Abstract—VANET are networks comprising of a collection of vehicles and elements of roadside structure linked with each other without requiring any infrastructure, sending and receiving information of current traffic situation. These are used for the communication among the mobile vehicles. Vehicular Ad hoc Networks (VANETs) aim to achieve communication between vehicles to enhance road safety and driver’s comfort. In a VANET communication between vehicles occurs with the adjacent infrastructure by exchange of critical information like traffic accidents, sharp turns, or traffic jams. But with new infrastructure and technology comes various challenges and one of the most important challenges in VANETs is the security aspect of it. Malicious vehicles can disrupt the network performance by performing some security attack. There are various ways in which the network can be exploited to perform unethical operations. In this paper we have surveyed about Sybil Attack, GPS spoofing, Black Hole and Denial Of Service(DOS), and have tried to provide a study on prevention and research solutions of these attacks. Keywords—Vehicular Ad Hoc Network VANET, security, Sybil, Black Hole, GPS Spoofing, Denial Of Service I. INTRODUCTIONThe rapid growth of vehicles on road has made driving unsafe and more accident prone than ever. So, the existing transportation system and vehicle infrastructure needs development and improvement for ensuring better safety and efficiency. Thus, Vehicular Ad Hoc Network or VANET is being developed. VANET enables vehicles to communicate over a network. VANETs consist of On-Boar Units (OBUs), Roadside Units (RSUs) 1. For communication between OBUs and RSUs a Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication modes have been developed. The application of VANETs include route optimization, collision prevention, weather forecasting and many online services. Dedicated Short Range Communication (DSRC) is a standard which has emerged to support IEEE 802.11 in communication between vehicles 2. 75 MHz of DSRC spectrum at 5.9 GHz has been allocated by FCC to be used for VANETs communication. An IEEE P1609 working group has proposed DSRC as IEEE 802.11p standard which states specification for wireless Medium Access Control (MAC) layer and physical layer for Wireless Access in Vehicular Environment (WAVE) as stated in.In this paper, in the first section we have discussed about various security threats to the VANET. In the second section, we have elaborated on various measures through which we can prevent Sybil attacks, GPS-spoofing, Black Hole attack and Denial of Service attack.VANET Security RequirementsThe following are the requirements for VANETsData Integrity and Authentication: The transferred message should be checked by the vehicle if the data received is correct or not as the reaction of vehicles will be based on the, messages received.Privacy and Confidentiality of Data: The communications between vehicles should be encrypted to ensure privacy.Vehicle Anonymity: The location of vehicle should be secret and should only be accessed by the allowed vehicles for routing of path.Information Availability: Vehicles should be able to access data given by remote nodes and should be capable of sending information to other nodes in a network at any given time.Non-Repudiation of Data: Data senders deny their identity and this misleads to traffic accidents and error in communication of nodes.Extensibility: This refers to the ability of VANET to accept an increasing number of vehicles which increases complexity and reduces network’s performance 5.Imposture: Transmission of false information would lead to wrong reactions in the network.Event Data Recording (EDR): Like Black Boxes in planes, EDR here can be used in case of accidents and mishap that might occur in the vehicle.VANET Security ChallengesThe features of VANET impose some security threats and as vehicles are private property and a major part of privacy it is necessary to look in these matter 6-11.Dynamic Network: The vehicles are constantly moving thus the network formed by vehicles only last for a few moments unless they are stationary which might lead to long lived VANET networks.Privacy of Individual: In case of any incident vehicle information should be available for investigation purposes. So, the privacy of the individual whose vehicle it belongs has to be protected and should be accessible to the respective authorities only.Sensitivity of Delay in Application: VANET application would have some delay in their operations for processing various things like routing application and traffic monitoring so it is necessary to count in the delay between these operations for smother operations with small overheads.Network Extensibility: Many vehicles would be there in a VANET network, so, the ability of the network to readily give encryption keys and keeping all data confidential and safe. This has led to extensive studies, so that VANETs can scale for any change in number of communicating vehicles.Diverseness: VANET consists of various vehicles with different components like different GPS modules and other components which might be used for other VANET applications. The network should be able to work even in such a diverse network like this.Wireless Connection: VANETS depend on wireless communication between vehicles in V2V and V2R. Security for all the nodes has to be assured for privacy and confidentiality.Multi-Hop Communication: VANET heavily depends on the messages received from the nodes and the road side units. Behaviors between vehicles has to be monitored for any misleading vehicle which should be isolated.Security Attacks in VANETThe following are the threats to a VANET system.Black Hole Attack: In a network when a node refuses to participate or an existing node drops out. When all the traffic is redirected to a node that doesn’t exist at all then the data will be lost. A possible solution to it is to redirect the traffic to a new node. This increases the number of variables associated with message transfer like delay and cost of service.Malware: Malwares and viruses have a big potential to create disruption in a VANET network. This type of attack would be usually carried out by an insider than an outsider.Spamming: Spam messages create increased transmission latency in VANETs. This would increase risk during critical moments.Selfish Driver: Selfish drivers might create wrong messages misleading other drivers. They may also take up large amount of resources illegally. All vehicles need to follow a specific set of protocols.Malicious Attacker: The attacker would use the applications available in the network to cause damage. They may even cause damage to specific targetDenial of Service: The main aim of this attack is to overwhelm the node so much that the node cannot perform additional tasks.Masquerading and Sybil Attack: In Masquerading the attacker assumes and pretends as another vehicle, using false identities and can be motivated to use malicious methods like message replay and DoS attacks to disrupt the network. In Sybil Attack this the attacker creates several false vehicles and tells the network that there are hundreds of vehicles ahead and forcing there’s to take an alternate route.GPS Spoofing: GPS devices track the location of the device. The attacker might fool the other vehicles by showing wrong coordinates and locations. This will result in wrong routing routes in the VANET.Message Tampering: Any node can change the data that is being transmitted thus disrupting the communication between the other nodes. This way critical traffic messages like accidents and other safety messages will not be transmitted.Disclosure of Identification: This discloses the identity of all the vehicles in the network and tracks the path of the node which it targets. The virus hits the node and it takes the ID of the target node and its location as well.II. SECURITY ATTACKS AND PREVENTION TECHNIQUESI. SYBIL ATTACKSybil attacks were introduced in context of P2P networks by Douceur. Most VANET based applications like accident warnings, hazard notification, routing systems need the cooperation of vehicles. For this reason, Sybil attack is particularly harmful as it violates the basic assumptions of the VANET research. In this, a node sends many messages to various nodes in the network and all the messages contain an alternate created source personality in a manner so that the originator is not known. The main intent of the attacker is to send wrong messages to the nodes. Multiple messages contain different source of fabricated identity sent by attacker. Sybil attacks are identity based attacks, so, then the attacker creates multiple identities on the road by using wrong messages with the same identity and illusions of traffic jam positions. Thus, creating havoc. To detect the attack there are various methods, and we have listed a few below.Timestamp Series: This approach 13 is mainly targeted to the initial deployment of VANET where there will not be many vehicles to handle in the network. The timestamp approach does not need vehicular-based public-key infrastructure and internet accessible RSUs, therefore, making it an economically viable solution. In this Timestamp Series approach vehicles get a certified timestamp by the RSUs whenever they pass from a nearby RSU. This technique exploits spatial and temporal correlation between the RSUs and vehicles. There is a slim chance of two cars having the same timestamp and based on this Sybil attack can be detected. In this approach, we don’t need dedicated vehicular public key infrastructure for individual vehicles and additional setup but only basic roadside unit. Due to the dynamic nature of vehicles in VANET, the Sybil attack can be detected if messages have same timestamp. Diffe-Hellman Key Algorithm: The Diffe-Hellman key algorithm monitors and gives the secret key to the vehicle to detect the attack. This algorithm gives the secret key to the vehicle to reach the correct destination in VANETs. By using the Diffe-Hellman key algorithm 14 the RSU gives the secret code to the vehicle in the source itself. When the key gets matched the vehicle reaches its destination. The algorithm creates a shared security-key than can be used for secret communication and message delivering. The destination and the source RSU assigns the secret key for the vehicle to prevent attackers. With this approach, the data efficiency and transmission both are achieved securely and efficiently. Fixed Key Infrastructure: It is a cryptographic method 15 to detect Sybil attack. This method has low delay for detection of Sybil attack as most of the important operations are done in Certification Authority. Fixed-Key infrastructure is implemented in different phases. In phase 1, each vehicle in a group is assigned with an authentication key before any message transmission. Receivers verify the authenticity of a member by signature verification. This is achieved by receiving and comparing the encryption function with the authentication message and the result is compared to the signature. In phase 2, as RSUs don’t have a private key of CA so the RSU cannot decrypt the message, it sends a request to CA to decrypt the OBU-ID.in phase 3, as CA don’t have private key of vehicle, therefore, a request private key of vehicle is send to CA. In phase 4, the key authentication is checked and if it doesn’t match then it detects a Sybil Attack.The problem with this approach is that, if nodes move to other rejoins, detection of Sybil attack isn’t performed properly.Fail-Stop Signature: This method 16 uses one-one communication rather than broadcast, and, therefore, the complexity of message is reduced. In this each node communicates by passing messages and none of them have global information of system. Sending and receiving of messages is done asynchronous way and all decisions are made by local information. Each node has a partial neighbor information in local view for message exchange and constructing local view can be done by peer sampling service 17. Each node talks with the nearest node in push and pull mode. In this the node communicates with the neighboring nodes with push-pull message exchange. Two data structures are used to detect Sybil Attacks, that is, sybilNodes for the first phase and conflictCheck for the second phase is required. In every round the checkSybil() is run on every node to check if it exists in sybilNodes. After this checking process, it proceeds to the second checking phase. The checkConflict() function is done in the second phase to detect Sybil nodes. If no Sybil nodes are found then the algorithm is not launched, thus, the complexity of the method is directly proportional to the number of Sybil nodes detected.Hybrid Framework: In this an algorithm is proposed which isolates Sybil Attacks in the network 19. The node communicates with the RSU and the RSU assigns an Identification Number to each node, this number is stored and is used further used for verification. Then when the identification number matches to the number in the RSU then only further communication takes place between the nodes. If the identification number doesn’t match then the node is isolated from the network and no communication from isolation the node is further processed.Extended Genetic Algorithm: Genetic Algorithm is a search method that relies on natural selection and genetic principles and which determines an optimal solution for hard issues 18. This method has a two-phase approach, where the first phase is route discovery and the second phase is the route reply algorithm. In the first phase, we start we Dijkstra Algorithm and determine the fitness function f(x) for managing the integrity of each chromosome x in the population. Now we run the process of selection, crossover and mutation between two selected chromosomes and we continue doing this until we find the optimum path. After we find the optimum path phase 2 is initiated and the route reply is initialized, the reply is stored in the cache until the end. Finally, the destination ode creates a Route Reply packet and adds these two routes in it and sends the Route Reply Packet for the source code.Trust Management Model: This model works on comparing the similarities between two nodes and based on this a direct trust value is computed for each vehicle 20. This model has a two-phase method. The first phase develops message trustworthy model and in second phase the proposed similarity mining algorithm is utilized for repeaters and messages. The first step is to design a trust management model. In the second step in trust management model, similarity mining approach will be applied for estimating the similarity between the reports of two nodes, based on which, a direct trust value is computed for each vehicle. In third step a majority voting algorithm is applied to verify the critical messages from the vehicles based on the estimated direct trust value and the decision of vehicles. Lastly, to defend against Sybil attacks, a revocation check technique is applied followed by a tracing and revocation mechanism.II. GPS-SPOOFINGThe GPS satellite maintains a location table of the nodes with their geographic location and identity. An attacker tinkers with these locations. Thus, the attacker might create a node with incorrect GPS coordinates and this would lead to creation of wrong routes in the network. This is possible by the use of GPS satellite simulator by generating coordinates. There are various measures through which GPS-spoofing can be resolved, we discuss some of them here.Secure Location Verification: Secure Location Verification uses 21 distance bounding, plausibility checks and ellipse-based location estimation to check if the claimed location of the vehicle. This method is executed in three steps, firstly, the RF- based distance bounding technique is used to find the minimum distance between the verifier and prover. As the RF signals travels at a speed of light, this prevents the attacker from reducing the measured distance by calculating the time of flight of challenge-response messages. Now the attacker can only cheat by going further away because if there is any reduce in distance then it will be detected. Second step, after messages have been received a plausibility check is run in sequence to verify the location claim, these checks are acceptable transmission range, acceptable speed limit, and roadway map. Lastly, the third step, if the node passed all plausibility checks then a common neighbor is chosen and the location of node is estimated by an ellipse.Secure Position-Based Routing: We use cryptographic primitives and plausibility checks 22 to achieve Position Based Routing. A Certification Authority issues public keys and certificates to vehicles. Each received packet is passed through various checks such as packet’s time and location fields. If it fails even one then the node is discarded and if it passes all then the message is validated cryptographically. In this, digital signatures are used on hop-by-hop and end-to-end basis thus providing data integrity and non-repudiation. Plausibility checks are performed to check if the location of node is legitimate.Multiantenna Spoofing Discrimination: In this 23 technique the phase difference between two fixed antennae is observed for one hour. To discriminate the spoofing signals, we know the bearing of the antenna and the trajectory of the satellite, the theoretical phase difference can be calculated and be compared to the practical phase difference, thus, detecting any anomaly. The drawback of this approach is that it has a delay of 1 hour for discrimination of spoofing signals.III. BLACK-HOLE ATTACKIn a Black-Hole attack a node refuses to participate or an existing node drops out. Thus resulting in data loss and losing the route of message travel as well. There are mainly two types of Black-Hole attacks, firstly, Internal Black Hole Attack where a node might try to insert itself between the path of a destination and a source and then become an active node, secondly, External Black Hole Attack, in this attack the node is not present in the network and can deny the access to the network. There are various methods through which this attack can be prevented, some of them are as follows.Fidelity Table: Every participant in the network is given a readability measure and stored in “Fidelity Table” 24. The source node transmits a RREQ to its neighboring nodes and waits for a “TIMER” seconds to gather replies, RREP. The selection of is node is based on the following criteria. Firstly, all the nodes which receive RREP, their fidelity and hop count is checked. If the routes have same fidelity then their hop-counts are compared and the one with the least hope count is selected. Secondly, the fidelity rating of each node is based on their faithful participation in the network. When the data packets are received, an acknowledgment is send to the source, thus the fidelity rating is updated on that basis.Neighborhood based Routing Recovery Scheme: The technique 25 uses neighborhood based method to detect black-hole attacks. It identifies unconfirmed nodes and source node sends a Modify_Route_Entry control packet to the node which is in destination to renew routing paths. In this method, not only does it have a low detection time and high throughput but also the detection probability is accurate.Next Hop Information Scheme: This technique comprises of two parts detection and reaction 25. Firstly, the field_next_hop is added to RREP packet. Then. before the packet is send the RREP packet is examined between the intermediate and the destination node, Every node is assigned a black_identification_number and is maintained in black identification (BIT), then the packet modified count is updated by tracking the BIT from their neighborhoods. If the node behaves correctly, the corresponding count value updates. The, a malicious node can be found out if the number of receiving packets is different from sending packets. Secondly, we isolate the black hole and thus each node has an isolation table(IT) which stores the black hole ID. This ID is broadcasted to all the nodes in the network thus eliminating the malicious node from participating in the network.IV. DENIAL OF SERVICE(DOS)In this attack, a malicious node spoofs its own Internet Protocol(IP) in order to disrupt the proper working of data transfer between moving vehicles. 26 The main purpose is to prevent the attacker node from accessing the network services and stop it from over utilizing resources. The attack may result in overutilization of nodes thus making them tired and causing disruption in flow of information among nodes and network. Then the nodes will not be available to legitimate users. There are mainly three levels of DOS attacks:Basic Level-Overwhelm the Node Resources: In this DOS attack, the nodes are overwhelmed so much that they are not able to perform other tasks. The node becomes continuously busy and utilizes all the resources to check the messages. Extended Level-Jamming the Channel: In this level the attacker jams the channel and does not lets the user to access the network.Distributed Denial of Service (DDOS): These are the most severe attacks as the attack is in a distributed form and is dispersed in the network. In this the attacker launches attack from different locations.Some of the possible DoS prevention techniques are as follows.Channel Switching: Dedicates Short-range Communications (DSRC) gives multiple channels for transmission and the range for transmission is between 5.850GHz-5.924GHz. The DSRC spectrum provides with seven channel, each channel of 10MHz and the data rate transfer is up to 27Mbps. CH172 and CH184 are channels which are used for safety applications. CH174, CH176 and CH180 and CH182 are used for non-safety applications. CH178 is assigned as control channel which is used for several applications. Whenever an attacker jams anyone of the channels then there is a option to jump to other channels, thus denying DoS attack.Technology Switching: There are several number of communication technologies which are used to work with VANET. So when a DoS attack is performed on one technology then we switch to another technology without disrupting the flow of information. If the DoS attack is of low intensity then change to a low range technology and if attack is large then we switch to cellular technology.Multiple Radio Transceivers: OBUs can have multiple transceivers for transmitting and receiving messages by applying MIMO design principle 26. If there is a DoS attack then there is a option to move from one transceiver to another, therefore eliminating total network collapse. This frequency hopping takes advantage of the DSRC channels to attain secure transmission and gain network availability.III. OPEN RESEARCH AREAS IN SECURITYThere has been constant research in VANET security still many developments have to be still made. Many DoS attacks still need to be investigated. Current routing protocols are still very vulnerable. Cryptography is used in intra node communication which relies on secure key management. It is mainly based on Certificate Authority (CA) which is a security weak point in VANET as it creates a single point of failure. Symmetric cryptography is efficient but it is vulnerable to attacks on key distribution This is the reason this is still a field of research. Assigning location to vehicular nodes using routing protocols such as GSR or GOAFR. GPS is used for determination of location. Additionally, a trusted node or center which can provide communication to other nodes can be used as well. Securing positioning scheme should be considered and used in a way that spoofing and jamming is not possible. Data integrity is an important aspect of VANETs as the whole communication of all nodes and various application is heavily dependent on it. So a mechanism has to be maintained such that it can handle many nodes and their data efficiently and safely.IV. CONCLUSIONSVANTE is an infrastructure-less network consisting multiple mobile entities that are constantly communicating with each other. In this survey, we have overviewed various VANETs security threats and problems.