A blockchain-based architecture for secure vehicular Named Data Networks☆
Graphical abstract
Introduction
In Vehicular Ad-Hoc Network (VANET), a huge amount of information is exchanged between vehicles and the infrastructure aiming at improving driving and human safety. This information can vary from public to personal and sensitive data. On the other hand, the use of the Internet Protocol (IP) in a vehicular network is extremely challenging. For instance, the high mobility of vehicles, poor quality of wireless, and quick changes in network topology affect the content delivery and Quality of Service (QoS) [1]. Moreover, security and privacy is another major challenge in VANETs [2]. In contrast to generic Internet, attacks in VANET may have dire consequences because they directly involve human lives. Indeed, threats such as fake messages may not only compromise drivers’ private information but also cause vandalism and waste network resources by affecting communication and hence-forth leading to accidents. To mitigate such attacks, service and application providers must incorporate trust management, authentication mechanisms, resiliency, and real-time message at the network level.
In order to overcome these and other issues in the current communication model, Information-Centric Networking (ICN) [3] has been introduced as a novel communication model for the future Internet. ICN uses the name of the content as the building block for communication instead of the host address. In particular, the content name is used in most ICN functionalities such as routing, forwarding, security, and in-network caching.
Under the concept of ICN, different architectures have been implemented such as Named Data Networking (NDN) [4]. NDN is an active ICN project that uses hierarchical names to identify content in the network. In NDN, a unique name is associated with each content. Also, the use of a content-based security paradigm allows NDN to secure the content itself rather than the communication channel. This will guarantee security at the packet level, and protect user privacy by appending the signature and trust model at the network level. Besides, the in-network caching feature aims at enhancing the overall network performance and improve the QoS. NDN uses human-readable hierarchically names instead of IP addresses in order to forward and deliver content. NDN follows a request-response model and implements two types of packets [5]. Interest packet: as a form of a request to get content, and a Data packet: as a response for the Interest packet. Interest packet is triggered by a consumer asking for content by specifying its name, every router forwards the content request based on its name until reaching the original content producer or a replica node, then a Data packet that carries the content along with its name is delivered back to consumer(s) using the reverse symmetric path of Interest. Any NDN node can cache the content and serve it for future requests with the possibility to aggregate the same Interest [6]. Each NDN node uses three tables during the forwarding: Content Store (CS) in order to cache and store the content, Pending Interest Table (PIT) that used to keep trace of Interests, and Forwarding Interest Table (FIB) used to route the Interest packets.
Applying NDN on top VANET has several advantages [1]. By using the in-network caching feature, NDN simplifies the mobility support in VANETs by allowing vehicles to retrieve content from the most convenient cache-store or by re-issuing any unsatisfied or lost requests during the mobility. Also, NDN provides security at the packet level coupled with how/where data is received rather than securing the communication channel. However, applying a transparent and border-less caching at the network level may raise critical issues in terms of data security, user privacy, and copyrights. By allowing any node to cache content and serve it for future demands. A malicious user may use this build-in design to launch attacks at the cache-store such as Interest flooding attack, content poisoning attack, cache poisoning/pollution attack, etc. Moreover, any malicious node can act as a trusted node and serve invalid and unlimited Interest packets in order to start Denial of Service attack. Hence, congest the network, exhaust the node’s memory, change the cache distribution, decrease the QoS, and affect the data/user privacy. Therefore, the NDN layer should tackle these attacks at the network level, by validating the requested content name, allowing only valid content to be cached and served, and allowing only valid Interest to be served from trusted vehicles.
To overcome the aforementioned issues, we recommend using Blockchain technology as a secure plane for vehicular named network (VNDN) communication. Indeed, Blockchain has different advantages that make it a strong candidate to provide a secure platform for today’s networks and applications. The first advantage is that Blockchain provides a decentralized and distributed network that allows all nodes to participate in the communication without the need for any centralized entity, the second advantage is that Blockchain uses several cryptographic puzzles that are hard to be solved and changed over time.
Motivated by the advantages of Blockchain, we design a reputation-based Blockchain scheme for data forwarding and content caching in NDN-based vehicular networks. In this paper, we further complement our previous work [7] by designing a secure Blockchain-based Interest forwarding scheme and a reputation-based Blockchain caching placement strategy. The Blockchain is used as a decentralized network that stores the reputation of each vehicle and cache-store. These reputation values are increased and decreased according to the served Interest from the node and content from the cache-store. Indeed, Blockchain allows a secure transition of reputation value, and hence no one is allowed to change it over time. We also design a lightweight secure neighbor discovery protocol in order to provide a secure with less-overhead neighbor vehicle discovery process. The proposed scheme allows only valid Interest packets to be forwarded upstream, and only trust content will be cached and delivered back to consumers. We also evaluate the proposed schemes using ndnSIM. The obtained results show an outperformance of our solution.
The remainder of this paper is organized as follows. Section 2 reviews the Blockchain technology and the existing solutions in VANET. Section 3 presents an overview of the security and the trust in NDN over the vehicle environment. The proposed scheme is detailed in Section 4, we detail the system model, network architecture, and explain different processes for Interest forwarding and data caching. Section 5 provides the implementation details and evaluation results. Finally, Section 6 concludes the paper.
Section snippets
Blockchain overview
Blockchain [8] is a distributed peer-to-peer network that has been initially created to perform digital cryptocurrency Bitcoin. Recently, Blockchain provides other services to several applications such as banking, healthcare, supply chain, Internet of Things, and 5G networks [9].
The Blockchain is a collection of blocks that include different information and data. It can be seen as an open ledger to all network entities with the fact that anyone can consult the data and extremely hard to change
Security and trust in vehicular NDN
NDN is a new receiver-driven paradigm that follows the content-oriented concept rather than the connectivity with the host provider. Various research efforts attempt to integrate NDN on top of VANET in order to improve the scalability, reliability, and provide a secure network [1]. However, numerous security issues have not yet been solved in VANET due to the high mobility of vehicles, unbounded network control, as well as the sensitive time that applications require. In addition, NDN still has
BC-VNDN: Blockchain-based architecture for secure VNDN
From named vehicle networks perspective, any vehicle can start an attack by sending a storm of Interest packets to affect the service availability or decrease the QoS. These Interest packets contain names for an already existing or non-existing content. Packets with the existing content are forwarded via the decision of FIB table (prefix-based lookup mechanism), while the non-existing names – represent a non-valid content (virtual, non-existing data) or names for dynamic content that may be
Implementation and evaluation
We evaluated the proposed schemes BC-VNDN on top of ndnSIM [21], which is an NS3-based simulator for NDN. We also used Simulation of Urban Mobility (SUMO) [22] in order to generate mobility traces of maps that we have taken from the OpenStreetMap [23]. In addition, we used Python to analyze the trace files generated by ndnSIM. Simulation has been done on Intel Core 5 Duo CPU at 2.4 GHz, with 8 GB DDR3 SDRAM.
In the simulation, we consider all of Interest and Data forwarding as well as the cache
Conclusion
Secure content forwarding and data caching are extremely important in future Internet architectures. This paper explored the integration of Blockchain technology in Vehicular Named Data Network to secure the communication plane, data delivery, and content caching at the network level rather than the application. In particular, we proposed a reputation-based Blockchain scheme in order to enforce the trust between vehicles, secure both the Interest forwarding process and data forwarding plane,
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper: “A Blockchain-based Architecture for Secure Vehicular Named Data Networks”.
Acknowledgments
This work was supported by the National 242 Project under Grant No. 2017A149.
Hakima Khelifi is currently pursuing a Ph.D. degree in Information and Communication Engineering from Beijing Institute of Technology, Beijing, China. Her current research interest includes Next-Generation Networking and Internet, and Vehicular Ad Hoc Networks. She received the Best Paper Award of the IEEE GLOBECOM in 2018, and the Excellent Student Award at the Beijing Institute of Technology in 2017–18 and 2018–19.
References (23)
- et al.
A survey of internet of things communication using ICN: a use case perspective
Comput Commun
(2019) - et al.
Towards a novel cache replacement strategy for named data networking based on software defined networking
Comput Electr Eng
(2018) - et al.
Blockchain based secure data sharing system for Internet of vehicles: a position paper
Veh Commun
(2019) - et al.
InterestFence: simple but efficient way to counter interest flooding attack
Comput Secur
(2020) - et al.
Optimized in-network authentication against pollution attacks in software-defined-named data networking
J Inf Secur Appl
(2020) - et al.
Named data networking in vehicular ad hoc networks: state-of-the-art and challenges
IEEE Commun Surv Tutor
(2019) - et al.
Security and privacy issues in vehicular named data networks: an overview
Mob Inf Syst
(2018) - et al.
Named data networking (NDN) project
Technical Report NDN-0001
(2010) - et al.
NNCP: a named data network control protocol for IoT applications
Proceedings of the IEEE conference on standards for communications and networking (CSCN)
(2018) - et al.
Reputation-based Blockchain for secure NDN caching in vehicular networks
Proceedings of the IEEE conference on standards for communications and networking (CSCN)
(2018)
A survey of blockchain technology applied to smart cities: research issues and challenges
IEEE Commun Surv Tutor
Cited by (42)
An attribute-encryption-based cross-chain model in urban internet of vehicles
2024, Computers and Electrical EngineeringBlockchain for unmanned underwater drones: Research issues, challenges, trends and future directions
2023, Journal of Network and Computer ApplicationsSmart contract-based caching and data transaction optimization in mobile edge computing
2022, Knowledge-Based SystemsCitation Excerpt :In this framework, providers and encrypted block hashes can be cached in edge computing service providers. As shown in Table 1, (1) Refs. [17–23] focus on caching in mobile edge computing environment, with the main goal to improve content caching hit rate as well as content download latency, but ignore the security of cached content and user privacy protection; (2) Refs. [24,25] emphasize on the profit of content providers when studying the data transaction problem of cached content in blockchain environment, with the primary objective is to achieve high caching efficiency as well as to maximize profits, but ignores the Quality of Service(QoS) of content caching services in a blockchain environment; (3) Refs. [26–30] focus on the problem of caching in a combined blockchain and mobile edge computing environment. The main goals are to protect user privacy and security and to improve the performance of user sharing-based caching, but ignore the response time of the caching server, and the transmission delay of the requested content.
Design and implementation of NDN-based Ethereum blockchain
2022, Journal of Network and Computer ApplicationsCitation Excerpt :The blockchain technology is utilized as a decentralized database for recording the transactions. Other applications includes PKI system (Lou et al., 2018), securing NDN vehicular networks (Khelifi et al., 2020), cache poisoning defense and access control (Lei et al., 2020). For a comprehensive review of the blockchain use cases in ICN, please refer to Asaf et al. (2020).
Business Innovation based on artificial intelligence and Blockchain technology
2022, Information Processing and ManagementCitation Excerpt :It can promote a wider range of other developments and the use of AI (Filimonau & Naumova, 2020; Wang, Huang, Hsu & Yang, 2016). Artificial intelligence means machinery which has historically been designed to execute intellectual tasks (Khelifi et al., 2020). Blockchain is a decentralized computer network that records and stores data in a transparent and immutable ledger system, displaying an event sequence (Amin, Faragallah & El-Latif, 2010; Kaur, Garg, Kaddoum, Ahmed & Atiquzzaman, 2019).
Futuristic blockchain based scalable and cost-effective 5G vehicular network architecture
2021, Vehicular Communications
Hakima Khelifi is currently pursuing a Ph.D. degree in Information and Communication Engineering from Beijing Institute of Technology, Beijing, China. Her current research interest includes Next-Generation Networking and Internet, and Vehicular Ad Hoc Networks. She received the Best Paper Award of the IEEE GLOBECOM in 2018, and the Excellent Student Award at the Beijing Institute of Technology in 2017–18 and 2018–19.
Senlin Luo is currently a Deputy Director, Laboratory Director, and Professor of Information System and Security Countermeasures Experimental Center, Beijing Institute of Technology. His current research interests include Machine Learning, Medical Data Mining, and Information Security.
Boubakr Nour is a Ph.D. scholar at Beijing Institute of Technology, Beijing, China. His work focuses on next-generation networking and Internet. He is recipient of best paper award for IEEE GLOBECOM (2018), and the Excellent Student Award at Beijing Institute of Technology in 2016, 2017, and 2018 consecutively.
Hassine Moungla is an Associate Professor at the University of Paris Descartes and a member of the Paris Descartes Computer Science Laboratory (LIPADE). His research interests lie in the field of Wireless Area Body Networking for medical and health applications, Wireless Sensor Networking, QoS in WSN, Middleware for 5G Mobile and Sensor Networks.
Syed Hassan Ahmed is currently working at JMA Wireless as a Product Specialist for Distributed Antenna System (DAS), CBRS, Small Cell, and virtualized RAN product line. Previously, he was an Assistant Professor in the Department of Computer Science at Georgia Southern University, USA.
Mohsen Guizani is currently a Professor at the CSE Department in Qatar University. He is the author of nine books and more than 500 publications in refereed journals and conferences. He received the 2017 IEEE Communications Society WTC Recognition Award as well as the 2018 AdHoc Technical Committee Recognition Award.
- ☆
This paper is for CAEE special section SI-icsa. Reviews processed and recommended for publication to the Editor-in-Chief by Associate Editor Dr. Debiao He.