Securing Vehicular Ad-hoc Networks Against ... - Semantic Scholar

3 downloads 231647 Views 154KB Size Report
Email: [email protected]. Abstract—Future development of Intelligent Transporta- tion Systems (ITS) depends on Vehicular Ad-hoc NETworks. (VANETs) in ...
Securing Vehicular Ad-hoc Networks Against Malicious Drivers: A Probabilistic Approach Danda B. Rawat‡ , Bhed B. Bista§ , Gongjun Yan∗ , and Michele C. Weigle† ‡ Dept.

of Electrical & Computer Engineering, Old Dominion University, Norfolk, VA, USA. Email: [email protected] of Software & Information Science, Iwate Prefectural University, Japan 020-0193. Email: [email protected] ∗ Department of NMIS, Indiana University Kokomo, Kokomo, IN, USA. Email: [email protected] † Dept. of Computer Science, Old Dominion University, Norfolk, VA, USA. Email: [email protected]

§ Faculty

Abstract—Future development of Intelligent Transportation Systems (ITS) depends on Vehicular Ad-hoc NETworks (VANETs) in which communications will help to improve traffic safety and efficiency through exchanging information among vehicles. As each vehicle cannot be a source of all messages in VANET, most communications depend on the information received from other vehicles. To protect VANET from malicious action, each vehicle must be able to evaluate, decide and react locally on information received from other vehicles. Message verification is more challenging in VANETs since the security and privacy of the participating vehicles, in general, and of the drivers and passengers specifically is of major concern. Each vehicle needs to verify the accuracy of the message and needs to verify that the received message is from a legitimate vehicle. In this paper, we propose a new algorithm to secure vehicular communication with the help of trust measured for the given period using a probabilistic approach. The proposed algorithm secures VANETs against the untrustworthy drivers. The proposed algorithm is illustrated through numerical results obtained from simulations. Index Terms—Vehicular networks, securing vehicular ad hoc networks (VANETs), trust in VANETs,

I. I NTRODUCTION Vehicular communications can be considered as single hop or multi-hop vehicle-to-vehicle (V2V) communications and/or vehicle-to-roadside (V2R) communications. In V2R communications, roadside infrastructure works as a relay unit where the received message can be forwarded to specific locations or broadcast to all locations. In such communications, the information of participating vehicles can be stored locally for different legitimate purposes such as tracking back the vehicle if it performs some malicious actions for VANETs. Cellular infrastructure or base stations can be used as roadside units, however, the use of such infrastructure in VANETs results in high delay as the message travels from the transmission vehicle to the base station, and then from the base station to receiving vehicles, which is not desirable for time sensitive messages [1], [2]. Furthermore, in this scenario, it may take more than 10 seconds to get call admission for a vehicle with the base station. An alternative solution is to install access points (APs) across the roads as in wireless local area networks (WLANs). However, this solution might not be economically feasible. In V2V communications, each vehicle receives a message from other vehicles in a single hop or multiple hops without

using a roadside unit. In this scenario, vehicles form the communication network in an ad-hoc manner and form a Vehicular Ad-hoc Network (VANET) since a vehicle or driver joins (enter to a highway) and leaves (take exit from the highway) the network as per driver’s desire. In this type of scenario, it is almost impossible to keep track of every one in the network by ensuring security and privacy of the participating drivers. VANET is regarded as a subset of Mobile Ad-hoc NETwork (MANET) and has unique characteristics [1], [2] (virtually infinite energy supply, high mobility and dynamic change in network topology, etc.). Because of these unique characteristics of VANETs, the solutions and protocols proposed for MANETs might not be directly applicable to VANETs without any amendment. In VANETs, it is assumed that individual vehicles are equipped with DSRC enabled computing (processing, recording, positioning features etc.) and communication system. Furthermore, VANETs are expected to utilize a variety of wireless communication technologies for road safety and comfort as well as infotainment applications. VANETs basically depend on communication systems, applications (safety, comfort), incident detection and sensing systems, and drivers (human behaviors) as shown in Figure 1. Human behavior heavily affects the network topology, whereas sensing and communication systems determine the performance of the overall system. Thus, the accuracy of the incident detection/sensing system and the communication system to exchange the information with neighboring vehicles is of vital importance. It is also well known that security schemes heavily depend on the wireless systems and technologies that are used. In V2R-based vehicular communication, trustworthiness of the message can be easily verified since the locally centralized roadside unit can keep track of the participating vehicles and the received messages. Then centralized unit can aggregate the messages and broadcast it to the vehicles. However, as mentioned, the message dissemination from source to destination might face higher delay, which is undesirable in VANETs for time critical messages. Even with prioritization of messages as in [3], [4] the system might not be able to satisfy the delay requirement of time sensitive high priority messages such as message related to an accident. The apparent solution, in order to have timely dissemination of messages towards a destination region, is V2V-based vehicular communication. In such V2V-

Communication Systems and Technology Vehicular Communications or VANETs VANETs Applications

Fig. 1.

Incident Detection and Sensing Systems

Driver's/Human Behaviors

Basic VANET Components and Their Inter-dependencies

based vehicular communications, individual vehicles work as a router, destination and source of the message. Therefore, it is challenging for a vehicle to verify whether the recently received message is legitimate or not. In order to address security in VANET, there have been different approaches proposed in the literature [5]–[8]. VANETs can be secured using cryptographic algorithms and protocols. Usually a third party, believed as a trust center, is involved in these protocols for key distribution, message authentication and digital signatures. However, such mechanisms are not attractive solutions in terms of trust as well as economics. Therefore, in this paper, we are interested to accomplish automatic detection of malicious vehicle/driver in VANET to provide genuine message in the network. It is noted that if a message is not a legitimate one or not from a legitimate vehicle, the received message can be discarded. The malicious driver can be alerted by sending a warning message. In this paper, we consider a probabilistic approach to measure the trust of the received message by making observations for a given time interval to verify whether the received message is from a legitimate vehicle or not. It is worth noting that the received message might be from a near the roadside intruder or a malicious driver on the road. Observing the message over the given time interval will help verify the validity of the message. We also note that making a decision with a single instance of the message can be inaccurate, resulting misleading communications. The paper is structured as follows: we present related work in Section II. In Section III, we present the problem statement. Section IV deals with the proposed approach, followed by the algorithm in Section V and simulation results in Section VI. Finally, we conclude the paper in Section VII. II. R ELATED W ORK VANETs have attracted interest in both academia and industries [1], [2] such as Car to Car communication [9] as well as projects such as NoW [10], PReVENT [11], ORBIT [12], and PATH [13]. These works cover almost all aspects of vehicular communications [1], [1]. VANETs are highly dynamic in nature because of the high speeds of vehicles and the highly personal nature of informa-

tion sharing. Therefore, existing methods for wireless security, trust and privacy might not be suitable in VANETs. Recent works include [8], [14] for security in VANETs. However, in order to implement the existing security and trust mechanisms in VANETs, we need trust centers installed along the highways as roadside units. This might lead to many questions such as Who will be the owner? Is it trustworthy to all? Is it cost effective? In [14], a cryptographic algorithm along with position information has been considered to implement security in VANETs. In [15], the authors discussed privacy and proposed centrally assigned digital pseudonyms. The authors in [16] have proposed a method in which vehicles change their pseudonyms in a certain region (where the many vehicles are within the communication range) pointed by the system. This method cannot work in the case when there are not a sufficient number of vehicles. To overcome this, authors in [17] have proposed a method which works based on self signed digital pseudonyms. We note that most of the research and proposed solutions in privacy and trust are mainly focused on the use of pseudonyms and the algorithms for changing them. However, implementing pseudonyms in VANET is challenging. Generally, VANET security systems should protect the privacy of both drivers and passengers [8], however it should be able to help establish the liability of drivers. In such cases, trust is an important factor while implementing privacy and security in VANET to prevent a generic attack on the network. Verification of the message received from other vehicles is required to protect the network from malicious drivers. As we know vehicles are personal devices and are owned for long time, it is required to protect personal information from being disclosed to unauthorized users for their privacy. A vehicle can collect messages from any vehicle but the vehicle might not be able to verify whether the message itself is legitimate one. It is worth noting that the privacy level of VANETs after implementing wireless communications should be at least the same level that is obtained without implementing wireless communications [18]. Specific privacy threats in VANETs include: tracking a specific vehicle, cheating with information, and so on. The general principle of privacy in VANETs is to protect the participating drivers/vehicles against the non-authorized users. However information should be discloseable to authorized parties. As mentioned, trust provides VANET security. Thus, trust establishment and maintenance for fixed infrastructure based wireless communication networks, such as cellular systems and Internet, requires a lengthy process but it is assumed to be validated for a long time. For such infrastructure based wireless systems, assuming that base stations in cellular systems or access points in WLAN trust are trustworthy, existing approaches to trust management can be applied with minor modification. In contrast, the frequently changing topology and network life-time in VANETs make trust management a challenging problem and requires considerable attention. Therefore, we focus on trust establishment in VANETs. When vehicles are within the communicating range with others, they start to interact with each other. In VANETs, each vehicle may

not be able to detect an incident since a vehicle might be looking for traffic updates which might be miles away from the incident area. In such a scenario, a vehicle has to rely on the information received from other vehicles. Without having proper mechanism for trust management, communication in VANET might be prone to security threats. Our research work in this paper checks the trustworthiness of the received message by observing the received message from a given vehicle over a given time interval and determine corresponding suspicion level and trust level for a given vehicle where the identity of drivers/vehicles are unknown. By looking at the suspicion or trust level of the given vehicle for given time period, one can easily decide whether the received message is legitimate or not. It is important to note again that the decision made based on a single instance might not be fair enough to measure the validity of the received message.

the VANET scenario where no malicious drivers are present, it is not required to use the proposed method and secure VANET against malicious drivers since the method might introduce computation overhead in the network. However, we consider that there is at least one malicious driver in a VANET among 𝑁 participating vehicles for given geographic location and individual vehicle interact and communicate with each other to get upcoming traffic updates using suitable wireless communication technologies. It is also noted that many communicating vehicles will be sending the copies of the message for comparison. In this context, legitimate vehicles will send the original messages whereas the malicious vehicles will send manipulated messages. Comparing copies of the received messages, individual vehicle can identify whether they receive the message ℋ0 or ℋ1 . Then, we define the suspicion level of a vehicle/driver 𝑖 as

III. P ROBLEM S TATEMENT FOR T RUSTWORTHY

𝜋𝑖 (𝑡) ≡ 𝑃 (𝑇𝑖 = 𝑀 ∣𝒪𝑡 )

In ad-hoc based V2V communications, as each vehicle works as a router and a destination for the received message, it is important to verify the integrity and legitimacy of the received message. Observing the single activity of message transmission by a vehicle might not be enough to treat it as malicious. Thus in order to have secure communication in VANET, where message integrity is ensured with the help of some automatic methods where the actual identity of the participating vehicles are not used or unknown. This method should also ensure the privacy and/or security of drivers while securing the VANETs.

where 𝑇𝑖 is the type of driver that could be Malicious (M) or Honest (H), and 𝒪𝑡 is the observation collected for the interval [1, t]. It is noted that if 𝑡 is high then more messages will be used to calculate the suspicion level of the given vehicle. Then, using Bayesian criterion, the suspicion level of a vehicle/driver 𝑖 can be written as

IV. P ROPOSED APPROACH We use the following analysis for malicious driver detection and to determine the trustworthiness of the received message based on suspicion and trust levels. We consider that 𝑋𝑖 (𝑡) is the message transmitted by a vehicle 𝑖 in a VANET at time slot 𝑡. We use attack probability (𝑝𝑎 ) which tells us how strong the attack is, which implies the willingness of a vehicle being an attacker in VANET. A given vehicle 𝑖 will attack the VANET with probability 𝑝𝑎 by sending manipulated information 𝑋𝑖 (𝑡) ± 𝛿 with the 𝛿 amount of extra or less amount of message with 𝑝𝑎 probability. It is worth noting that the message 𝑋𝑖 (𝑡) ± 𝛿 results in false alarm resulting in a decrease in trust of VANETs. Basically, for the transmitted message 𝑋𝑖 (𝑡), the received signal without any modification over the network is given by ℋ0 ℋ1

: :

𝑦𝑖 (𝑡) = 𝑋𝑖 (𝑡) ± 𝛿 + 𝑤𝑖 (𝑡) 𝑦𝑖 (𝑡) = 𝑋𝑖 (𝑡) + 𝑤𝑖 (𝑡)

(1)

where ℋ0 and ℋ1 , respectively, represent the manipulated and non-manipulated/original messages, and 𝑤𝑖 (𝑡) is the additive white Gaussian noise (AWGN) that corrupts the received signal. In this section, a novel method is presented to detect a malicious driver based on the received messages over a given time interval and measure the trustworthiness of the given vehicle using a probabilistic approach. It is noted that in

𝜋𝑖 (𝑡) = ∑𝑁

𝑃 (𝒪𝑡 ∣𝑇𝑖 = 𝑀 )𝑃 (𝑇𝑖 = 𝑀 )

𝑚=1

𝑃 (𝒪𝑡 ∣𝑇𝑚 = 𝑀 )𝑃 (𝑇𝑚 = 𝑀 )

(2)

(3)

Without loss of generality, we consider that any vehicle can be malicious with probability 𝑃 (𝑇𝑖 = 𝑀 ) = 𝜌. Then the equation (3) is expressed as 𝜋𝑖 (𝑡) = ∑𝑁

𝑃 (𝒪𝑡 ∣𝑇𝑖 = 𝑀 )

𝑚=1

𝑃 (𝒪𝑡 ∣𝑇𝑚 = 𝑀 )

(4)

Now, we can write 𝑃 (𝒪𝑡 ∣𝑇𝑖 = 𝑀 ) = = 𝑃 (X(𝜏 )∣𝑇𝑖 = 𝑀, 𝒪𝜏 −1 )𝑃 (𝒪𝜏 −1 ∣𝑇𝑖 = 𝑀, ) . = .. =

𝑡 ∏

𝑃 (X(𝜏 )∣𝑇𝑖 = 𝑀, 𝒪𝜏 −1 )

𝜏 =1

=

𝑡 ∏

𝜏 =1

⎡ ⎣

𝑁 ∏

𝑗=1,𝑗∕=𝑖

| =

𝑡 ∏

𝜏 =1



𝑃 (𝑋𝑗 (𝜏 )∣𝑇𝑗 = 𝐻)⎦ 𝑃 (𝑋𝑖 (𝜏 )∣𝒪𝜏 −1 ) {z

𝜌𝑖 (𝜏 )

}

𝜌𝑖 (𝜏 )

(5) Equation (5) represents the probability of reports at time slot 𝑡 conditioned that node 𝑖 is malicious.

Again it is noted that the driver with 𝑋𝑖 (𝑡) information can transmit the same information if it is not malicious (or genuine) or transmit with some extra or less information 𝑋𝑖 (𝑡) ± 𝛿 if it is malicious. Using equation (3) and (5), the suspicion level 𝜋𝑖 (𝑡) of the vehicle/driver 𝑖 can be written as 𝑡 ∏

𝜋𝑖 (𝑡) =

𝜌𝑖 (𝜏 )

𝜏 =1 𝑡 𝑁 ∑∏

(6) 𝜌𝑗 (𝜏 )

𝑗=1 𝜏 =1

It is worth noting that the suspicion level and trust level of a driver are regarded as complement/opposite characteristics, thus the trust level 𝜙ˆ𝑖 (𝑡) of a vehicle/driver 𝑖 can be computed from its suspicion level 𝜋𝑖 (𝑡) as 𝜙ˆ𝑖 (𝑡) = 1 − 𝜋𝑖 (𝑡)

(7)

This value gives the trust level of a participating vehicle/driver 𝑖. It is important to note that the vehicle with trust level closer to 1 is the legitimate one whereas the vehicle with trust level closer to 0 (or less than certain threshold value) is malicious. V. T HE A LGORITHM Based on the analysis presented above, the algorithm is stated in Algorithm 1. Algorithm 1 Malicious Driver Detection 1: Input: receive messages from 𝑁 participating vehicles over the observation period 𝑡, and take an initial threshold value 𝜆𝑇 2: repeat 3: compute trust values {𝜙ˆ𝑖 (𝑡)}𝑁 𝑖=1 4: for each vehicle 𝑖 do 5: if 𝜙ˆ𝑖 (𝑡) < 𝜆𝑇 then 6: vehicle/driver 𝑖 is untrustworthy so the message from the vehicle 𝑖 is removed from further consideration to transmit to other vehicles. 7: else 8: vehicle/driver 𝑖 is trustworthy so the message from vehicle 𝑖 is accepted, and will be considered for further transmission to other vehicles. 9: end if 10: end for 11: until message is received from other vehicles 12: Output: Trust level of vehicle/driver 𝑖 and trustworthy message of driver 𝑖. It is worth noting that the threshold value 𝜆𝑇 will be changing on the fly based on its history at each vehicle. The typical initial value of the threshold is equal to 0.5, that is, 𝜆𝑇 = 0.5.

VI. S IMULATION AND P ERFORMANCE E VALUATION In order to corroborate our theoretical findings, we have performed extensive simulations. We consider a Gaussian noise for SNR levels. We have considered the VANET scenario where the vehicles are moving on a road segment of 10 miles with a 4 lane highway. The rate of vehicles entering the road is 1 vehicle/sec/lane. Vehicles transmit some information to other vehicles so that one can easily identify whether the vehicle is performing as a trustworthy one or not. We note that each vehicles run Algorithm 1 to measure the trust level and to validate the messages. All vehicles are assumed to be equipped with communication and computing equipment so that they can communicate with their neighboring vehicles. Specifically, as the given vehicle receives a regular messages from other vehicles, it computes the trust level for the message transmitting vehicle and validates the message based on the trust level by comparing with given threshold value. In the first experiment, we have performed simulations to find the received power level for a given transmit power level and the distances used in DSRC enabled vehicles using signal propagation models presented in [19]. We also note that with the help of speed limit information, we incorporate attenuation factors during received power calculations. That is, high speed limit implies that the road is rural and low/city speed limit implies that the communicating environment is urban/city. It is worth noting that this speed limit information can be obtained with the help of positioning system such as GPS, GALILEO or GLONASS. All vehicles use transmission power within the range proposed for DSRC standard [20], [21] (that is maximum transmit power 35dBw corresponds to maximum transmission range 1000m). Figure 2 shows the variation of received power for different SNRs and distance between transmitter and receiver vehicles. As expected the received power fluctuation is higher in the case of low SNR value than that with high SNRs. Furthermore, as it is expected, with the increasing distance, the received power level decreases. In the second experiment, calculated trust levels are used for given vehicles based on the received messages for different SNR values. We consider that some vehicles act as malicious by changing some information with 𝛿 amount while they transmit the message to other vehicles. We have considered that there will be at least one malicious driver in the system. We first look at the trustworthiness of a vehicle for different SNR values. With an increasing SNR value, the corresponding trustworthiness value increases as shown in Figure 3. If the trustworthiness value is 1, a vehicle can conclude that it is communicating with a trustworthy vehicle. Furthermore, because of the interference and noise, even if the trust level is approximately equal to 1 or greater than the given threshold value 𝜆𝑇 , a vehicle can think of communicating with a legitimate vehicle. We also plot the trust levels of genuine and malicious drivers for different SNR values shown in Figure 3. We note that the trust levels for trustworthy drivers increases with increasing SNR values and reaches to 1. However, the

1 0.98 0.96 Probability of detection

Receive power (dBm)

100 60 20 −20 −60 −100 30 20 15 10 SNR (dB)

5 0 −5

0

100

200

300

400

500

600

700

800

900

0.9 0.88

0.84 0.82

Distance (m)

0

0.9

Trust levels of genuine drivers/vehicles

0.7

0.6

0.5

0.4 Trust levels of malicious drivers/vehicles 0

5

10 15 SNR (dB)

20

25

0.2

0.4 0.6 Probability of false alarm

0.8

1

Fig. 4. ROC curves for different scenarios for 𝑝𝑎 = 75% in false alarm attack environment.

period which incorporates the temporary history of the drivers. As the observation time increases, the decision will be more accurate however the time needed to make the decision will be high which might not be suitable. There should be some trade-off between the observation time and the time needed to report the decision. It is also noted that a given vehicle can make a correct decision as expected when there are a smaller number of malicious drivers present. Furthermore the correct decision will be easy for higher SNR values. We conclude this section by noting that using a probabilistic approach to measure the trust level, VANETs can be secured against malicious drivers from possible changes in message and thus we can have safer driving.

1

0.8

N=200 with no attacker N=150 with no attacker N= 100 with no attacker N=100 with 20 attackers

1000

Fig. 2. Variation of received signal power for different SNRs and distances between transmitter and receiver vehicles.

Trust level

0.92

0.86 25

0.3 −5

0.94

30

Fig. 3. Trust levels of genuine and malicious drivers for different SNR values

trust levels for untrustworthy drivers remains below 0.5 for all SNR values and are constant even for high SNR values (10dB − 30dB) as shown in Figure 3. It can be observed than one can use threshold 𝜆𝑇 = 0.5 or can adapt according to the operating environment. Figure 4 shows the Receiver Operating Characteristics (ROC) curves, which is a plot of true positive rate versus the false positive rate. By looking at the ROC in Figure 4, we note that the performance of VANETs degrades significantly even when there are less malicious drivers than the genuine drivers in vehicular communications. It is important to note that the trust level based on a single instance of a received message might mislead the decision. Thus, we have considered the decision based on an observation

VII. C ONCLUSION In this paper we have proposed a method to determine the trust levels of the communicating drivers and check the validity of received messages. Information dissemination in VANETs depends on the message received from other participating vehicles and thus each vehicle needs to verify the accuracy of the message and that the message comes from a legitimate vehicle. Based on the trust level, which uses probabilistic approach for a given observation period, a vehicle can judge the received message and decide whether the message will be considered for further transmission or not. As noted, trust, privacy, and security in VANETs for future development of intelligent transportation systems are of vital importance. This paper has provided a mechanism to measure the trustworthy levels of participating vehicles. We also found that for high SNR values the trust level is high for genuine vehicles/drivers, however the trust level is low for malicious drivers. We have presented the simulation results to support our theoretical claims.

R EFERENCES [1] D. B. Rawat and G. Yan, Infrastructures in Vehicular Communications: Status, Challenges and Perspectives. Dr. M. Watfa, Eds. IGI Global, 2010. [2] S. Olariu and M. C. Weigle, Eds., Vehicular Networks: From Theory to Practice. CRC Press / Taylor & Francis, March 2009. [3] D. B. Rawat, D. C. Popescu, G. Yan, and S. Olariu, “Enhancing VANET Performance by Joint Adaptation of Transmission Power and Contention Window Size,” 2011, in press. [4] D. B. Rawat, G. Yan, D. C. Popescu, M. C. Weigle, and S. Olariu, “Dynamic adaptation of joint transmission power and contention window in VANET,” in Proceedings of the IEEE Vehicular Technology Conference - Fall, Anchorage, Alaska, September 2009, pp. 1–5. [5] M. Raya, P. Papadimitratos, J. Hubaux, and E. de Lausanne, “Securing Vehicular Communications,” IEEE Wireless Communications, vol. 13, no. 5, pp. 8–15, 2006. [6] P. Papadimitratos, V. Gligor, and J. Hubaux, “Securing Vehicular Communications-Assumptions, Requirements, and Principles,” in Workshop on Embedded Security in Cars (ESCAR), vol. 2006, 2006. [7] M. Gerlach, A. Festag, T. Leinmuller, G. Goldacker, and C. Harsch, “Security Architecture for Vehicular Communication,” 2nd International Workshop on Intelligent Transportation – WIT 2005, 2005. [8] M. Raya and J.-P. Hubaux, “The Security of Vehicular Ad hoc Networks—,” in SASN ’05: Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks. New York, NY, USA: ACM, 2005, pp. 11–21. [9] “ Car to Car Communication Consortium (C2CCC). http://www.car-tocar.org ,” 2011.

[10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21]

“ Network on Wheels (NoW). http://www.network-on-wheels.de ,” 2011. “ PREVENT project. http://www.prevent-ip.org ,” 2011. “ DISCO Lab. http://discolab.rutgers.edu/traffic ,” 2011. “ California Partners for Advanced Transit and Highways (PATH). http://www.path.berkeley.edu ,” 2011. G. Yan, S. Olariu, and M. Weigle, “Providing VANET security through active position detection,” Computer Communications, vol. 31, no. 12, pp. 2883–2897, 2008. F. Dotzer, “Privacy Issues in Vehicular Ad hoc Networks,” in Privacy Enhancing Technologies, 2005, pp. 197–209. A. R. Beresford and F. Stajano, “Mix Zones: User Privacy in Locationaware Services,” in PERCOMW 2004, Washington, DC, USA, 2004, p. 127. P. Golle, D. Greene, and J. Staddon, “Detecting and Correcting Malicious Data in VANETs,” in Vehicular Ad hoc Network 2004 –VANET’04, New York, NY, USA, 2004, pp. 29–37. J. Serna, J. Luna, and M. Medina, “Geolocation-Based Trust for Vanet’s Privacy,” in Fourth International Conference on Information Assurance and Security, 2008. ISIAS’08, 2008, pp. 287–290. T. Rappaport, Wireless Communications: Principles and Practice. Prentice Hall PTR New Jersey, 2002. R. Sengupta and Q. Xu, “DSRC for Safety Systems,” vol. 10, no. 4. California PATH – Partners for Advanced Transit and Highways, 2004, pp. 2–5. “ Vehicle Safety Communications Project Task 3 Final Report: Identify Intelligent Vehicle Safety Applications Enabled by DSRC,” Vehicle Safety Communications Consortium consisting of BMW, DaimlerChrysler, Ford, GM, Nissian, Toyota, and VW.