A risk and security assessment of VANET availability using attack tree concept

The challenging nature of insecure wireless channels and the open-access environment make the protection of vehicular ad hoc network (VANET) a particularly critical issue. Robust approaches to protect this network's security and privacy against attacks need to be improved, trying to achieve an adequate level, to secure the confidential information of drivers and passengers. Accordingly, to improve the security of VANET, it is necessary to carry out a risk assessment, in order to evaluate the risk this network is facing. This paper focuses on the security threats in VANET, particularly on the availability of this network. We propose a novel risk assessment approach to evaluate the risk of the attack against VANET availability. We adopt a tree structure called attack-tree to model the attacker's potential attack strategies. Based on this attack-tree, we can estimate the probability that a specific menace might lead against VANET and detect potential attack sequences that an attacker could launch against VANET availability. Then, we utilize the utility multi-attribute theory to measure the total risk value of the system, including the probabilities of each sequence of attack. The analysis results of the study will help decision-makers take effective precautions to prevent attack on this network’s availability.