Privacy-Preserving Data Forwarding in VANETs: A Personal-Social Behavior Based Approach

Transcription

1 Privacy-Preserving Data Forwarding in VANETs: A Personal-Social Behavior Based Approach Jianbing Ni, Xiaodong Lin, and Xuemin (Sherman) Shen Department of Electrical and Computer Engineering, University of Waterloo, Canada Department of Physics and Computer Science, Wilfrid Laurier University, Canada {j25ni, sshen}@uwaterloo.ca, xlin@wlu.ca Abstract Vehicular communications enable a variety of applications to improve road safety, driving experience, and traffic management. Many of these applications require data to be routed through multiple hops until they reach to the destination. Unfortunately, due to highly dynamic driving patterns of vehicles, it is challenging to achieve effective and time-sensitive data forwarding in vehicular ad hoc networks (VANETs). Both social-based and trajectory-assisted data forwarding strategies have been proposed to improve packet delivery performance in VANETs. The former reaches limited data delivery ratio and the latter leaks location privacy of drivers. In this paper, we propose a privacy-preserving data forwarding protocol based on personal-social behaviors of drivers to achieve highly reliable transmissions and privacy preservation for drivers in VANETs. Specifically, by observing the phenomenon that vehicles regularly visit some social spots, such as shopping malls, museums and busy intersections, we can obtain the personal-social behaviors of drivers. Based on these behaviors, the messages can be delivered to roadside units (RSUs) at the social spots frequently visited by vehicles. Later, once a vehicle visits the social spots, it can successfully retrieve the messages destined for it from the RSUs anonymously. In addition, the identities of senders are conditionally preserved and the personal-social behaviors of drivers are protected against a global adversary. Performance evaluation demonstrates its efficiency in terms of high delivery ratio and low average delay. I. INTRODUCTION Vehicular Ad Hoc Network (VANET) is a particular type of Mobile Ad Hoc Network (MANET) that enables communications between nearby vehicles to not only improve road safety but also provide various value-added infotainment services on the road [1]. Typically, in VANETs, each vehicle is equipped with an Onboard Unit (OBU) communication device to allow vehicles to exchange data with each other, i.e., vehicle-to-vehicle (V2V) communication, and with roadside units (RSUs), i.e., vehicle-to-infrastructure (V2I) communication. Compared with traditional MANET, the hybrid of V2V and V2I communications makes VANET promising to improve intelligent transportation systems [2]. VANET serves as a general platform to develop vehicle-centric applications. It is able to provide assistance in finding restaurants or gas stations, broadcast traffic-related messages to give drivers a heads up, and improve the emergency awareness for drivers through vehicular communications. To enable a variety of vehicular applications for safety and improve the performance of current transportation systems, the information exchange between vehicles and stationary RSUs is critical. Some applications, such as emergency braking warning, traffic conditions sharing, and value-added advertisement, can be supported by the data forwarding through vehicular communications [3]. Unfortunately, end-to-end path between vehicles may not exist as the vehicles are constantly moving with high speed, and the network topology is changing frequently. Therefore, all network nodes, including vehicles and RSUs, are required to store, carry and deliver messages on behalf of intermediate nodes in an opportunistic way, also called opportunistic data forwarding. Recently, many opportunistic data forwarding protocols [4], [5], [6], [7] have been applied in VANET environment to achieve targeted packet routing. These protocols sacrifice the location privacy of drivers since they assume that the sender has the knowledge about the destination of the vehicle. Once a driver is willing to keep its location private, these protocols cannot work well. To improve the performance of data forwarding, some protocols [8], [9] consider that vehicles frequently visit some social spots, such as shopping malls, bus terminals, plazas, and busy intersections in a city environment. They use the RSUs deployed at these social spots to forward and deliver messages to the OBUs on vehicles. As for drivers privacy, these protocols utilize opportunistic forwarding to ensure that messages will eventually reach the vehicles without disclosing their locations and leverage pseudonyms to protect the identity privacy. Nevertheless, it is hard to ensure the vehicles can obtain the messages in existing social-based data forwarding mechanisms in timely manner, if it rarely visits these public social spots maintaining its data. Despite dynamics of traffic flow, the driving routes of a specific vehicle relatively static, indicating that the vehicle may frequently and regularly visit several social spots or drive through busy intersections. For example, a driver visits Sobeys to buy food on every weekend, and drives through a gas station or busy intersection around 8:30am on weekdays. According to the mobility patterns of vehicles, it is possible to obtain personal-social behaviors, which can be used to improve data delivery ratio for social-based data forwarding. However, the personal-social behaviors are sensitive information for drivers. If they are exposed, any one can predict the trajectory or living habits of drivers [10]. Therefore, it is necessary to protect the personal-social behaviors for drivers in VANETs. In this paper, we propose a novel privacy-preserving data forwarding protocol (IsPride) based on social behaviors to

2 achieve high reliable transmission in VANETs. Most significantly, the proposed scheme includes personal-social behaviors to address the limitation of existing social-based data forwarding protocols on data delivery ratio and average delay. It is characterized by disseminating messages to the RSUs frequently visited by vehicles to improve the data delivery performance without leaking the privacy of drivers. Specifically, the main contributions of our paper are as follows: The drivers in a city often drive vehicles to visit several social spots during a week, i.e., shopping malls, busy intersections and supermarkets. Usually, they have their regular patterns of personal-social behaviors to visit these social spots. Therefore, based on these personal-social behaviors, the messages can be delivered to the storagerich RSUs deployed at the social spots frequently visited by the vehicles, and the OBUs on vehicles retrieve their messages when they access these social spots. Thus, it is feasible to use personal-social behaviors to improve the data delivery ratio for data forwarding in VANETs. IsPride achieves conditional privacy preservation for drivers by means of anonymous credentials. Specifically, an authenticated vehicle anonymously sends messages to a vehicle, and the OBU on the vehicle retrieves its messages without exposing its location, identity or personalsocial behaviors to a global adversary. Meanwhile, a trusted authority can trace the identity of a misbehaving vehicle, for example, a vehicle sends a dummy message. The remainder of the paper is organised as follows. We first define the system model, threat model and design goals in section II. Then, we describe the IsPride protocol in section III and discuss its security in section IV, followed by the performance evaluation in section V. Finally, we review related work in section VI and conclude our paper in section VII. II. PROBLEM STATEMENT In this section, we formalize system models, including node model, personal-social behavior based network model, and threat model on vehicles privacy. Then, we identify the design goals. A. Node Model Node model consists of three entities: The cloud, RSUs, and vehicles, each kind of which has unique functionalities, as shown in Fig. 1. The Cloud: The cloud connects the RSUs to collect and maintain personal-social behaviors of drivers. It assists RSUs to deliver messages based on the personal-social behaviors of drivers to achieve reliable data forwarding in VANETs. RSUs: Each RSU is stationary and has large storage space. It can communicate with each other and interact with the OBUs on the vehicles in its coverage area. Once deployed at some social spot, a RSU receives messages from vehicles, stores and delivers these messages to target vehicles. Due to the cost on deployment, it is impractical to erect RSUs at all places. Therefore, only a few number Fig. 1. Node model of RSUs will be place at some critical social spots and busy interactions. Vehicles: Apart from the mobility, each vehicle is e- quipped with an OBU to communicate with the nearby vehicles and the driving-through RSUs. The OBU is resource-constrained, i.e., buffer constraints. It is feasible to establish a store-carry-forward data forwarding protocol to assist other vehicles to deliver messages. In general, a vehicle node will assist to forward packets if it has sufficient storage space. B. Personal-Social Behavior based Network Model Consider a large number of vehicles V = {V 1, V 2,, V n } moving around a city following shortest-path routing algorithms and a set of RSUs R = {R 1, R 2,, R m } are deployed at social spots S = {S 1, S 2,, S m } in a city based on some strategies, such as social-based RSUs deployment strategy [8], to build the communications between vehicles, i.e., to collect, forward and deliver messages to vehicles. Each vehicle V i V frequently and regularly visits some social spots or drive through busy intersections. For example, a driver visits Walmart in every Sunday morning to buy food for the next week, and on weekdays, it drives through an intersection around 8:30am and is at the plaza to have lunch from 12:00pm to 1:00pm. Based on these information, it is possible to generate the personal-social behaviors of V i. As shown in Fig. 2, several RSUs that a vehicle frequently drives through near its house can form a graph of personalsocial behaviors. Furthermore, the probability that a vehicle V i V appears at a social spot S j S in a time period can be obtained from its personal-social behaviors. In addition, according to the personal-social behaviors of vehicles, new RSUs can be deployed at the social spots that vehicles frequently drive through or visit. The integration of social-based deployed RSUs and personal-social behavior based deployed RSUs can significantly improve the data delivery ratio for data forwarding. Meanwhile, the cost on the deployment of RSUs can be much less than that on complete RSU deployment in VANETs.

3 Fig. 2. C. Threat Model Illustration of Personal-Social Behaviors in VANETs The goal of an adversary is to corrupt a driver s privacy or learn the content of messages that the vehicle sends to others. To achieve this goal, the global adversary eavesdrops full traffic information of the whole VANET and captures forwarding messages between any two nodes, but it cannot learn the internal information maintained in these nodes. A passive adversary may launch the following attacks to invade drivers privacy. Message Analysis Attacks: An adversary tries to identify the identity of the sender through message analysis, i.e., analyse the content to learn the sender. Message Tracing Attacks: An adversary wiretaps on communication channels to learn the transmission of a target message, such that it can know the sender and destined vehicle of the message. In addition, the cloud may honestly provide the services of personal-social behaviors collection and maintenance, but be curious on the personal-social behaviors of a specific driver. D. Design Goals Under the above models, our design goal is to develop a personal-social behaviors based privacy-preserving data forwarding protocol in VANETs. Specifically, the following three objectives will be achieved. Data Forwarding with High Reliability: In VANETs, the contacting opportunity of vehicles is low, such that the data delivery ratio is low if a vehicle is willing to send messages to another. To prevent the degradation of the overall performance, personal-social behaviors should be considered when the RSUs help forwarding the messages. Since the RSUs have the capability of data storage, they can temporarily maintain the messages and contact vehicles to deliver them to the OBUs on destined vehicles. With the personal-social behaviors of drivers, the messages can be maintained on the RSUs that the vehicles frequently drive through. As a result, the message delivery ratio can be improved. Protection of Personal-Social Behaviors: To prevent malicious adversaries, curious RSUs or the cloud to invade the privacy of a target driver, its personal-social behaviors should be hidden when they are maintained on the cloud. If this information would be disclosed to untrusted entities, the data forwarding in VANETs cannot be widely accepted by the public. Therefore, it is important to keep the personal-social behaviors in private for wide acceptance to the public. Conditional Identity Privacy Preservation: Due to the existence of malicious vehicles who may send dummy messages to others, absolute privacy preservation is not recommended. To ensure the privacy preservation of honest vehicles and the tracing of misbehaving vehicles, conditional privacy preservation is expected. In specific, an honest vehicle can send or receive messages without exposing its identity; once a vehicle sends dummy messages, a trusted authority (TA) is able to recover its identity and punish it under the applicable law. III. PROPOSED ISPRIDE PROTOCOL In this section, we describe the proposed IsPride protocol consisting of three phases: System Setup, Data Forwarding and Data Retrieving. Before delving into the details of the IsPride protocol, we first review the PS group signature, which is the basis of the IsPride protocol. A. PS Group Signature The PS group signature [11] can be used to achieve the conditional privacy preservation for group authentication. Concretely, it is composed of five parts: GSetup, GJoin, GSign, GVerify, and GOpen. GSetup: Given a security parameter κ, (G 1, G 2, G T ) are a set of cyclic groups with the same prime p. ê : G 1 G 2 G T is a bilinear map of type 3. G 1 is set to be G 1 /{1 G1 }. The group manager randomly chooses g G 1, ĝ G 2, (x 0, x 1 ) Z 2 p, and generates X 0 = ĝ x 0, and X 1 = ĝ x 1. The group public key is gpk = (ĝ, X 0, X 1 ) and the group secret key is gsk = (x 0, x 1 ) GJoin: To join the group, U first picks a random value u Z p to compute U = g u, Û = X 1 u and sends (U, Û) to the group manager, along with a zero-knowledge proof PK = {(u) : U = g u Û = X 1 u }. The latter verifies the validity of PK and the equation ê(u, X? 1 ) = ê(g, Û). If both hold, it randomly picks v Z p to compute σ = (σ 1, σ 2 ) = (g v, (g x 0 U x 1 ) v ). Finally, the group manager keeps (U, U, PK, Û) and sends σ to U. GSign: To sign m, U randomly chooses k 1, k 2 Z 2 p to compute σ 1 = σ k1 1, σ 2 = σ k1 2 and c = H(σ 1, σ 2, ê(σ 1, X 1 ) k 2, m), where H is a hash function. U also generates τ = k 2 + cu and outputs (σ 1, σ 2, c, τ) as the group signature on m. GVerify: To verify (σ 1, σ 2, c, τ), a verifier computes R = ê(σ 1, X 0 ) c ê(σ 2, ĝ) c ê(σ 1, X 1 ) τ and checks whether c = H(σ 1, σ 2, R, m). If yes, the verifier outputs 1, otherwise, outputs 0.

4 GOpen: To open (σ 1, σ 2, c, τ), the group manager tests for all entries (U, U, PK, Û) whether ê(σ 2, ĝ)ê(σ 1, X 0 ) 1 = ê(σ 1, Û) until he gets a match. B. Description of IsPride Protocol 1) System Setup: According to the system requirements, the whole system is bootstrapped in the following steps: The TA uses GSetup to generate the system parameters params = {p, G 1, G 2, G T, g, ĝ, H, H 0, H 1 }, in which H 0 : G 1 {0, 1} κ and H 1 : {0, 1} G 2 are two cryptographic hash functions. gpk is the public key of TA and gsk is the secret key. AES.Enc and AES.Dec are the encryption and decryption algorithms of advanced encryption standard (AES). The TA acts as the group manager to run GSetup and GJoin with the OBU on each vehicle V i V to generate the anonymous credential σ i for V i. V i also randomly chooses vsk i Z p as the secret key and computes vpk i = g vsk i as the public key. The public key vpk i is associated with the vehicle V i attested with a certificate issued by the TA. The key pair (vsk i, vpk i ) is maintained on the secure clip of the OBU to prevent attackers from learning vsk i, along with the credential σ i. An RSU R j located at a social spot S j S picks a random rsk j Z p as the secret key and computes rpk j = g rskj as the public key. Note that the public key rpk j is associated with the social spot S j attested with a certificate issued by the TA. The cloud records and maintains the personal-social behaviors of each vehicle V i V. When V i passes by or arrives a social spot S j, the OBU connects the RSU R j and sends its identity information to the R j as follows: The OBU on V i randomly chooses t ij Z p and uses vsk i to compute T ij = (T ij1, T ij2 ) = (H 1 (vpk i ) t ij vsk i, g t ij ) (1) and sends the record T ij to R j. After receiving T ij, R j sends (T ij, rpk j ) to the cloud, and the latter keeps (T ij, rpk j ). 2) Data Forwarding: Suppose a vehicle V s wants to send a sensitive message m destined to a vehicle V d. Since V s only knows the public key of V d, that is, vpk d, it has to forward the sensitive message m to the social spots that V d frequently visits. To fulfill such sensitive packet forwarding m in VANETs, we design the following steps: V s first picks a random value K s G 1 to encrypt the message m as C s = AES.Enc(H 0 (K s ), vpk s m)). V s also randomly chooses r s Z p to compute C s1 = vpk r s d, C s2 = K s g r s. Then, V s randomly chooses w s Z p to generate E s1 = H 1 (vpk d ) ws, E s2 = vpk ws d. After that, V s uses its credential σ s to generate the group signature (σ s1, σ s2, c s, τ s ) on (C s, C s1, C s2, E s1, E s2 ) by performing GSign. It is worth pointing out that (E s1, E s2 ) is used to achieve the data forwarding from V s to V d without disclosing V d s public key vpk d. When a passing-by vehicle V r with the public key vpk r is willing to help forwarding the message, V s sends (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) to V r. V r first verifies the validity of the group signature by executing GVerify. If it is valid, V r further checks whether it is the destination of this message by using vpk r to check ê(vpk r, E s1 )? = ê(e s2, H 1 (vpk r )). (2) If (2) holds, V r learns that it is the destination of m and decrypts (C s, C s1, C s2 ) using its secret key to obtain m. Otherwise, V r carries (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) for a period of time and delivers them to the driving-through RSU R r. After receiving (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) from V r, R r first verifies the validity of the group signature by executing GVerify. If it is valid, R r further checks whether the target vehicle V d ever appeared at the social spot S r by verifying the following equation ê(e s2, T ir1 )? = ê(t ir2, E s1 ) (3) for each record of personal-social behaviors generated by V i. If there is a record T i r satisfies (3), V i is the destined vehicle V d and it may appear in social spot S r in the future. Thus, R r keeps (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) to wait the visit of V i. In addition, it forwards (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) to the cloud. The cloud maintains the personal-social behaviors for all vehicles in a certain region. When the cloud receives (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) from R r, it first verifies the validity of the group signature by executing GVerify. If it is valid, the cloud further uses each record of personal-social behaviors T ij generated by V i at the social spot S j to test whether ê(e s2, T ij1 )? = ê(t ij2, E s1 ) (4) holds or not. If a record T i j succeeds (4), V i is the destination of this message and the cloud forwards (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) to R j. R j verifies the validity of the group signature by executing GVerify and keeps (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ). Through the data forwarding of passing-by vehicles, RSUs and the cloud, the message m reaches the last RSU R d that V d has a high probability to connect based on V d s personal-social behavior. R d keeps (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) and delivers to V d to wait the visit of V d. 3) Data Retrieving: When the destined vehicle V d drives through or arrives S d, it sends its identity information as follows: V d picks a random value t dd Z p and uses its secret key vsk d to compute T dd = (T dd1, T dd2 ) = (H 1 (vpk d ) t dd vsk d, g t dd ). V d sends T dd to R d as usual. R d checks whether this vehicle V d is a destination node of a kept message by verifying the following equation ê(e s2, T dd1 )? = ê(t dd2, E s1 ). (5)

5 If (5) holds, V d is the target vehicle of (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) and R d forwards them to V d. V d verifies the validity of the group signature (σ s1, σ s2, c s, τ s ) by executing GVerify. If it is valid, V d uses its secret key vsk d to decrypt (C s, C s1, C s2 ) as K s = C k2 C vsk d k1 and vpk s m = AES.Dec(H 0 (K s), C s ). To recover the identity of the sender V s, the TA can execute GOpen to obtain V s s public key vpk s. IV. SECURITY DISCUSSION In this section, we discuss the security of the proposed IsPride protocol. Specifically, we concern two problems, i.e., how IsPride achieves the privacy preservation of the sender V s against message analysis attacks, and how IsPride ensures that the destined vehicle V d can retrieve its messages without exposing its privacy, including the identity and the personalsocial behaviors, against message tracing attacks. Privacy Preservation of Senders: To preserve the identities of senders in IsPride protocol, we utilize the PS group signature to achieve the anonymous authentication for senders. Each vehicle V i V is required to register at the TA by performing GJoin and obtains an anonymous credential σ i, which is used to authenticate to RSUs without disclosing its identity. When a sender V s sends a message to the destined vehicle V d, it randomizes σ i to generate the authenticate message (σ s1, σ s2, c s, τ s ). Any verifier can learn the availability of V s by verifying (σ s1, σ s2, c s, τ s ), but it cannot know any knowledge about the identity of V s. The security of V s s privacy-preserving authentication depends on the unforgeability and anonymity of PS group signature. Concretely, since the unforgeability of PS group signature, no attacker can pretend an honest vehicle to send malicious messages without being detected. An attacker cannot learn the identity of V s from the messages (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ) as the anonymous credential σ s has been randomized to be (σ s1, σ s2, c s, τ s ). In addition, (C s, C s1, C s2, E s1, E s2 ) would expose nothing about the sender as (C s, C s1, C s2 ) is AES ciphertext of (vpk s, m) and (E s1, E s2 ) do not contain V s s public key. Therefore, even an attacker is able to capture and analyze (C s, C s1, C s2, E s1, E s2, σ s1, σ s2, c s, τ s ), it cannot invade V s s privacy as long as the PS group signature is secure, whose security has been proved in [11]. Privacy Preservation of Destined Vehicles: In IsPride protocol, we should ensure that the destined vehicles can receive their messages sent by senders without disclosing their identities. To achieve anonymous data forwarding, (E s1, E s2 ) are constructed to enable V r and RSU r to discover the destined vehicle of m through the match of (E s1, E s2 ) and (T d1, T d2 ). To compute (E s1, E s2 ), a random value w s is utilized to hide V d s public key. Thus, it is impossible for an attacker to know the destination of m, but V r and RSU r can determine whether the target vehicle is the destination of m or not. Of cause, a curious attacker can find the destined vehicle V d by using guessing attacks, in which the attacker picks the public key of any V i to test whether the equation (2) holds or not, until a public key can succeed the equation (2). Since there are so TABLE I RUNNING TIME OF ENTITIES IN ISPRIDE (UNIT: MILLISECOND) Phases V s Relay V r RSU R r RSU R d V d Data Forwarding Data Retrieving Data Delivery Ratio Spring IsPride Time (Hour) (a) Data Delivery Ratio Fig. 3. Average Delay (Min) Spring IsPride Number of Vehicles (b) Average Delay Comparison on Delivery Ratio and Average Delay many public keys issued by TA, it is impossible for the attacker to test the success of equation (2) using the issued public keys one by one to find the destined vehicle of a target message. Even the attacker learns the identity of the destined vehicle, it still cannot learn the content of the message. In addition, we also preserve the identities of vehicles when they report their personal-social behaviors. Specifically, the public key of the reporting vehicle vpk i is encapsulated into (T ij1, T ij2 ) with a random value t ij. It is difficult to learn the identity of the vehicle V i from (T ij1, T ij2 ). Although the RSU R j or the cloud can know that there is a vehicle to visit the social spot S j, it is unable to link this behavior to a specific vehicle. Therefore, the privacy of vehicles can be well preserved in the IsPride protocol. V. PERFORMANCE EVALUATION We evaluate the computational overhead by implementing the proposed IsPride protocol on a notebook with Intel Core i5-4200u CPU and the clock rate is 2.29GHz and the memory is 4.00 GB. We use a version of MIRACL library to implement number-theoretic based methods of cryptography. The Ate pairing is utilized to realize the bilinear pairing operation and the elliptic curve is chosen with a base field size of 512 bits. The size of the parameter p is 160 bits. The running time of each entity in Data Forwarding and Data Retrieving phases is shown in Table 1. We also simulate vehicular networks to compare IsPride and Spring [8] in terms of data delivery ratio and average delay. The simulation setting is the same as that in Spring [8]. The Spring is a social-based data forwarding protocol, in which the social-based deployed RSUs assist to relay the data for vehicles. Fig. 2(a) shows the comparison results on data delivery ratio between IsPride and Spring. The simulation is run for 10 hours and the delivery ratio varies with the period from 1 hour to 10 hours. The data delivery ratio in IsPride is higher than that in Spring. The reason is that the messages are temporarily maintained on the RSUs that the destined vehicles might visit. Thus, the probability that the destined

6 vehicles miss their messages is reduced. Fig. 2(b) depicts the average delay in different data forwarding approaches, socialbased data forwarding in Spring and personal-social behavior based data forwarding in IsPride. From the figure, we can see the average delay in IsPride is lower than that in Spring. The reason is that the the cloud has the knowledge about the trajectory of vehicles and the messages are delivered to the RSUs that the vehicles may visit, such that the vehicles can retrieve them in lower delay. VI. RELATED WORK To achieve data delivery for moving vehicles in VANETs, several data forwarding protocols have been proposed by utilizing the hybrid of V2V and V2I communications. Zhao and Cao [4] utilized predictable vehicle mobility to propose vehicle-assisted data delivery protocols to forward the messages from sources to destinations. Nzouonta et al. [5] leveraged real-time vehicular traffic information to determine the paths of data forwarding and proposed a geographical data forwarding protocol between intersections on the path to reduce the sensitivity of prorogating path. Wu et al. [6] investigated on strong spatiotemporal regularity of vehicles to develop accurate trajectory predictions by utilizing multi-order Markov chains for improving message delivery probability in VANETs. Consequently, Wu et al. [7] proposed a distributed algorithm by characterizing packet delivery probability as a function of predicted vehicle trajectories and RSU locations to locally optimize packet forwarding and buffer allocation in infrastructure-assisted routing for inter-vehicle data delivery. Li et al. [12] pointed out that the existing opportunistic RSUassisted data dissemination schemes do not address multiple messages dissemination. They proposed a mathematical framework to solve the problem of multiple messages dissemination under realistic RSU-aided opportunistic networks. Recently, Li et al. [13] investigated contact-aware mobile data replication in RSU-aided vehicular delay-tolerant networks and introduced an efficient heuristic solution to address the contact-aware RSU-aided vehicular data dissemination problem. The above protocols mainly focus on the improvement of data delivery ratio with low delay, but they expose the privacy of both drivers. Several research works on privacypreserving data forwarding were appeared to achieve high data delivery ratio without disclosing the location of vehicles and content of messages. In [8], Lu et al. proposed a social-based privacy-preserving data forwarding protocol to enable the social-based deployed RSUs to assist in data forwarding and utilized group signatures to prevent the identities disclosure of senders, target vehicles and relaying vehicles. Lin et al. [9] introduced a social-tier-assisted data forwarding protocol based on the observation that the vehicles sequentially pass by a series of social spots and extended this protocol to achieve driver s location privacy preservation. Zhang et al. [14] demonstrated the existing anonymous routing protocols fail to offer the confidentiality of routing metric. Therefore, they proposed an opportunistic metric-hidden routing protocol supporting anonymous authentication and key agreement for pairwise communication. Different from these works, we utilize personal-social behaviors of drivers to further improve the data delivery ratio for privacy-preserving data forwarding in VANETs. The identities of vehicles and the content of forwarding data are protected to prevent the attackers from corrupting their privacy. VII. CONCLUSIONS In this paper, we have proposed a privacy-preserving data forwarding protocol based on the personal-social behaviors of vehicles in VANETs. To improve data delivery ratio, the personal-social behaviors of drivers are leveraged to assist RSUs to deliver the messages destined to these vehicles. Specifically, based on the personal-social behaviors, the messages are forwarded to the RSUs frequently and regularly visited by vehicles. The OBUs on the vehicles can retrieve their messages directly from the RSUs when they drive through. In addition, the privacy of drivers are well preserved against message analysis attacks and message tracing attacks. We have discussed the security of IsPride and demonstrated its high delivery ratio and low average delay. In the future work, we will design a distributed privacy-preserving data forwarding framework based on personal-social and groupsocial behaviors of drivers in VANETs. REFERENCES [1] H. Hartenstein and L. P. Laberteaux, A tutorial survey on vehicular ad hoc networks, IEEE Communications Magazine, vol. 46, no. 6, pp , [2] D. Jia, K. Lu, J. Wang, X. Zhang, and X. Shen, A survey on platoonbased vehicular cyber-physical systems, IEEE Communications Surveys and Tutorials, vol.18, no.1, pp , [3] F. Li and Yu Wang, Routing in vehicular ad hoc networks: A survey, IEEE Vehicular Technology Magazine, vol. 2, no. 2, pp , [4] J. Zhao and G. Cao, Vadd: Vehicle-assisted data delivery in vehicular ad hoc networks, IEEE Transactions on Vehicular Technology, vol. 57, no. 3, pp , [5] J. Nzouonta, N. Rajgure, G. Wang, and C. Borcea, Vanet routing on city roads using real-time vehicular traffic information, IEEE Transactions on Vehicular Technology, vol. 58 no. 7, pp , [6] Y. Wu, Y. Zhu, and B. Li, Trajectory improves data delivery in vehicular networks, in Proc. of INFOCOM, 2011, pp [7] Y. Wu, Y. Zhu, and B. Li, Infrastructure-assisted routing in vehicular networks, in Proc. of INFOCOM, 2012, pp [8] R. Lu, X. Lin, and X. Shen, Spring: A social-based privacy-preserving packet forwarding protocol for vehicular delay tolerant networks, in Proc. of INFOCOM, 2010, pp [9] X. Lin, R. Lu, X. Liang, and X. Shen, STAP: A social-tier-assisted packet forwarding protocol for achieving receiver-location privacy p- reservation in VANET, in Proc. of INFOCOM, 2011, pp [10] P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya, Z. Ma, F. Kargl, A. Kung, and J. -P. Hubaux, Secure vehicular communication systems: design and architecture, IEEE Communications Magazine, vol. 46, no. 11, pp , [11] D. Pointcheval and O. Sanders, Short randomizable signatures, in Proc. of CT-RSA, 2016, pp [12] Y. Li, X. Zhu, D. Jin, and D. Wu, Multiple content dissemination in roadside-unit-aided vehicular opportunistic networks, IEEE Transactions on Vehicular Technology, vol. 63, no. 8, pp , [13] Y. Li, D. Jin, P. Hui, and S. Chen, Contact-aware data replication in roadside unit aided vehicular delay tolerant networks, IEEE Transactions on Mobile Computing, vol. 15, no. 2, pp , [14] L. Zhang, J. Song, and J. Pan, A privacy-preserving and secure framework for opportunistic routing in DTNs, IEEE Transactions on Vehicular Technology, vol. 65, no. 9, pp , 2016.