANETs, section 4, show the discussion and conclusion.
The relationship between literature algorithms and the various safety factors [29]/2019 Current AV safety problems and security attacks research overview The available safety and security countermeasures Our Survey Challenges in VANET, security concerns, including confidentiality, authentication, integrity, availableness, and non-repudiation The proposed ACPN in the VANET setting is feasible for a UVC for effective non-repudiation confidentiality authentication x considers non-considers

CHALLENGES OF VANETS
There are several issues challenges in VANETs: a. Congestion and collision control; the unlimited size of the network is also a challenge. In rural areas, the traffic load is low, and in urban areas, even at night. It also happens while in a rush with network partitions. The traffic load is hefty hours, which causes network congestion and a network collision. b. Real-time system; developing a real-time system is difficulty because it is challenging to send a warning message in an increasingly mobile environment before the deadline is the correct time. c. Authentication; all messages sent from one vehicle to another must be authenticating. The central authority will authenticate each vehicle in the network [30]. d. Security and trust; security issues are sometimes dealt with in travel applications, especially in the comfort of the traveller, and the reason is that cooperation exists between all. If security and security are not ensuring, customers will not accept the warning systems they have received. Trust and trustworthy software are one of the most critical protection issues in VANET. Implementing security maps for VANET implementations can also delay the message's delivery [25]. e. Environmental impact; for communication, VANETs are using electromagnetic waves. These waves are environmentally affected. Therefore, to deploy VANET should be considered for the environmental impact [31]. f. MAC design; VANET typically uses the common medium to notify the design of the MAC. Several approaches, such as TDMA, SDMA, CSMA, are taken. The CSMA based Mac for VANET was adopted by IEEE 802.11 [18]. g. Location-based services; through beaconing, we know where other cars are situated. However, we know the correct vehicle location by using GPS, sensors, cameras, radar. h. Mobility; the VANET vehicles are highly dynamic, as they are free to travel and connect with other vehicles throughout their movement, which can never be approached before. Vehicles stay attached for so long, and then each vehicle loses its connection when it moves in a path that makes it challenging to secure VANET [32].

SECURITY SERVICE IN VANETS
MANETs has recently created security problem that researchers consider to be an important security issue, including fewer central points, insufficient mobility Wireless, and driver connectivity problems. For VANETs, the messages' security transferred to assured that the attackers cannot inject or change them. In fact, within a specific timeline, the driver will reliably inform traffic conditions. The VANET is more vulnerable to attacks due to its distinguishing characteristics. Also, safety issues would now be properly discussed. If not, certain obstacles would be generated to protect communication within VANETs. The system's requirements should be in line with the related network service that needs to be specified in VANET security. Such conditions could not be dealt with with possible VANET threats or attacks. This section discusses the security services in VANET. The primary safety Requirements are divide into five main domains, such as VANET [33]:

Availability attack
Units the availability includes bandwidth and connectivity for all node network services. A group signature system has been implementing to prevent and detect technology [19]. The program focuses on the availability of messages between vehicles and RSUs. If the attack causes network unavailability, the technical solution proposed is to survive through interconnections between RSUs and the vehicles using public and private keys [21]. At the same time, attack on availability, in the case of lack of availability functionality which may contribute to a decrease in the efficiency of the VANETs information accessibility, is a vital part of the VANET system. The following are its description and types: a. Denial of service (DOS) attacks; DOS is one of the most common VANET attacks. The attacks in the VANET network internally or externally vehicles [34]. The attacker blocks vehicle communication and effectively prevents any possible means of behavior. Many attackers can simultaneously perform this attack on a distributed basis, known as a distributed denial of service (DDoS) [35]. b. Jamming attack; the VANET communication channel is disrupted by a strongly driven signal of an equivalent frequency. It is the riskiest security application attack because the valid security warning has not been following. If a successful jamming attack has been carried out, the jammer will disrupt the useful signal at the same time as an event [36]. c. Malware attack; malware is malicious software whose objective is to interrupt normal functioning. The attacker is responsible for this attack. This attack is introduced to the networks by VANET systems and roadside stations as software updates are received. d. Black hole attack; it is one of VANET 's safety attacks. The assailant node refuses to participate in this attack or even drop the data packet [37]. This type of attack, therefore, affects the vehicle network more severely. e. Gray hole attack; the black hole attack variant. It happens if unsustainable vehicles want to forward some data packets and remove the other packet without being tracked [19]. f. Greedy behavior attack; this attack mainly affects the MAC functionality when a malicious vehicle misuses the MAC protocol to maximize the costly bandwidth for many applications. This contributed to a traffic congestion and a collision in the broadcast channel that could delay the legitimate services of the registered user [20]. g. Broadcast tampering; attackers include false safety messages on the network in this attack. This message covers traffic alerts at times. The situation is critical, for example, accidents and traffic delays [38]. h. Spamming; spam attacks target bandwidth consumption and transmission latency. Spam attacks such messages, like advertising messaging, are not of interest to users [39].

Authentication attacks
VANET plays an essential function in authentication. It prevents VANET from attacking suspected network entities. Based type information, including user identity and sender address, is vital. It is necessary. Authentication can control vehicles' authorization levels and can, by allocating specific identification for each vehicle, often prevent Sybil attacks [40]. While attack on authentication, authentication is vital in the VANET network used to protect the system from attack due to malicious nodes. Authentication shall be responsible for Protecting internal and external connections from VANETs. The following are its description and types: a. Sybil attack; this attack consists of sending more than one copy of messages to other vehicles, and every message includes a manufactured identity, i.e. The attacker appears hundreds of vehicles with specific IDs to other vehicles, informing them jam ahead and forcing them to take another path. b. Tunnelling attack; this attack is like the wormhole attack. Initiating a personal chat and on a channel called the tunnel using the same network. The attacker joined the VANETs at two distant positions. Thus, nodes far apart can connect as neighbors [37]. c. GPS spoofing; a powerful signal transmitting an attacker, more significant than the GPS signal, causes VANET to be jamming, and the vehicle receiver gets the wrong position. d. Node impersonation attack; this attack occurs when an attacker determines the VANET's user ID [19]. e. Free-riding attack; this attack is viral and performed by false authentication attempts and cooperative message authentication by an effective malicious user. During this attack, the malicious app is going to use other users' security efforts without their own. This form of action is considered free rein. This attack could severely threaten to authenticate the message of the cooperative.

Integrity attacks
Data integrity ensures that data obtained from nodes, RSUs, and AS areas created while exchanging messages. The integrated digital signature with app access guarantees the validity of the message [40]. While attack on integrity, invalid data measurements and the transmission of messages affected by managing vehicle sensors or altering the data transmitted will compromise data integrity. This influences the network's reliability. Therefore, some mechanisms have to be established in practice to protect the vehicle network from these attacks [41]. The following are its description and types: a. Masquerading; in this attack, one attacker is defined by false identification and visibility as a legitimate node by another vehicle. The attacker behaves like a man in the central middle and spoofs them as the second vehicle as all vehicles interact in the process. That is also a deliberate attack to change the results [23]. b. Replay attack; the attacker aims to repeat or delay fraudulent transmission by continuously providing valid data and injecting beacon and responses received by the VANET network. In the case of an incident, traffic authorities can find it challenging to identify vehicles [42]. c. Message tampering attack; the attack is usually carrying out when an attacker modifies or changes recently transmitted messages as the name of the attack indicates. When the road is congested, the attacker changes the data to clear the path and may modify the path. d. Illusion attack; in this attack, the attacker communicates alerts based on the road conditions, which give the vehicles an impression leading to delays, accidents, and lower overall VANET results. Unfortunately, because of the essential control of the sensors (of his vehicle) directly and technological them for producing and transmitting the bad traffic info, there is no authentication protocol against such an attack.

Confidentiality attacks
Confidentiality requires guarantees that unknown entities will never disclose classified information in the network [43]. It also prevents unauthorized access to private information, including name, plate, and location. Pseudonyms are used as the most popular technique in-vehicle networks to maintain privacy. That node of the vehicle will be encoded with many significant pairs. Messages are authenticated or signed with different psychographs, so this pseudo has not been connected to the vehicle's node; however, it is fixed by the qualified authority [44]. While attack on confidentiality, confidentiality is a vital safety requirement invehicle communications, guaranteeing that only authorized parties can be receiving the message [17]. In group communications, this type of security requirement is generally present in which only group members can read this information.
The remainder of the VANET. General information is transmitted through the remaining VANET settings. Because VANET mobility is more important than MANET, it is more complicated than Ad hoc to routing to guarantee security in VANET. Confidentiality of messages exchanged between vehicle network nodes is particularly vulnerable with techniques such as illegal messaging by eavesdropping and collecting local information available through broadcasting messages. The intruder will collect information from existing users around them in the condition of Eavesdropping. Allow using information while the user is unaware of the set. Security and confidentiality of the location are issues for vehicle drivers [45]. The following are its description and types: a. Eavesdropping attack; eavesdropping is widely used in wireless networking technologies such as MANETs and VANETs. The aim is to obtain confidential information from the safe data. Therefore, unrequested users can know of the hidden specifications, including user identity theft and data location that can be used to identify vehicles. b. Traffic analysis; an attacker analyses the traffic (collection of information/transactions) in this attack. By involve processing the vehicle network, the attacker collects all the information. The attacker can attack through a strategy by gathering information such as email addresses, requests, and responses from all vehicles communicating. It is also a passive attack in which the attacker does not make the data modifications. c. Man-in-the-middle attack; this attack is taken from the v2v communication to tightly track and change communications. The attacker can access and control all V2V traffic, but communications companies believe they can communicate directly in private [46]. d. Social attack; the social attack is used to distract the focus of the driver. The attacker gives out immoral and immorality messages to the passengers. The attackers want the drivers to accept such unethical messages. VANET system often influences the driving actions and efficiency of the vehicle [47].

Non-repudiation attacks
The attacker may attempt to prevent the delivery of a message to escape liability after transmitting a message. Failure to repudiate allows attackers to be detected and prevents them from denying their crimes. All information is registered and stored on TPD to collect details from a formally authorized side [48]. While attack on non-repudiation, unless the user has the same key, two or three repudiations are not taken out. Therefore, two users are not differentiated and should not refuse to act. Reliable processing in different vehicles will avoid the same key. The following description and type as; repudiation attack: this attack happens if the attacker refuses to take action with sent messages [49].

DISCUSSION AND SUMMARY
Some researchers have been working to provide VANET authentication. However, confidentiality and availability in most studies are negligent. Also, double and related studies have been conducting. The need for more work on VANET security lies, therefore. Although no risk of immune from VANET can be assuring. As we know, secure strategies to enhance VANET privacy security must not be introduced with confidence. The exchange of information between the receiver and the sender must be protected from changes to improve efficiency. Several have addressed the challenges, but we aim to highlight the most important ones, including most small-and medium-sized networks and few significant networks. Through the use of surveys and studies. we are showing as; a) found out that encryption and authentication play a vital role in VANETS, b) analysis and performance evaluation showed that the proposed ACPN is feasible and adequate to UVC in the VANET environment for efficient privacy-preserving authentication with nonrepudiation.
Due to the above information and challenges, we suggest in the future, work on; a) they are focusing on efforts and research on developing algorithms to work with extreme accuracy on large networks and test them on a huge data set, b) researchers must pay attention to these issues (that availability attacks have a more significant threat level compared to integrity and authentication) before using the blockchain as a tool to solve the rest of the problems, c) need new scenarios and simulations of hybrid cryptographic schemes to enhance the authentication process at low costs and be decentralized before VANET is practically implementing.
In summary, availability uses a group signature technique and interruption for security attacks. Authentication use certificate authority technique and fabrication for security attacks. Integrity uses a digital signature with a password technique and modification for security attacks. Confidentiality use encryption and decryption technique and interception for security attacks. At the same time, non-repudiation use sequence number and digital signature technique. Finally, confidentiality and authentication more secure than others.

CONCLUSION
In an open-access system, security messages are broadcasting VANETs are vulnerable to attack. Considerations related to VANET are covered, particularly in V2V and V2I. However, confidentiality and availability are almost non-existent in most studies. The article reviews the latest advancements to fill this gap and goes in-depth on the reasons and numerous dangers and risks. Furthermore, we discovered that encryption and authentication are crucial in VANETs. This paper's effectiveness shows that the ACPN is both feasible and appropriate for effective authentication to UVC in the VANET, according to analysis and performance evaluations. Also, we discussed security services and threats and attacks toward them. As future work, we suggest improving security and privacy by including artificial intelligence algorithms.