A distributed detection and prevention scheme from malicious nodes in vehicular networks

Summary Vehicular environments still remain vulnerable to various potential attacks because of continuous interactions and information exchange between vehicles despite the deployment of authentication techniques by communication standards. Therefore, an authenticated node with a certificate could initiate an attack while complying with implemented protocols. Some mechanisms were proposed to enhance communication technologies, but none of them was able to anticipate nodes' behavior. They also mismanage oscillating vehicles, because they evict them automatically after misbehaving. In this paper, we propose a preventive mechanism, namely, Intrusion Prevention and Detection System (IPDS), able to predict vehicles behavior. This mechanism is based on a Kalman filter to predict the future vehicles' behavior and classify them into three categories (white, gray, and black) based on their expected trustworthiness. The main concerns of this work are to prevent from various attacks, namely, DoS, false alert, and Sybil, and deal with oscillating vehicles. Therefore, IPDS treats these latter in a different way where they are introduced into a gray list and used for routing purposes until they persist in their attacks. Simulations performed using ns3 simulator highlight IPDS accuracy regarding the detection rate of malicious nodes and its good impact on the network applications performances. Copyright © 2016 John Wiley & Sons, Ltd.