| The Internet of Vehicles(IoV)has achieved a full range of network connections between vehicles and everything with the rapid development of mobile communication technology,Internet of Things technology and information technology,becoming a new industry that integrates industries such as automotive,electronics,information communications,and road transportation.As a new technology,the Internet of Vehicles not only brings people a more comfortable and safer traffic environment,but also has important significance for improving traffic efficiency,reducing pollution,and reducing the incidence of accidents.At present,the mainstream communication technologies in the world are DSRC and C-V2X.IoV is a complex system,which integrates a variety of communication technologies such as VANET,cellular network,and multi-access edge computing.There are many types of IoV applications,and different types of applications have different requirements for latency and reliability.This paper starts with the security threats faced by the Internet of Vehicles,analyzes the security threats in communications,terminals,platforms and other aspects,and summarizes the network security strategies inside and outside the vehicle.At present,the Internet of Vehicles security system of all countries in the world adopts the PKI-based scheme,and its core is the certificate management system.This paper analyzes the basic structure of the certificate management system,that is certificate authority(CA),including root CA,registered CA,anonymous CA and other multi-level CA,which manage the application,issuance,use and revocation of related certificates.In addition,in order to ensure the requirements of interconnection and interoperability,a mutual trust mechanism needs to be established between different certificate management systems.Based on the study of Internet of Vehicles at home and abroad,this paper analyzes the format of certificates and signatures in the IEEE 1609.2 standard and calculates the proportion of bandwidth occupied by different types of certificates and signatures.It can be seen that certificates and signatures occupy higher bandwidth resources,which will cause some problems:in the special cases of traffic congestion or bad communication environment,the transmission of certificates and signatures will affect the efficiency of V2X communication and may cause traffic accidents.And the Internet of Vehicles system' s demand for communication efficiency is increasing with the development of new technologies such as 5G and autonomous driving,which requires a more efficient security mechanism.Therefore,methods on the basis of the current solutions to reduce the overhead of certificates and signatures are of great significance for the development of vehicle safety and Internet of Vehicles technology.These new services have higher and higher requirements for communication performance,and security occupies higher overhead with the continuous development of Internet of Vehicles services such as autonomous driving.Therefore,reducing security overhead and increasing communication performance are particularly important.In view of the above problem that certificates and signatures occupy more communication resources,this paper proposes a physical layer authentication model based on channel characteristics in V2X environment.This model is based on Sage-Husa adaptive Kalman filter algorithm,which automatically updates system noise and authentication threshold.This paper selects CSI and RSSI,and designs a physical layer authentication scheme based on the model.This scheme can replace the digital signatures in the authentication process and effectively improve the available channel capacity.According to the experimental results,the influence of the filtering algorithm on the authentication scheme and the factors affecting the authentication threshold are analyzed.Then we compare our work with the scheme based on the mean and the scheme based on the deep neural network,from the accuracy rate,false alarm rate,missed detection rate three,and analyze the advantages and disadvantages of these schemes.Adaptive Kalman filtering can reduce the fluctuation of observations and lay the foundation for subsequent authentication schemes.The selection of the threshold is a game process:the game between the success rate of a single authentication and the probability that the receiver misidentifies the illegal sender.In addition,the threshold is affected by many aspects such as measurement methods,device accuracy,and communication environment,and the communication environment has a greater impact on the threshold.The physical layer authentication scheme proposed in this paper changes the existing Internet of Vehicles security scheme less and improves the effective channel capacity.Due to the time-varying nature of the channel,this authentication scheme can prevent malicious attackers from stealing legitimate user identities and effectively improve the security of communications.On the basis of the above study,this paper expands the characteristics for authentication,including the characteristics of communication devices and the characteristics of high-speed changing channels,and introduces the movement state of the vehicle to assist in authentication.In this paper,a V2X authentication model based on physical layer characteristics is proposed,and iterative model and threshold model are refined based on Kalman filter algorithm.The iterative model mainly realizes the a priori and a posteriori estimation of the current time based on the physical layer characteristics of the previous time,which provides the basis for the entire authentication process.The threshold model analyzes the mathematical characteristics of the a priori estimation in Kalman filtering,and summarizes the calculation method of the authentication threshold.Since the traditional Kalman filter algorithm can only be used for linear discrete data,this paper introduces extended Kalman filter and unscented Kalman filter to extend the characteristics used for authentication to non-linearity.At the same time,iterative model and threshold model are improved according to the core ideas of these two algorithms.In terms of security and performance,we compare the proposed schemes with the conventional V2X authentication scheme and physical layer authentication scheme,and the effects of these schemes are analyzed by experiment.We used three characteristics:RSSI,the distance between the two vehicles,and the relative speed between the two vehicles.The process and effect of the extended Kalman filter and the unscented Kalman filter,the authentication process and effect,and the factors that affect the threshold are analyzed.It can be seen from the experiment that the authentication scheme based on extended Kalman filter and unscented Kalman filter can effectively take the responsibility of identity authentication in the V2X environment,and have high security level and low overhead,which can reduce the consumption of communication resources by security.At present,the IoV technology is still in the research and verification stage.The traffic safety and information security issues brought about by its technology application have not been verified,so testing is an important part of the IoV.This paper introduces the test system,and analyzes the test purpose,system architecture,advantages and disadvantages of the corresponding test system from three aspects of consistency,function,and performance.The abstract test system is a test framework for the Internet of Vehicles formulated by some standard organizations.It only describes the most basic architecture system and the goals and functions of each part,and does not specify the specific design,implementation,and software and hardware equipment.Developers can design and develop test systems on the basis of abstract test systems based on their own existing conditions and capabilities.Protocol consistency is the foundation of IoV communication,and consistency testing can ensure the interconnection between vehicles.The function test can determine that the application can trigger and make reasonable actions in different scenarios to ensure the reliability and effectiveness of the connected vehicle application.The performance test can verify the effect of basic network communication and further determine whether the performance of network communication can support IoV applications.Then this paper analyzes the test methods such as gateway testing,penetration testing,accelerated testing,and field testing.The gateway testing is a means to ensure the correct operation of the vehicle gateway,so it can meet the needs of Internet of Vehicles security.Penetration testing is a method of simulating a malicious attacker to test the network security of the target system.It is an important step in the development of a connected vehicle system.Accelerated testing can solve the problem of slow testing process and effectively reduce the cost and time of the vehicle reliability verification process.Before the Internet of Vehicles and its applications are officially promoted and used,they must undergo field testing and large-scale demonstration operations.Field testing requires a large number of basic network facilities and transportation facilities,test vehicles,testers,etc.,so how to effectively reduce test overhead especially important.Finally,this paper combines the advantages of multiple test methods,and proposes an end-to-end test system that combines a virtual environment and a real environment.The test objects can be application functions,protocol consistency,communication performance,or other types.The proposed testing system included three major parts:scenarios,communication and application.This system can undertake the testing task of the entire protocol stack and effectively reduce the cost of testing. |
PDF Full Text Request