SECloud Lab

Giovanni Gambigliani Zoccoli

Ph. D. Student

Department of Engineering "Enzo Ferrari"
University of Modena and Reggio Emilia
Via Vivarelli, 10
41125 - Modena, Italy
Tel.: +39 0592056273
E-mail: giovanni.gambiglianizoccoli[AT]unimore.it
PGP Key: 0x50A976BA70F7A9FB

Curriculum Vitae: Ita

RESEARCH INTERESTS

Automotive Cyber-Security
Misbehaviour Detection in C-ITS

Publications

Conferences

Gambigliani Zoccoli, G.; Stabili, D.; Marchetti, M.

Are VANETs pseudonyms effective? An experimental evaluation of pseudonym tracking in adversarial scenario

98th IEEE Vehicular Technology Conference, VTC 2023-Fall

Abstract

With the increasing adoption of Vehicular Ad Hoc Networks (VANETs) for the development of Cooperative Intelligent Transportation Systems (C-ITS) many concerns regarding privacy and anonymity in VANETs have been raised by security researchers and practitioners, highlighting the need for effective mechanisms to protect sensitive information exchanged by connected vehicles. One of the first concerns is related to the vehicle's identifier, a field contained in the messages sent from the vehicle and that can be used to track the vehicle across the infrastructure, with consequent severe implications on the privacy of the driver. Consequently, VANET communications leverage short-lived pseudonyms instead of persistent vehicle's identifiers, aiming to enhance the privacy of the vehicle. Pseudonym change schemes proposed in the literature are effective in masking the real sender of a given message, but they do not guarantee privacy against attackers that can monitor and correlate multiple messages among themselves. This paper evaluates 5 different pseudonym change mechanisms against a realistic threat model. Our results demonstrate that it is possible for a realistic attacker to reliably track multiple vehicles, with minor differences across different pseudonym change schemes.

Year: 2023 | Pages: n/a - 6

ISSN: 1550-2252 | DOI: 10.1109/VTC2023-Fall60731.2023.10333561

Zoccoli, G. G.; Pollicino, F.; Stabili, D.; Marchetti, M.

SixPack v2: enhancing SixPack to avoid last generation misbehavior detectors in VANETs

21st IEEE International Symposium on Network Computing and Applications, NCA 2022

Abstract

This paper proposes SixPack v2, an enhanced version of the SixPack attack that allows to evade even state-of-the-art misbehavior detection systems. As the original SixPack, SixPack v2 is a dynamic attack targeting other C-ITS entities by simulating the sudden activation of the braking system with consequent activation of the Anti-lock Braking System. SixPack v2 achieves better evasion by improving the main phases of the attack (FakeBrake, Recovery, and Rejoin) through a novel path-reconstruction algorithm that generates a more realistic representation of the real vehicle trajectory. We experimentally evaluate the evasion capabilities of SixPack v2 using the F2MD framework on the LuSTMini city scenario, and we compared the detection performance of the F2MD framework on both versions of SixPack. Results show that SixPack v2 evades detection with a significantly higher likelihood with respect to the initial version of the attack, even against the latest version of F2MD.

Year: 2022 | Pages: 243 - 249

ISBN: 979-8-3503-9730-7 | DOI: 10.1109/NCA57778.2022.10013565