Vehicle to vehicle, or V2V, communication has been proposed as a way of enabling a distributed traffic information system through propagation of sensor data directly between vehicles. Such a system is referred to as a Vehicular Ad-hoc Network, or VANET. The standard protocol for V2V communication has been previously defined as 802.11p, which has a range of approximately 300 meters and is designed to function properly at high speeds \cite{hiertz_ieee_2010}. VANET’s open up vehicles to a number of specialized attacks, particularly those which aim to reduce network integrity or take advantage of a vehicle’s individual communications ability.
Distributed networks are vulnerable to attacks on the integrity of the network itself. One such attack method is the distributed denial of service (DDoS) attack. In the general case, a DDoS attack is carried out by flooding a particular server or sub-network with more traffic than the server or routing software can handle, causing software failure and denying service to the affected individual, institution, or region \cite{garip_congestion_2015}. In the context of a VANET, a DDoS attack would make use of compromised autonomous vehicles to disrupt the congestion control system and prevent traffic from flowing optimally, or at all, in a targeted region \cite{garip_congestion_2015}.
This attack relies on autonomous vehicles to have been previously infected with malicious code, which is demonstrated in other work \cite{garip_congestion_2015}. Once enough vehicles are infected, they are made to provide false traffic information suggesting that certain routes are overly congested, which encourages the routing scheduler to choose a particular route or set of routes for many vehicles. By also sending out insincere data from the targeted route suggesting it is more clear than it actually is, and spoofing the time stamps to help prioritize that data, the attack could effectively fool the scheduler into crippling a targeted region. In a possible future scenario where most or all vehicles are autonomous, this could lead to significant economic and safety concerns: workers would be unable to get to their shifts on time, emergency responders might be unable to reach an accident or crime scene, or a particular driver could be physically attacked while immobilized.
A number of mitigation strategies might be pursued. The first is improving authentication schemes, such as with a key system as described in 4.1.1 and \cite{bin_key_2013}. This would allow a more explicit mechanism to disregard vehicles that are found to be bad actors. Unfortunately, a DDoS could be carried out without bringing great attention to individual actors, so long as the attackers are willing to accept a slower response time and less efficacy \cite{garip_congestion_2015}. In addition to authentication and a means to ignore known bad actors, such a congestion control scheme should make use of cloud-based or V2I congestion control mechanisms. These data are provided by Google using cellular data; while cloud-based systems suffer from slow response time, their data would be a valuable source from which to establish a group and truth to identify outliers in the VANET and ultimatelyignore bad actors.