An Intelligent Edge-Chain Enabled Access Control Mechanism For

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/JIOT.2021.3061467, IEEE Internet of Things Journal JOURNAL OF LATEX CLASS FILES, VOL. 14, NO. 8, AUGUST 2015 1 An Intelligent Edge-Chain Enabled Access Control Mechanism for IoV Yuanni Liu, Man Xiao, Shanzhi Chen, Fellow, IEEE, Fan Bai, Jianli Pan, Member, IEEE, Di Zhang, Senior Member, IEEE

Abstract—The current security method of Internet of Vehicles the amounts of vehicles exceed one billion and is expected (IoV) systems is rare, which makes it vulnerable to various to reach two billion by 2035 [6], [7]. As explosive on-road attacks. The malicious and unauthorized nodes can easily in- devices are connecting to Internet, communication security vade the IoV systems to destroy the integrity, availability, and confidentiality of information resources shared among vehicles. becomes a big issue. As we know, the communication security Indeed, access control mechanism can remedy this. However, as method of current IoV devices is rare, making it easy to be a static method, it cannot timely response to these attacks. To attacked. Such malicious attacks include replay, camouflage, solve this problem, we propose an intelligent edge-chain enabled and message tampering attacks et al. [8]. The attacked IoV access control framework with vehicle nodes and RoadSide Units devices may rise potential risks, such as critical electronic (RSUs) in this study. In our scenario, vehicle nodes act as lightweight nodes, whereas RUSs serve as full and edge nodes control unit hacking and control, untrustworthy messages from to provide access control services. Considering the low accuracy attacked devices. Meanwhile, due to the pervasive distribution of risk prediction due to limited training sets, we leverage a and mobility features of vehicles, the current centralized cloud Generative Adversarial Networks (GANs) to convert the risk model is difficult to expand through massive weak devices [9]. prediction to a sequence generation. Moreover, aiming at the Moreover, the communication distance between IoV devices problems of gradient disappearance and mode collapse existed in the original GANs, we devise a Wasserstein Combined GANs and clouds is relatively long, which may consume amounts of (WCGAN). Simulation results demonstrate that WCGAN has bandwidth, time and energy. The cloud server is a bottleneck higher prediction accuracy than the original GANs. Additionally, of current IoV networks. A single failure of the server will it can also improve the accuracy of access control of Risk disrupt the entire network. Therefore, it is critical to prevent Prediction Based Access Control (RPBAC) model. unauthorized access to the IoV ecosystems on a large-scale Index Terms—Access Control, Blockchain, Edge Computing, area, which is one of the motivations of this paper. Generative Adversarial Networks, Internet of Vehicles. On the other hand, in our previous work, we have integrated blockchain and smart contracts capabilities into the intelli- I.INTRODUCTION gent Edge Computing (EC) framework as the foundations NTERNET of Vehicles (IoV) utilizes effective wireless [10], [11]. The goal is to develop a resource-oriented and I communication to share information among vehicles [1]– blockchain-embedded edge Internet of Things (IoT) frame- [3], which helps to achieve self-driving and maintain the work named Edge-Chain to provide the quality of experience traffic safety [4], [5]. Recently, a green-car report finds that services for IoT devices and to control their behaviors. In our intelligent Edge-Chain ecosystems, EC provides a possible Corresponding author: Di Zhang (E-mail: [email protected]). solution by pushing more resources to the edge, including This work is supported by the Open Fund of the Ministry of Education Key Laboratory of Networks Security and Intelligent Technology, Beijing intelligence, networking, computing, and storage resources. University of Posts and Telecommunications; the General Program of Natural The IoT applications that are delay-sensitive, data-sensitive, Science Foundation of Chongqing: cstc2020jcyj-msxmX1021; the Science and and bandwidth-constrained can benefit from it. In addition, for Technology Research Program of Chongqing Municipal Education Commis- sion: KJZD-K202000602; the Henan Provincial Key Research, Development the sake of resource and jurisdiction constraints, edge nodes and Promotion Project under grant: 551; the Henan Provincial Key Scientific cannot provide comprehensive services for IoT devices [12]. Research Project for College and University under grant: 21A510011. Therefore, blockchain can bring in a decentralized edge cloud Yuanni Liu is with the School of Cyber Security and Information Law, Chongqing University of Posts and Telecommunications, Chongqing 400065, solution, in which applications perform operations without a China (E-mail: [email protected]). trusted intermediary [13]. Additionally, combined with smart Man Xiao is with the School of Communication and Information Engi- contracts, blockchain can enable a trustless environment and neering, Chongqing university of Posts and Telecommunications, Chongqing 400065, China (E-mail: [email protected]). provide a system with validity, traceability, faulty tolerance, Shanzhi Chen is with the State Key Laboratory of Wireless Mobile and the automatic execution of policy. The integration of Communications, China Academy of Telecommunication Technology, Beijing blockchain also enables behavior identification of IoT devices, 100191, China (E-mail: [email protected]). Fan Bai is with the Beijing Institute of Spacecraft System Engineering, and fault tolerance through consensus mechanisms such as BeiJing 100094, China (E-mail: baifan [email protected]). practical byzantine fault tolerant [14], even when some edge Jianli Pan is with the Department of Computer Science, University of servers are compromised. Despite the proposed Edge-Chain Missouri, St. Louis, MO, 63121, USA (E-mail: [email protected]). Di Zhang is with the School of Information Engineering, Zhengzhou implemented in the IoT area, to the best of our knowledge, University, Zhengzhou 450001, China (E-mail: [email protected]). very few effort has combined the blockchain and smart con- Copyright (c) 20xx IEEE. Personal use of this material is permitted. However, permission to use this material for any other purposes must be obtained from the IEEE by sending a request to [email protected].

2327-4662 (c) 2021 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information. Authorized licensed use limited to: University of Missouri-St Louis. Downloaded on March 17,2021 at 23:04:51 UTC from IEEE Xplore. Restrictions apply. This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/JIOT.2021.3061467, IEEE Internet of Things Journal JOURNAL OF LATEX CLASS FILES, VOL. 14, NO. 8, AUGUST 2015 2

tracts based on the edge IoV systems. Therefore, we try to activities are recorded as transactions in the blockchain leverage our Edge-Chain concept in the IoV access control for secure data auditing. An intelligent management and area. The goal is to construct an intelligent and blockchain- control module is built to provide the edge nodes with embedded Edge-Chain enabled system to tackle the key chal- intelligence to generate access control policies based lenges collectively by facilitating the secure access control for on the behavior data of vehicle nodes stored in the IoV devices. blockchain. The access rules and policies enforcement However, traditional access control mechanisms, such as are programmed as smart contracts and integrated into Role-Based Access Control (RBAC) [15] and Attribute-Based the proposed framework to regulate and audit the access Access Control (ABAC) [16], are usually static, which makes behaviors of vehicle nodes. it difficult to adapt to frequent changes of IoV devices. For • In the intelligent management and control module, we example, RBAC restricts network access based on the roles of propose a RPBAC model to predict the risk level based IoV devices. Once an IoV device has obtained the accessible on historical behaviors, and to assign IoV devices with permissions, the device will maintain the permissions for a different access authorities based on their predicted level. certain period. It is thus hard for the current IoV access control Aiming at the constraint of training set number on the ac- mechanism to make a timely response while encountering curacy of machine learning models, we select the GANs some attacks. To this end, machine learning algorithms have to convert the problem of risk prediction to a sequence been introduced to dynamic access control mechanisms in generation problem. The generator of GANs can generate the IoV systems. By analyzing the historical behavior of new sequences by fitting the probability distribution of IoV devices, a risk prediction model was constructed [17]. real data sets, which can be used to improve the accuracy However, machine learning-based accurate risk prediction of prediction of generator. requires a lot of data for training, which is tricky to be • In order to overcome the problems of gradient dis- adopted directly. In order to solve this problem, the Generative appearance and mode collapse in the original GANs, Adversarial Networks (GANs) are widely developed, such we introduce a Wasserstein Combined GANs. By using as image generation, video generation and so on. GANs multiple generators, the improved GANs can cover the utilize generator and discriminator to play a zero-sum game probability distribution of different modes. to achieve Nash equilibrium, and finally produce suitable The rest of this paper is organized as follows. Section II training samples [18]. Consequently, GANs can guarantee a discusses the related work. Section III describes the Edge- satisfactory accuracy even with less training sets by using the Chain enabled access control framework, and Section IV in- generated samples to fine-tune and optimize. However, the troduces the RPBAC model. Section V describes the problems mode collapse and gradient disappearance are some challenges existed in the original GANs, formulates the WCGAN method of the original GANs. In the early training stage, poor learning and explains the related algorithm. Section VI presents and ability of generator results in nasty collapses and produces analyzes the experimental results of the proposed method and limited varieties of samples. Consequently, the discriminator the proposed model. The paper is finally concluded in Section is easy to distinguish generated samples. There will be no VII. effective gradient information of discriminator fed back to the generator, leading to low accuracy of prediction of generator and slow convergence speed of GANs. II.RELATED WORKS In order to cope with these problems, we introduce an Edge- The current access control mechanisms are based on the Chain enabled system to facilitate the secure access control of centralized architecture and distributed architecture. In a cen- IoV devices in this study. Furthermore, to accommodate the tralized architecture, all logics of decision are transferred to frequent network status changes of IoV devices, we propose a a single central module. For example, Ulybyshev et al. [21] dynamic access control model, named Risk Prediction-Based have proposed a secure data exchange method for vehicle Access Control (RPBAC). We also introduce GANs to get rid to everything system, in which records contained sensitive of the constraint of training set number. Additionally, aiming information and access control policies are stored in cloud at the problems of gradient disappearance and mode collapse in an encrypted form. The resource owner acquires the ac- in the original GANs, we design a Wasserstein Combined cess authority of requesting node through structured query GANs (WCGAN) method, which is inspired by Wasserstein language. Kim et al. [22] have leveraged a RBAC model, Generative Adversarial Networks (WGAN) method in [19] and and established a self-registration vehicle management system. Two Discriminators used in Progressive Growing of GANs Once a vehicle has registered the management items to the (D2PGGAN) method in [20]. The main contributions of this management system, the system can automatically create and paper are summarized as follows: management the policies of this accessing item. However, like • We introduce an intelligent Edge-Chain system, to enable most centralized architectures, these solutions have a single a flexible and secure access control framework for IoV point of failure [23]. In a distributed architecture, decision devices. In our framework, the blockchain network con- logics are built by resource-owners themselves. For example, sists of vehicle nodes and RoadSide Units (RSUs), where Rumez et al. [24] have presented an adapted ABAC model for vehicle nodes act as lightweight nodes. On the contrary, automotive architectures. The model uses different functional RSUs act as full nodes, which also serve as edge nodes, modules to preserve multiple communication channels and providing access control service for vehicle nodes. IoV prevent unauthorized access. Hussein et al. [25] have devised

a community-based access control structure for IoT devices, validate that the prediction model based on neural network in which the devices with resources constraints can evaluate is better to process the behavior data of vehicles than other access authorities of external entities without a central autho- models. Zheng et al. [36] have leveraged hidden markov model rization system. to predict steering angle status and quantity road traffic risk. In order to accommodate the high mobility of vehicles, The risk is directly presented in the form of time-varying novel technologies have been proposed for the IoV network. risk form with improved prediction accuracy, enhancing traffic Such as EC, which aims at reducing latency by offloading safety. However, it needs a great amount of training sets to services to the edge of network [26]. Liu et al. [27] have ensure the accuracy of risk prediction. In order to solve this exploited decentralized mobile edge and multitier edge clus- problem, GANs is proposed since it has good performance in tering to meet the requirements of high throughput and low learning the probability distributions of data sets. For example, latency, by conducting distributed data caching and computing Mohammadi et al. [37] have used GANs to plan the accurate at edge vehicles. Wu et al. [28] have proposed a collaborative and reliable paths for navigation applications by learning the learning-based routing scheme for multi-access vehicular edge trajectories based on crowd-sourced data. Sun et al. [38] have computing environment. This scheme can find routes with low leveraged the GANs to repair the parking data, which can communication overhead by utilizing a reinforcement learning improve the effectiveness of parking guidance system. How- algorithm on the basis of end-edge-cloud collaboration. By ever, due to the problems of gradient disappearance and mode integrating proactive and preemptive actions, this scheme collapse in the original GANs, it is not suitable to process achieves better packets forwarding speed. Similarly, Feng vehicle behavior data directly [39]. Therefore, Arjovsky et al. et al. [29] have designed an autonomous edge/cloud hybrid [19] have addressed the problem of gradient disappearance framework to improve the computation capability by utilizing by replacing the Jensen Shannon (JS) divergence with the the available computing resources among nearby vehicles, Wasserstein-1 distance, named WGAN. WGAN has made RSUs and cloud through multiple access networks. Qiao et al. progress in training GANs stably, but sometimes still fails to [30] have leveraged the flexible trilateral cooperation among converge since the limited learning ability of one generator. To macro-cell stations, RSUs and smart vehicles, and proposed this end, Zhang et al. [20] have designed a new structure of a cooperative edge caching scheme for the IoV. The RSUs GANs that consists of one generator and two discriminators. serve as edge nodes to decide which content should be The structure alleviates the problem of mode collapse through cached, and minimize the access cost of content. However, the cooperation of two discriminators. Although the generator neighboring vehicles perhaps reluctant to cache information can better fit the distribution of real data sets under the guid- of other dishonest devices. ance of the discriminator, the generation ability of generator Recently, blockchain has attracted much attention [11]. has not been investigated. Zhou et al. [31] have presented an energy trading model for demand response to improve the security of Internet of Elec- III.THE EDGE-CHAINENABLEDACCESSCONTROL tric Vehicles (IoEV), by integrating computing intelligence, FRAMEWORK blockchain, and smart contracts. Among them, blockchain is In this section, we will discuss the overall Edge-Chain used to guarantee the security of energy trading by encrypting enabled access control framework, core components and the and digitally signing. Smart contracts customize contracts process of vehicle access control. according to the distinct characteristics of each EV type, maximizing social welfare. Computing intelligence derives the A. The Overview of The Proposed Framework probability distribution of EV types through offline training The overall system framework is shown in Fig. 1. In the and online estimation. Ouaddah et al. [32] have designed proposed framework, Edge-Chain is deployed on the RSU. The an IoV access control framework founded on blockchain, vehicle nodes act as lightweight nodes due to the constraints named FairAccess. The framework treats a bitcoin system of storage and computing resources, whereas, the RSUs, as an authorizer, and completes authorization by allocating deployed along roadside, serve as full nodes, which also con- tokens signed on behalf of resource-owner. In [33], Liao et al. sidered as edge servers. Consequently, each edge server stores have developed a task offloading framework. This framework a copy of the entire Edge-Chain, listening to messages and exploits blockchain and smart contracts to mitigate various performing corresponding tasks. Along the message path, core attacks and facilitate task offloading more fairness based on components of the proposed framework include the blockchain the possibility of success task offloading. In [34], Zyskind et integrated with smart contracts and the intelligent management al. have presented a personal data management system with and control module. In our implement, blockchain needs to blockchain, considering the access control moderator and off store behavior data of vehicle nodes. The data, acting as the blockchain storage solution. Designed as unique owners of input of the intelligent management and control module, is their personal data, clients are aware of data collected about to generate access control policies. The policies are written them by service providers and how they are used. However, it into smart contracts, supporting the automatic execution of is only based on the simple permit/deny access policy through access control for vehicle nodes. When a transmission activ- white/black listing. ity occurs, such as information sharing among vehicles, the The risk prediction model can provide a reference for the deployed smart contracts will be triggered to regulate and evaluation of access authorities by predicting the risk level audit the access behavior of vehicles, improving the security of nodes. Najada et al. [35] have utilized traffic data sets to of information resources in the IoV.

Fig. 1: The Edge-Chain enabled access control framework.

B. Core Components in The Proposed Framework 2) The intelligent management and control module: The intelligent management and control module is responsible for 1) The blockchain integrated with smart contracts: In intelligent decision-making. By introducing the GANs, the the proposed framework, smart contracts are combined with intelligent management and control module builds a RPBAC blockchain to perform two functions. First, the blockchain is model. The RPBAC model obtains behavior data of the responsible for secure storing. That is, each block records a list requesting vehicle from blockchain, and a numerical matrix of transactions over a given period, and every transaction has a can be obtained from the historical behaviors by data pre- hash associated with it. In a block, all of the transaction hashes processing. The numerical matrix acts as the input of the are hashed, and the result is the Merkle root, which is utilized GANs to predict the risk level of the requesting vehicle. The to prevent tampering, improving the security of storage in the predicted risk level, combined with the security requirements blockchain. Second, the smart contracts are used to support of the resource-owner vehicle, will be used to evaluate the the automatic execution of access control policies. The smart access authorities of the requesting vehicle, and generate contracts are self-executing contracts. In other words, once corresponding access control policy. the smart contracts become effect, the contracts will execute a predefined task if the trigger conditions are met. In the proposed framework, the request of information resources among C. The Process of Vehicle Access Control vehicles is defined as the trigger of the smart contracts. The policy generated by the intelligent management and control In the Edge-Chain IoV system, nearby RSU generates module, is programmed into smart contract. The smart contract access policy of requesting vehicle through the intelligent man- is transmitted to other full nodes for verification. We utilize the agement and control module. Then, the policy is programmed practical byzantine fault tolerant as the consensus protocol in into smart contract to regulate the access behavior of the line with our previous work [10]. After reaching a consensus, requesting node. Detailed descriptions of the access control the contract will be written into the blockchain, and become an process are as follows: effective contract. The programmed contract will regulate and • The nearby RSU predicts the risk level of the request- audit the access behavior of the requesting vehicle, avoiding ing vehicle, and generates corresponding access policy the abuse of resources. For example, when a vehicle node through the intelligent management and control module. makes a malicious access behavior inconsistent with the policy, • The RSU programs the policy into smart contract. the smart contract will stop the current information sharing of • All full nodes reach to a consensus by mining. The smart the node account, prevent the malicious behavior of the node. contract is recorded as transaction in blockchain. Moreover, the behavior data will be recorded in the blockchain • The requesting vehicle accesses resources under the reg- as the basis for evaluating the high risk of the node next time. ulating and auditing of the smart contract.

B. The Risk Prediction Module The major function of the risk prediction module is to predict the risk level of vehicles based on the input. Considering the constraint of training set number, this module leverages a GANs, and the problem of risk prediction can be converted to a sequence generation problem. The GANs can use not only the real data sets for training, but also the data sets generated by the generator to ﬁne-tune the parameters of model. The prediction accuracy of GAN’s generator is thus improved. As shown in Fig. 3, the GANs consist of a generator and discriminator, in which the long short-term memory acts as the generator, and the convolutional neural network acts as the discriminator. B = {B1,B2, ..., Bt−1} represents the historical behavior, in which the subsequence at time t − 1 is represented as Bt−1 = {bt−1,1, bt−1,2, bt−1,3}. By inputting B, the generator can generate a new sequence Bt = {bt,1, bt,2, bt,3, riskt}, in which riskt represents the predicted risk level of the sequence. The discriminator distinguishes whether Bt is a real data set or a generated data set. If the result is true, it means that Bt is Fig. 2: The risk prediction-based access control model. from a training data set, or else, the input is from the generator. The training process of GANs can be equivalent to a “minimax game” between the generator and discriminator. The IV. THEPROPOSEDACCESSCONTROLMODEL generator “cheats” the discriminator by generating new data, and the discriminator “beats” the generator by discriminating In this section, we will describe the RPBAC model. As whether the data is generated or real. The objective function shown in Fig. 2, the model consists of data preprocessing, risk of GANs is calculated by (1). prediction and access authorities decision-making modules.

min max V (D,G) = Eb∼pdata(b)[log D(b)] G D (1) +E [log(1 − D(G(z)))], A. The Data Preprocessing Module z∼pz (z) where b is a real data set conforming to the distribution By filtering, feature extracting and encoding, the data pre- P (b), and z is a noisy data set conforming to the dis- processing module is designed to transform the input data sets data tribution P (z). D(G(z)) represents the probability that the into a numerical sequence or matrix that the risk prediction z generated data set G(z) is discriminated as real by the dis- module can process. Specifically, in this paper, the input data criminator. Similarly, D(b) represents the probability that b is sets come from car-hacking data sets for intrusion detection discriminated as real. Therefore, maximizing the expectation [40], which includes denial of service attack, spoofing attack, of log D(b)+log(1−D(G(z))) is the purpose of discriminator, fuzzy attack and attack-free. We first filter the invalid or cor- while minimizing the expectation of log(1 − D(G(z))) is the rupt values in the data sets. Then, referring to [40], Identifiers purpose of generator. (IDs) in the data sets show representative patterns of different records. Therefore, we extract the IDs from the data sets by matching keywords. The ID of each record is hexadecimal. C. The Access Authorities Decision-Making Module Consequently, IDs are transformed into a two-dimensional The main function of access authorities decision-making feature matrix through one-hot-vector. module is to determine the authorities of vehicles, on the

Fig. 3: The structure of Generative Adversarial Networks.

basis of the predicted risk level of requesting vehicle and the security requirement of resource-owner vehicle. In this paper, we customize the security requirement with a threshold, n. The access authority is obtained by comparing n and predicted risk level. For example, if the risk level is lower than n, the requesting vehicle can access the system resource, m.

V. THEPROPOSEDMETHOD WCGAN In this section, we will elaborate the problems existed in Fig. 5: The combined GANs. the original GANs, and also introduce the proposed method WCGAN. Q is E(x,y)∼γ [||x − y||]. Under (Pr,Pg), the lower bound A. Problem Statement of E(x,y)∼γ [||x − y||] is the Wasserstein distance, which is understood as the minimum cost. 1) Gradient disappearance: The objective function of orig- As shown in Fig. 4, P is a uniform distribution of (0,Z), inal GANs can be regarded as minimizing the JS divergence r where Z ∼ U(0, 1), and P is a uniform distribution of (θ, Z), between the probability distribution P of real data sets and g r where θ is the horizontal distance between P and P . In this the probability distribution P of generated data sets, which r g g way, the JS divergence and the Wasserstein distance between is represented as (2). Pr and Pg are formulated in (4) respectively. Z P (x) r  ( P (x) KL(Pr||Pg) = Pr(x) log( )dx, (2) g  log( 1 P (x)+0 ) = log 2, ifθ 6= 0 Pg(x)  JS(Pr||Pg) = 2 g 0, ifθ = 0 . where Pr and Pg are continuous probability distributions. As   W (Pr||Pg) = |θ| shown in Eq. 2, if the two probability distributions do not (4) intersect, the JS divergence between them approaches to a If θ is equal to 0, the JS is equal to 0, otherwise, the JS is constant. The better the discriminator is trained, the gradient a constant. Therefore, when the gradient descent algorithm is of generator disappears more serious. used to optimize θ, the JS divergence cannot provide gradient 2) Mode collapse: Due to the restricted ability of learning, information. Nevertheless, the Wasserstein distance varies with the sole generator of GANs can only learn portion distribu- θ, which can provide an effective gradient for training. tions of data sets, which causes deficiencies of some modes, Therefore, this paper brings the Wasserstein distance into reducing the diversity of GANs. the objective function of GANs. The discriminator of GANs is a binary classifier. The last layer of discriminator is a sigmoid B. Methodology function to output a confidence level between 0 and 1, which 1) The objective function on the basis of Wasserstein dis- is applied to judge whether the input is real or generated. tance: To overcome the problem of gradient disappearance, In order to introduce the Wasserstein distance, the WCGAN the WCGAN supersedes the JS divergence with the Wasser- removes the sigmoid function. Therefore, the resistance loss LAd of the discriminator and the resistance loss LAd of the stein distance to measure the cost of converting Pg to Pr. d g The cost calculated in (3) represents the similarity of two generator can be expressed as (5) and (6). distributions, the lower the cost is, the more similar the two Ad Ld = D(˜s0:t) − D(s0:t), (5) are. Ad Ad Lg = −Ld = D(s0:t) − D(˜s0:t). (6) W (P ,P ) = inf E [||x − y||], (3) r g Q (x,y)∼γ γ∼ (Pr ,Pg ) In (5) and (6), s˜0:t represents a generated data set, and Q s0:t represents a real data set. The goal of discriminator is where (Pr,Pg) represents all possible joint distributions to minimize D(s0:t) − D(˜s0:t), on the contrary, the generator of Pr and Pg. By sampling (x, y) ∼ γ from each joint distribution γ, a real data set y and a generated data set aims to minimize D(˜s0:t) − D(s0:t). x can be obtained. The distance between two sets is cal- 2) The combined GANs: To overcome the problem of mode culated by ||x − y||. Therefore, the expectation of ||x − y|| collapse, the WCGAN leverages mutiple generators to learn various probability distributions, which are not learned by a single generator, improving the ability of fitting real data sets and reducing the possibility of mode collapse. Fig. 5 shows a GANs composed of two generators and one discriminator, where the generators share the same input (the basis for collaboration). Given a set of m generators, the discriminator produces a probability distribution of soft-max over m + 1 classes. The probability that the input belongs to a real data is denoted by Fig. 4: Distribution Pr and Pg. Dm+1(.). We optimize the cross entropy between the output

of soft-max and the Dirac delta distribution δ ∈ {0, 1}m+1. 3) The WCGAN procedure: In order to overcome the Consequently, if the data set belongs to generator i, δ(i) = 1, problems of gradient disappearance and mode collapse in otherwise δ(m + 1) = 1, where i ∈ {1, ..., m}. In order the original GANs, we design a WCGAN training algorithm. to identify which generator produces a given fake set, the Supposing there are m generators for cooperation training in discriminator must learn how to push different generators the WCGAN. Algorithm 1 speciﬁes the proposed WCGAN towards different recognizable patterns. However, the goal of training algorithm. In Algorithm 1, we aim to obtain the 1 2 i m each generator is still the same as in the traditional GANs. parameters of m generators, Gθg = {θg, θg, ··· , θg, ··· , θg }. Therefore, compared with (1), the objective function of the The generators and discriminator are trained alternately. Ad- combined GANs is calculated as (7). ditionally, generators are trained only after the discriminator has been trained ndisc times, to play the supervisory role of min max Ex∼pdata Dm+1(x; θd) the discriminator. G D (7) +E (1 − D (G (z; θi ); θ ), x∼pz m+1 i g d Algorithm 1 The training algorithm of the WCGAN.

i Input: learning rate λ = 0.0002, parameter θd and Gθ , the where θd is the parameter of discriminator, θg is the parameter g i number of generators m = 2, the number of iterations of generator i, and Gi(z; θg) represents the generate function of generator i. ndisc = 5, historical behavior data sets of vehicles, Compared with (5), when x ∼ p (where p can be a real random distribution z ∼ p(z). Output: the m generators G . data set or a generated dat set) and the corresponding δ are θg 1: Initialization θ and G given, aiming at the output of generator i, the loss function d θg i 2: while Gθg has not converged do `D of discriminator is calculated in (8). 3: Sample real behavior data sets of nodes B = {B0,B1, ··· ,Bt−1} from blockchain, and i i `D = Dm+1(Gi(z; θg); θd) − Dm+1(x; θd). (8) set random distribution z ∼ p(z) 4: for t = 1 to ndisc do In (8), the discriminator aims to maximize the probability 5: for i = 1 to m do that the real data set x is discriminated as a real data set, and i i 6: Bt ← Gt(B, z) minimize the probability that the generated data set G (z; θi ) i i i g 7: Calculate `D ← Dm+1(Gi(z; θg); θd) − Dm+1(x; θd) is discriminated as a real data set. Then, aiming at the output 8: end for m of all generators, the loss function LD of the discriminator is 1 P i 9: Update the parameters θd ← θd + λ∇θd m i=0 `D calculated as (9). of the discriminator 10: end for L = 1 Pm ì D m i=1 D 11: for i = 1 to m do 12: Bi ← Gi(B, z) = 1 Pm (D (G (z; θi ); θ ) − D (x; θ )). t t m i=1 m+1 i g d m+1 d 13: Calculate ì ← D (x; θ )−D (G (z; θi ); θ ) (9) G m+1 d m+1 i g d 14: end for The gradient descent algorithm is used to find θd that i i i 15: Update the parameters θ ← θ +λ∇ i ` of generator g g θg G minimizes the value of LD, as calculated in (10). i 1 Pm i 16: end while ∇θd LD = ∇θd [ m i=1 `D] 17: Return to the m generators Gθg 1 Pm i = ∇θd [ m i=1(Dm+1(Gi(z; θg); θd))] (10)

1 Pm VI. NUMERICAL RESULTS −∇θd [ m i=1 Dm+1(x; θd)]. In this section, we will present experimental results to Combined with (5), (6) and (8), the goal of the generator i is illustrate the effectiveness of the WCGAN method and RPBAC the opposite of the discriminator. Therefore, the loss function model. In our experiments, the WGAN, D2PGGAN and of the generator i is calculated in (11). WCGAN methods are compared in respect of Wasserstein distance, mean absolute and relative error, and prediction i i `G = Dm+1(x; θd) − Dm+1(Gi(z; θg); θd). (11) accuracy. Furthermore, we will also discuss the utility of RPBAC model in respect of accuracy and response time of i The gradient descent algorithm is also used to find θg that access control. i minimizes the value of `G, which is calculated in (12). A. Experimental Environment i i ∇ i ` = ∇ i [−D (G (z; θ ); θ )]. (12) θg G θg m+1 i g d The risk prediction model is built on Tensorflow 1.12.0 and coded through Python. The data sets for this experiment are In this case, all generators can be updated in a parallel way. from car-hacking data sets for intrusion detection [40]. This The generators form a hybrid mode caused by the objective data sets were collected from real vehicles while performing 1 Pm function. When pd = m i=1 pgi , each generator represents denial of service attack, spoofing attack, fuzzy attack and a hybrid component to achieve global optimality. attack-free. The learning rate is 0.0002.

Fig. 6: Comparison of the Wasserstein distance. Fig. 8: Comparison of the mean relative error.

Fig. 7: Comparison of the mean absolute error. Fig. 9: Comparison of the prediction accuracy.

B. The Performance of The WCGAN Method because the three models leverage Wasserstein distance to calculate the loss function, alleviating the problem of gradient To exhibit the feasibility and effectiveness of WCGAN disappearance in the original GANs. Additionally, the WC- method, we convert different malicious behavior data into GAN utilizes two generators, improving the learning ability different risk levels, which is represented as a binary form of model. with four digits. After preprocessing, we extract 10000 records Fig. 7 shows the mean absolute error of prediction changes from the data sets for training, which includes 5000 attack and with different number of testing sets among the three methods. 5000 attack-free records. We compare the Wasserstein distance As shown in Fig. 7, the WCGAN has the least mean absolute of WGAN, D2PGGAN and WCGAN methods under the error giving the same testing set number. Similarly, Fig. 8 extracted training sets. Then we extract 500, 1000, 1500, 2000, shows the mean relative error of prediction changes with 2500, 3000, 3500, 4000, 4500, 5000 records from the data sets different number of testing sets. In Fig. 8, the mean relative for testing, respectively. Each testing set contains half of attack error of WCGAN is about 0.01, which is much smaller than records and half of attack-free records. We compare the mean the values of WGAN and D2PGGAN. The results indicate that absolute and relative error, and the prediction accuracy among the prediction error of WCGAN is extremely small or even the three methods under the extracted testing sets. negligible. This is due to the fact that the WCGAN leverages Fig. 6 is the variation of Wasserstein distance with dif- two generators to cover different probability distributions of ferent iterations. As shown in Fig. 6, after 15 iterations of data sets, reducing the problem of mode collapse. training, the Wasserstein distance of WGAN is about 0.0108, The variation of prediction accuracy in different number the D2PGGAN is about 0.0023, and the proposed WCGAN of testing sets is displayed in Fig. 9. As shown here, the approaches 0. The results indicate that WCGAN has completed prediction accuracy of WCGAN is about 0.99, the WGAN is the probability distribution learning of training sets, and the about 0.85, and the D2PGGAN is about 0.89. Compared with data sets generated by WCGAN are more similar to the real the other two models, the WCGAN has maintained a high data sets than the WGAN and D2PGGAN. This is probably prediction accuracy by utilizing two well-trained generators

Fig. 10 is the comparison of the accuracy of access control in different number of requests among the three models. As shown in this figure, the RPBAC model has the highest accuracy of access control giving the same request number. The RPBAC model dynamically decides the authorities of vehicles by evaluating the real-time risk level of vehicles, improving the feasibility of access control. Moreover, as the growing amounts and types of requests, the advantages of RPBAC model in access authorization become more obvious, better protecting the security of information resources than traditional access control mechanisms. Fig. 11 shows the comparison of average response time in different number of requests among the three models. With the increasing number of access requests, the average response time of each model fluctuates partially. However, the overall Fig. 10: Comparison of the access control accuracy. trend is stable. The response time of the proposed model is longer than the ABAC and RBAC models slightly, because it spends some time in evaluating the risk level of nodes. For the RBAC model, once the role of a node is verified, the access authorities of this node will be fixed. The ABAC model needs some time to calculate whether a set of attributes meets a certain condition for the authorization judgment. In contrast, in each access request, the RPBAC model needs to calculate the risk level of a node, and adjusts the access authorities dynamically. However, only a tiny time increment is caused via this method, which is acceptable in the IoV.

VII.CONCLUSION In this paper, we leverage the intelligent Edge-Chain to enable the access control for IoV devices, and propose a RPBAC model, to regulate the behaviors of vehicles. In addition, we introduce the GANs to build a risk-prediction module. We afterward analyze the problems of gradient disappearance and Fig. 11: Comparison of the average response time. mode collapse in the original GANs, and devise a WCGAN method. Compared with the existing WGAN and D2PGGAN methods, experimental results demonstrate that the WCGAN for prediction. method matches closer to the real data in respect of probability distribution, and has higher accuracy. The results further show C. The Performance of The RPBAC model that the RPBAC model displays higher accuracy of access control than the RBAC and ABAC models. The experimental data sets consist of different access requests. Each request contains four properties: the subject (the ACKNOWLEDGMENT vehicle that initiated the access request), the object (the vehicle This project is supported by Open Fund of the Ministry of being requested), the form and occurrence time of access. The Education Key Laboratory of Networks Security and Intelli- requesting vehicles in each request are randomly selected, and gent Technology (Beijing University of Posts and Telecommu- generate 10 rounds of requests, R ,R , ··· ,R . The requests 1 2 10 nications), the General Program of Natural Science Foundation of each round are generated by 50 vehicles. Each vehicle of Chongqing (cstc2020jcyj-msxmX1021), the Science and launches i requests, and i ∈ {1, 2, ..., 10}. The occurrence time Technology Research Program of Chongqing Municipal Edu- of each request is random. The requests alternately consist of cation Commission (KJZD-K202000602), the Henan Provin- malicious and normal requests. The normal requests mean that cial Key Research, Development and Promotion Project (551), the vehicle has no malicious behavior. The malicious requests and the Henan Provincial Key Scientiﬁc Research Project for mean that the vehicle has malicious behavior. The RBAC College and University (21A510011). model in [15], the ABAC model in [16] and the proposed RPBAC model are used to conduct the access authorities of REFERENCES 10 group access requests respectively. The three models are compared in terms of the accuracy of access control and [1] C. Shanzhi, H. Jinling, S. Yan, P. Ying, F. Jiayi, and Z. R. et al., “Vehicle- to-everything (v2x) services supported by lte-based systems and 5g,” average response time to validate the utility of the RPBAC IEEE Communications Standards Magazine, vol. 1, no. 2, pp. 70–76, model. Jul. 2017.

[2] H. Jinling, C. Shanzhi, Z. Li, L. Yuanyuan, F. Jiayi, and L. B. et al., [24] R. Marcel, D. Alexander, G. Patrick, K. Reiner, and S. Eric, “Integration “Link level performance comparison between lte v2x and dsrc,” Journal of attribute-based access control into automotive architectures,” in IEEE of Communications and Information Networks, vol. 2, no. 2, pp. 101– Intelligent Vehicles Symposium (IV). IEEE, Jun. 2019, pp. 1916–1922. 112, Jun. 2017. [25] H. Dina, B. Emmanuel, and F. Vincent, “A community-driven access [3] C. Shanzhi, H. Jinling, S. Yan, and Z. Li, “Lte-v: A td-lte-based v2x control approach in distributed iot environments,” IEEE Communications solution for future vehicular network,” IEEE Internet of Things journal, Magazine, vol. 55, no. 3, pp. 146–153, Mar. 2017. vol. 3, no. 6, pp. 997–1005, Sept. 2016. [26] C. Xianfu, Z. Honggang, W. Celimuge, M. Shiwen, J. Yusheng, and [4] C. Xiang, Z. Rongqing, C. Shanzhi, L. Jia, Y. Liuqing, and Z. Hongwei, B. Mehdi, “Performance optimization in mobile-edge computing via “5g enabled vehicular communications and networking,” China Commu- deep reinforcement learning,” in IEEE 88th Vehicular Technology Con- nications, vol. 15, no. 7, pp. iii–vi, Jul. 2018. ference (VTC-Fall). IEEE, Apr. 2018, pp. 1–6. [5] B. Yu and F. Bai, “Pyramid: Probabilistic content reconciliation and [27] W. Celimuge, L. Zhi, Z. Di, Y. Tsutomu, and J. Yusheng, “Spatial prioritization for v2v communications,” IEEE Transactions on Vehicular intelligence toward trustworthy vehicular iot,” IEEE Communications Technology, vol. 67, no. 7, pp. 6615–6626, Jul. 2018. Magazine, vol. 56, no. 10, pp. 22–27, Oct. 2018. [6] W. Jingjing, J. Chunxiao, H. Zhu, R. Yong, and H. Lajos, “Internet [28] W. Celimuge, L. Zhi, L. Fuqiang, Y. Tsutomu, J. Yusheng, and L. Jie, of vehicles: Sensing-aided transportation information collection and “Collaborative learning of communication routes in edge-enabled multi- diffusion,” IEEE Transactions on Vehicular Technology, vol. 67, no. 5, access vehicular environment,” IEEE Transactions on Cognitive Com- pp. 3813–3825, May 2018. munications and Networking, Jun. 2020. [7] J. Voelcker, “We now have one billion vehicles on [29] F. Jingyun, L. Zhi, W. Celimuge, and J. Yusheng, “Mobile edge the planet,” http://www.greencarreports.com/news/1065070 computing for the internet of vehicles: Offloading framework and job its-official-wenowhave-one-billion-vehicles-on-the-planet/, accessed scheduling,” IEEE vehicular technology magazine, vol. 14, no. 1, pp. Sep. 16, 2016. 28–36, Mar. 2018. [8] L. Zhao, X. Li, B. Gu, Z. Zhou, S. Mumtaz, and V. F. et al., “Vehicular [30] Q. Guanhua, L. Supeng, M. Sabita, Z. Yan, and A. Nirwan, “Deep communications: Standardization and open issues,” IEEE Communica- reinforcement learning for cooperative content caching in vehicular edge tions Standards Magazine, vol. 2, no. 4, pp. 74–80, Dec. 2018. computing and networks,” IEEE Internet of Things Journal, vol. 7, no. 1, [9] S. Guleng, C. Wu, Z. Liu, and X. Chen, “Edge-based v2x communica- pp. 247–257, Oct. 2019. tions with big data intelligence,” IEEE Access, vol. 8, pp. 8603–8613, [31] Z. Zhenyu, W. Bingchen, G. Yufei, and Z. Yan, “Blockchain and com- Jan. 2020. putational intelligence inspired incentive-compatible demand response [10] P. Jianli, W. Jianyu, H. Austin, A. Ismail, L. Yuanni, and Z. Ying, in internet of electric vehicles,” IEEE Transactions on Emerging Topics “Edgechain: An edge-iot framework and prototype based on blockchain in Computational Intelligence, vol. 3, no. 3, pp. 205–216, May 2019. and smart contracts,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. [32] S. Madhusudan and K. Shiho, “Crypto trust point (ctp) for secure 4719–4732, Jun. 2018. data sharing among intelligent vehicles,” in International Conference on Electronics, Information, and Communication (ICEIC) [11] C. Feng, K. Yu, A. K. Bashir, Y. D. AI-Otaibi, Y. Lu, and S. C. et al., . IEEE, Apr. “Efficient and secure data sharing for 5g flying drones: A blockchain- 2018, pp. 1–4. enabled approach,” IEEE Network (accept). [33] H. Liao, Y. Mu, Z. Zhou, M. Sun, Z. Wang, and C. Pan, “Blockchain and learning-based secure and intelligent task offloading for vehicular fog [12] Z. Zhenyu, L. Haijun, G. Bo, H. Kazi Mohammed Saidul, M. Shahid, computing,” IEEE Transactions on Intelligent Transportation Systems, and R. Jonathan, “Robust mobile crowd sensing: When deep learning pp. 1–13, Jul. 2020. meets edge computing,” IEEE Network, vol. 32, no. 4, pp. 54–60, Aug. [34] Z. Guy, N. Oz et al., “Decentralizing privacy: Using blockchain to 2018. protect personal data,” in 2015 IEEE Security and Privacy Workshops. [13] J. Tigang, F. Hua, and W. Honggang, “Blockchain-based internet of IEEE, Jul. 2015, pp. 180–184. vehicles: distributed network architecture and performance analysis,” [35] A. N. Hamzah, M. Imad, and M. Imran, “Highway cluster density and IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4640–4649, Jun. average speed prediction in vehicular ad hoc networks (vanets),” in IEEE 2018. Symposium Series on Computational Intelligence (SSCI). IEEE, Jan. [14] N. S., “Bitcoin: a peer-to-peer electronic cash system,” https://bitcoin. 2018, pp. 96–103. org/bitcoin.pdf/, accessed 2009. [36] Z. Xunjia, Z. Di, G. Hongbo, Z. Zhiguo, H. Heye, and W. Jianqiang, [15] S. Nidhiben, H. Yongtao, Y. I-Ling, B. Farokh, and Z. Yuqun, “Resource “A novel framework for road traffic risk assessment with hmm-based and role hierarchy based access control for resourceful systems,” in prediction model,” Sensors, vol. 18, no. 12, p. 4313, Oct. 2018. IEEE 42nd Annual Computer Software and Applications Conference [37] M. Mehdi, A.-F. Ala, and O. Jun-Seok, “Path planning in support of (COMPSAC), vol. 2. IEEE, Jun. 2018, pp. 480–486. smart mobility applications using generative adversarial networks,” in [16] G. Maanak, P. Farhan, and S. Ravi, “An attribute-based access control IEEE International Conference on Internet of Things (iThings) and model for secure big data processing in hadoop ecosystem,” in Proceed- IEEE Green Computing and Communications (GreenCom) and IEEE ings of the Third ACM Workshop on Attribute-Based Access Control, Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data Mar. 2018, pp. 13–24. (SmartData). IEEE, Jun. 2018, pp. 878–885. [17] L. Yuanni, X. Man, Z. Yanyan, Z. Di, Z. Jianhui, and G. H. et al., “An [38] S. Yuqiang, P. Lei, L. Huiyun, and S. Min, “Exploration on spatiotem- access control mechanism based on risk prediction for the iov,” in IEEE poral data repairing of parking lots based on recurrent gans,” in 21st 91st Vehicular Technology Conference. IEEE, Jun. 2020, pp. 1–5. International Conference on Intelligent Transportation Systems (ITSC). [18] J. Qiuzi, L. Xin, S. Youqun, and K. Kenji, “Image generation method IEEE, Dec. 2018, pp. 467–472. based on improved condition gan,” in 6th International Conference on [39] A. Martin and B. Leon,´ “Towards principled methods for training Systems and Informatics (ICSAI). IEEE, Feb. 2019, pp. 1290–1294. generative adversarial networks,” arXiv preprint arXiv:1701.04862, Jan. [19] A. Martin, C. Soumith, and B. Leon,´ “Wasserstein gan,” arXiv preprint 2017. arXiv:1701.07875, 2017. [40] E. Seo, H. M. Song, and H. K. Kim, “Gids: Gan based intrusion [20] Z. Zhaoyu, L. Mengyan, and Y. Jun, “D2pggan: Two discriminators used detection system for in-vehicle network,” in 16th Annual Conference in progressive growing of gans,” in IEEE International Conference on on Privacy, Security and Trust (PST), 2018, pp. 1–6. Acoustics, Speech and Signal Processing (ICASSP). IEEE, Apr. 2019, pp. 3177–3181. [21] U. Denis, A. Aala Oqab, B. Bharat, S. Savvas, M. Ganapathy, and O. Lotfi Ben, “Secure data communication in autonomous v2x systems,” in IEEE International Congress on Internet of Things (ICIOT). IEEE, Sept. 2018, pp. 156–163. [22] K. Daewon, J. Hongil, J. Boheung, and N. Jung-Chan, “An access control method for vehicle management system,” in International Conference on Information and Communication Technology Convergence (ICTC). IEEE, Nov. 2018, pp. 949–952. [23] Z. Di, L. Yuanwei, D. Linglong, B. Ali Kashif, N. Arumugam, and S. Byonghyo, “Performance analysis of fd-noma-based decentralized v2x systems,” IEEE Transactions on Communications, vol. 67, no. 7, pp. 5024–5036, Jul. 2019.

Yuanni Liu received the M.E. degree from Jianli Pan (Member, IEEE) is currently an As- Zhengzhou University, in 2008, and the Ph.D. degree sociate Professor in the Department of Computer from the Beijing University of Posts and Telecom- Science at the University of Missouri, St. Louis, munications, in 2011. She currently serves as an MO, USA. He obtained his Ph.D. degree from the Associate Professor with the School of Commu- Department of Computer Science and Engineering nication and Information Engineering, Chongqing of Washington University in St. Louis, MO, USA. University of Posts and Telecommunications. Her His current research interests include Internet of research interests include mobile crowd sensing, the Things (IoT), edge computing, machine learning, IoT security, IP routing technology, and complex and cybersecurity. He is an associate editor for both networks. IEEE Communication Magazine and IEEE Access.

Man Xiao received the B.S. degree from the Anhui Jianzhu University in 2018. She is currently pursuing the M.S. degree in Chongqing University of Posts and Telecommunications. Her research interests include mobile crowd sensing, IoT security, IP routing technology and complex networks.

Shanzhi Chen (Fellow, IEEE) received the bach- elors degree from Xidian University, Xian, China, in 1991, and the Ph.D. degree from the Beijing University of Posts and Telecommunications, Bei- jing, China, in 1997. He joined the Datang Telecom Technology and Industry Group, Beijing, and the Di Zhang (Sensior, IEEE) currently is an As- China Academy of Telecommunication Technology sistant Professor with the Zhengzhou University, (CATT), Beijing, in 1994, and has been serving as Zhengzhou, China. He is the editor of IEEE the EVP of Research and Development since 2008. ACCESS, KSII Transactions on Internet and In- He is currently the Director of the State Key Labo- formation Systems and IET Quantum Commu- ratory of Wireless Mobile Communications, CATT, nication. He has served as the guest editor of where he conducted research and standardization on 4G TD-LTE and 5G. He IEEEWIRELESS COMMUNICATIONS, IEEE NET- has contributed to the design, standardization, and development of 4G TD-LTE WORK, IEEE ACCESS, chair of IEEE WCNC and 5G mobile communication systems. His current research interests include 2020, IEEE/CIC ICCC 2020, etc. In 2019, he 5G mobile communications, network architectures, vehicular communication received the ITU Young Author Award and the networks, and Internet of Things. He has authored and coauthored 4 books, IEEE Outstanding Leadership Award. His research 17 book chapters, more than 100 journal papers, 50 conference papers, and interests include information theory, signal processing, Internet of things and over 50 patents in the above areas. Dr. Chen received multiple top awards e-health. and honors by China central government, especially the Grand Prize of the National Award for Scientic and Technological Progress, China, in 2016 (the Highest Prize in China). He served as a member and a TPC chair of many international conferences. He is the Area Editor of the IEEE INTERNET OF THINGS JOURNAL and an Editor of IEEE NETWORK.

Fan Bai received the Ph.D degree from Waseda Uni- versity, Tokyo, Japan, in 2016.His current position is engineer with Beijing institute of spacecraft system engineering. His main research interests include the deep space optical communications and satellite networking, etc.