Beyond the Dolev-Yao Model: Realistic Application-Specific Attacker Models for Applications Using Vehicular Communication

In recent time, the standards for Vehicular Ad-hoc Networks (VANETs) and Intelligent Transportation Systems (ITSs) matured and scientific and industry interest is high especially as autonomous driving gets a lot of media attention. Autonomous driving and other assistance systems for cars make heavy use of VANETs to exchange information.They may provide more comfort, security and safety for drivers. However, it is of crucial importance for the user’s trust in these assistance systems that they could not be influenced by malicious users. VANETs are likely attack vectors for such malicious users, hence applicationspecific security requirements must be considered during the design of applications using VANETs. In literature, many attacks on vehicular communication have been described but attacks on specific vehicular networking applications are often missing. This paper fills in this gap by describing standardized vehicular networking applications, defining and extending previous attacker models, and using the resulting new models to characterize the possible attackers interested in the specific vehicular networking application. The attacker models presented in this paper hopefully provide great benefit for the scientific community and industry as they allow to compare security evaluations of different works, characterize attackers, their intentions and help to plan application-specific security controls for vehicular networking applications. Keywords–security; attacker model; VANET; V2X; ITS.