A Secure Privacy-Preserving System for SDN-Based VANET Using the AES-ECDH Algorithm

A Software-Defined Network (SDN)-based Vehicular Ad Hoc Network (VANET) plays a crucial role in Intelligent Transport Systems (ITS) by enhancing road safety for drivers and vehicles through the periodic exchange of messages and data related to traffic, vehicle status, and weather conditions. Additionally, it offers entertainment services for passengers. However, SDN-based VANETs face security challenges, particularly in the central control unit, making them vulnerable to Distributed Denial-of-Service (DDoS) attacks, which can disrupt the entire network. Moreover, due to the programmability of SDN infrastructure, injection attacks can manipulate traffic or generate false crisis events. The network is also susceptible to various cyber threats, including man-in-the-middle (MITM), tracking, and replay attacks, necessitating robust security measures. Several security frameworks have been proposed to mitigate these risks, but many authentication mechanisms suffer from high computational and communication costs or provide protection against specific attacks while remaining ineffective against others. To address these limitations, we introduce a hybrid security framework integrating an authentication system between the trusted authority (TA), lead vehicle (LV), and other vehicles, along with an intrusion detection system (IDS). The authentication process involves key generation by the TA, mutual authentication between the TA and LV, as well as between the LV and other vehicles, while ensuring secure encryption using the AES-ECDH algorithm. To enhance security further, the proposed IDS utilises Fuzzy C-Means clustering to detect malicious activities and network threats. Performance analysis demonstrates that our approach effectively improves security, privacy, and efficiency while maintaining a low computational overhead, outperforming existing solutions.