Applications using dedicated short-range communication (DSRC) are being developed to prevent automobile accidents. Many DSRC implementations, applications, and network stacks are not mature. They have not been adequately tested and verified. This study illustrates security evaluation of a DSRC wireless application in vehicular environments (DSRC/WAVE) protocol implementation. We set up a simulation of a working road side unit (RSU) on real DSRC devices. Our experiments work on the Cohda testbed with DSRC application wsm-channel. We extended the functionality of wsm-channel, an implementation of WAVE short message protocol (WSMP) for broadcasting GPS data in vehicular communications, to broadcast car information, and RSU instructions. Next, we performed Denial of Service attacks to determine how few packets need to be dropped to cause automobile crashes. Hidden Markov Models (HMM) are constructed using sniffed side channel information since operational packets would be encrypted. The inferred HMM tracks the protocol status over time. To test HMM’s ability to predict which packets will be dropped, we used a simulation-based experiment and implemented a DSRC-supported stop light application. Using these simulations, we were able to show that we could accurately identify the packets we needed to drop by using timing and packet size side channels. The attack simulation using inter-packet delay side-channel features worked best to drop necessary packets with a 2.5 % false positive rate (FPR) while the attack using a packet size side-channel worked with a 9.5% FPR.

• Final Report
• Technology Transfer Report
• Report Data