Feature Cluster-Based Secure Data Transmission Method for Social Internet of Vehicles

Abstract

Due to the high mobility of vehicles and the high dynamics of SIoV network topology, the communication between users will be frequently interrupted, thus affecting the service quality of users. In addition, due to the open nature of the SIoV wireless channel, any user can broadcast messages in the system. However, unreliable users pose serious security threats to other users on the network. In order to solve these problems, we propose a feature cluster-based secure data transmission method (FC-SDTM) to ensure safe and stable data transmission between vehicles. This method creates feature clusters according to the feature similarity of users, which provides the stability of communication between users and improves users’ reliability in the cluster. Second, consortium blockchains store the transmission data sent by the sender in the cluster for the receiver to verify, further ensuring the security of intra-cluster communication. Finally, the random number key reduces the running time of the proposed method and solves the security problem caused by cluster topology updates. The experimental results demonstrate that this method can reduce the system running time and the message exposure rate, while also improving transmission accuracy.

1. Introduction

A social network (SN) is an online platform based on the mobile internet that enables users to establish social relationships with each other through content posting, information sharing, and other behaviors. The Internet of Vehicles (IoV) is a large-scale wireless communication network based on an on-board local area network, inter-vehicle network, and on-board mobile internet; it is realized by stipulated communication protocols and data interaction standards. The application of SN in the IoV has brought about a new network paradigm: social networking of vehicles (SIoV) [1,2]. The appearance of SIoV provides a new solution for ensuring road safety and improving traffic efficiency. For example, vehicles in SIoV share road safety information (such as traffic accidents, roadworks, etc.) with other entities on the road (vehicles, pedestrians, roadside units, etc.) through cellular vehicle-to-everything (C-V2X) or dedicated short-range communication (DSRC) protocols. This information helps other users on the road to make correct decisions, thus ensuring their travel safety [3,4,5]. However, in the process of data transmission, the unreliability of vehicles [6], high mobility of vehicles [7], and high dynamics of SIoV network topology [8] will affect the performance of the entire network, thus leading to the occurrence of dangerous conditions on the road. For example, unreliable vehicles may deliberately transmit false data into the network, inducing other vehicles on the road to make wrong decisions. In addition, the high mobility of vehicles and the high dynamics of SIoV network topology will lead to frequent interruption of communication between vehicles and the loss of communication packets. Therefore, in data transmission, the reliability of communication users and the stability of communication links are crucial to users [9,10,11,12].

In order to improve inter-vehicle communication stability, clustering technology is widely used in SIoV. The main idea of clustering technology is to divide vehicles in SIoV into different clusters and realize stable data transmission between vehicles through a cluster management mechanism [13,14,15,16]. Washio et al. [13] proposed a vehicle clustering algorithm based on geographic location and trajectory, improving information transmission efficiency. However, due to the frequent changes in vehicle location and trajectory, the stability of clustering results is poor. To solve this problem, Mukhtaruzzaman et al. [14] further improved the clustering results’ stability by considering other motion characteristics of vehicles. In addition, Chang et al. [15] proposed an intelligent clustering mechanism based on driving patterns. That is, vehicles are classified according to their driving mode, which further improves the stability of clustering results. When the vehicle density is high, the above methods are prone to broadcast storm problems. In order to address this issue, Ghimire et al. [16] proposed a novel clustering approach that uses behavioral parameters and current journey parameters to address this issue. Due to SIoV being an open system, any vehicle can freely join or exit the network. However, the above method lacks the evaluation of user credibility, so malicious vehicles in the cluster may deliberately spread false information, thus threatening the security of users.

In order to ensure the security of data transmission in SIoV, trust management mechanisms are widely adopted. The main purpose of the trust management mechanism is to select reliable communication vehicles by evaluating the trust relationship between vehicles, so as to ensure the safe transmission of data. When there is a strong social relationship between vehicles in SIoV (such as common interests, the number of encounters, etc.), they are more likely to establish a strong trust relationship. Thus, the authors of [17,18,19] increased the degree of trust between vehicles by incorporating the social relationships between vehicles into the selection process of communication users. However, if the vehicle forges this information to deceive the trust management system and gain communication rights, it will likely lead to the transmission of malicious data, which will threaten the security of the whole system. Blockchain, as a decentralized distributed ledger, can realize tamper-proof data and security through encryption and distributed storage. Therefore, the authors of [20,21] combined the trust management mechanism with blockchain to further improve the security of the trust management mechanism. Although the above method can improve the security of communication between vehicles, communication between vehicles is often only brief due to the high speed of vehicle movement, which may lead to frequent communication interruption.

Based on the above analysis, we propose a feature cluster-based secure data transmission method combining clustering technology, consortium blockchain technology, and the trust management mechanism. Firstly, users are divided into different feature clusters according to their feature similarities. Secondly, before sending the transmitted data, users in the cluster need to upload the transmitted data to the consortium blockchain for the recipient to verify the integrity of the transmitted data. This method ensures the stability of communication between users and the security of communication between users. The main innovations and contributions of our method can be summarized as follows:

• The method considers mobile feature similarity, attribute feature similarity, and interaction feature similarity of users during the construction of the feature cluster, which not only ensures the stability of communication links but also enhances the trust relationship between users.
• We propose an efficient dynamic updating algorithm for feature clusters by dynamically generating random number keys. This not only reduces the system delay caused by the update of the feature cluster but also avoids the privacy threat caused by users outside the feature cluster.
• In order to resist intra-cluster attacks, we use a consortium blockchain to record the transmitted data of the sender, so that the receiver can verify the integrity and validity of the transmitted data through the consortium blockchain.

The remainder of the paper is organized as follows. Section 2 introduces the related work. Section 3 presents the necessary problem description in the data transmission process. Section 4 presents the proposed FC-SDTM method. Section 5 and Section 6 discuss the proposed method’s security and time complexity. In Section 7, the simulation and results are presented. Section 8 finally concludes the paper.

2. Related Work

As SIoV is becoming increasingly popular, the security and reliability of data transmission have attracted extensive attention from scholars. The security data transmission schemes proposed by researchers mainly include trust management mechanisms and security authentication mechanisms.

Table 1. Comparison of existing studies.

	Trust Management Mechanisms				Security Authentication Mechanisms
	[22]	[23]	[24,25]	[26,27,28]	[29,30,31]	[32,33]	[34]	[35,36,37]
Security	Low	Low	High	High	High	Medium	Medium	High
Efficiency	Low	Medium	Low	High	Low	High	High	High
Overhead	High	High	High	Medium	High	Low	Low	Medium

provides a detailed comparison of these schemes.

2.1. Trust Management Mechanisms

The main idea of the trust management mechanism is to ensure secure data transmission by evaluating the reliability of users and selecting high-reliability users for data transmission. This mechanism not only effectively reduces the security problems caused by unreliable users, such as data leakage, tampering, and loss, but it also promotes cooperation between users. Among them, vehicle reliability can be calculated based on various factors, including the neighbor’s opinions, the reputation of the vehicle, and their past interactions with other vehicles [38]. Lin et al. [22] proposed a cloud-based VSN architecture to implement the trust algorithm by combining the direct neighborhood, indirect neighborhood, and friendship of vehicles. However, this method requires the appropriate weight allocation of the three factors, but determining the proper weight is very difficult, so the practicability of this method is limited. Hao et al. [23] proposed the concepts of local trust and global trust, which indicate the local and global trust relationships among vehicles. They adopted the PageRank algorithm [39] used for web page ranking to calculate the global trust of vehicles. Nevertheless, the scheme is vulnerable because the trust relationship between vehicles is easily disturbed by attackers. To further improve the identification accuracy of users, the authors of [24,25] applied the Bayesian theory [40] to the calculation process of a vehicle’s local trust and global trust. This is because the Bayesian theory can combine prior information with the observed data and gradually update the vehicle trust value through repeated iterations to identify malicious users more accurately. However, since this method requires several iterative computations, and each computation takes a certain amount of time, it may increase the user identification time. Due to blockchain’s decentralized, immutable, and anonymous characteristics, many scholars have tried combining blockchain technology and the trust management mechanism to enhance the efficiency and security of the existing trust management mechanism [26,27,28]. However, due to the high mobility of vehicles and the high dynamics of SIoV network topology, it is challenging for distributed trust management systems to calculate trust values in a limited time.

2.2. Security Authentication Mechanism

The main purpose of the security authentication mechanism is to ensure secure data transmission between vehicles by verifying the validity of vehicle identity or message. The authors of [29,30,31] proposed a message-based security authentication scheme through digital signature and encryption technology. However, a large number of certificates and signatures are involved in these schemes, resulting in high communication and computing costs. To solve this problem, Hakeem et al. [41] proposed a lightweight multi-zone authentication and privacy-preserving protocol (MAPP) based on bilinear pairing cryptography and short-size signatures. This scheme significantly improves signature generation and verification times using a short bilinear pairing signature. As vehicle traffic density increases, a trusted authority (TA) may need to simultaneously process authentication requests from many users. This may lead to a communication bottleneck of TA, which further affects the efficiency and timeliness of identity authentication. To solve this problem, the authors of [32,33] proposed a multi-TA network authentication protocol and a multi-server network authentication protocol. By apportioning authentication tasks among multiple entities, the protocol not only reduces the workload of a single entity but also improves the efficiency of user authentication. In addition, Xu et al. [34] proposed a secure and computationally efficient authentication and key agreement scheme for the loV, where the RSU can authenticate with the vehicle. However, due to the fast movement of the vehicle and the limitation of the RSU communication range, the vehicle may need frequently repeated authentication during the driving process [42]. Therefore, reducing the authentication time is the main goal of the Internet of Vehicles authentication scheme. To achieve this goal, blockchain, as a distributed ledger, effectively solves the problem of vehicle cross-domain authentication [35,36,37]. However, the security authentication mechanism involves many encryption algorithms, bringing high computing costs to users. Therefore, this mechanism is not suitable for mobile vehicles with limited resources.

3. Problem Description

3.1. Data Transmission Scenario

In the SASMDT method, the management center is responsible for calculating the attribute similarity based on the static and dynamic attributes of the vehicle and building users with high similarity into a communication group for communication. However, due to the lack of effective evaluation of in-group user reliability and transmission data integrity, in-group users may receive abnormal data (such as fake data, forged data, etc.) from other unreliable users. This paper proposes a secure data transmission method based on feature clustering to overcome this problem. Its data transmission scenario is shown in Figure 1. Firstly, the feature similarity of users is calculated according to their mobility, attributes, and interaction features. Then, users whose feature similarities reach specific threshold values are grouped together in feature clusters. To prevent users within the cluster from receiving malicious data from malicious users, the method introduces consortium blockchain technology for the recipient to verify the received data securely. Compared with SASMDT, this method effectively prevents internal attacks.

• Management center: Management centers (MCs) belong to a category of public infrastructures, such as base stations (BSs); these are usually deployed and maintained by operators, and are responsible for providing vehicles with cellular network access [43]. The jurisdiction of each management center is a circle with its location as the center and communication distance as the radius. When users enter the management center’s wireless coverage area, they need to accept management by the management center (identity management, information analysis, key generation, etc.). In addition, the management center is responsible for calculating the feature similarity with other users and forming feature clusters for users with high similarity.
• Vehicle: The vehicle contains a built-in on-board unit (OBU), which has limited computing and storage capabilities. Vehicles typically use the C-V2X or DSRC protocols to communicate with other entities on the road. When a vehicle registers with the management center for the first time, it is required to upload the user’s personal information, which can indirectly reflect the user’s social relationships. When a user initiates a feature cluster construction request to the management center that contains the user’s mobility, attribute, and interaction features, the management center calculates the user’s feature similarity. It creates different feature clusters for the user based on the calculated value. The sender in the feature cluster must upload the transmitted data to the consortium blockchain for the receiver to verify the data.
• Consortium blockchain: Blockchain can be seen as a decentralized and reliable platform that usually consists of blocks and chains [44]. Smart contracts, as code executed on the blockchain, can dictate the format in which data are transmitted by the sender [45,46]. Blockchain can be divided into public, private, and consortium blockchains according to openness. Compared to the other two blockchains, consortium blockchains are typically jointly managed and controlled by a specific set of nodes, so transactions are processed faster and more securely. Considering that vehicles in SIoV have a high speed and need to complete data transmission quickly and safely, this paper uses consortium blockchain to ensure secure data transmission between vehicles. In this paper, the nodes of the consortium blockchain are mainly composed of the authorization administration center, including the primary management center and the slave management centers. These nodes are responsible for maintaining and constructing the consortium blockchain [47].

3.2. Attack Model

Due to the openness of the wireless channel and the confidentiality of the transmitted data, the data transmission between users in SIoV is vulnerable to security threats from other users. This paper divides users in the data transmission process into two categories: trusted users and malicious users. Trusted users are those who participate in data transmission without threatening the security of other users. Malicious users usually launch a series of attacks during data transmission to threaten the security of users. The attack model is shown in Figure 2. As the previous clustering algorithm ignored the evaluation of user credibility, malicious users could enter the cluster and participate in data transmission. Therefore, we assume malicious user A in Figure 2 has a legitimate identity and can enter the cluster. In cluster 1, A can broadcast false information or replay attacks, or tamper attacks by intercepting the transmitted data between B and C. In addition, when the user leaves cluster 1 and enters cluster 2, the user can continuously receive the transmission data in cluster 1 due to the shared key of cluster 1 not being updated in time.

3.3. Security Requirements

In order to eliminate user security threats during data transmission, a secure feature cluster mechanism should provide the following security requirements:

• Identity privacy protection. According to our proposed user model, this method should prevent other users in the feature cluster from obtaining the sender’s identity during data transmission.
• Communication security. The broadcast channel of SIoV is open and easily monitored by other users. The proposed method should implement the transmitted data access control so that users in the same feature cluster can only access the data.
• Feature cluster security. The users in the feature cluster change dynamically with time, and the proposed method should ensure the vehicles leaving the feature cluster cannot receive the transmission content of the feature cluster.
• Data integrity. Since the user’s decision depends on the integrity and the security of the transmission data, the method should ensure that the transmission data received by users in the feature cluster are not tampered with or forged.

4. The Proposed FC-SDTM Method

FC-SDTM introduces the concept of feature clusters during data transmission. The management center computes user feature similarity and forms feature clusters for users with similar values. In order to ensure secure data transmission, the management center generates a shared key for users before they enter a particular feature cluster and updates it in a timely fashion after the users leave. This method can effectively ensure data security in the communication process.

Table 2. Symbols and descriptions used in this article.

Symbol	Description
⊕	Exclusive-OR (XOR) operation
h(.)	Secure one-way hash function
u	Vehicle
$PSE$	Vehicle pseudonym
$Mob$	Mobility features
$Att$	Attribute features
$Int$	Interaction features
$S\left(At{t}_{ij}\right)$	Attribute feature similarity
$S\left(In{t}_{ij}\right)$	Interaction feature similarity
$S\left(Fe{a}_{ij}\right)$	Feature similarity
$SET\left(Mob\right)$	Mobility feature set
$SET\left(Att\right)$	Attribute feature set
$SET\left(Int\right)$	Interaction feature set
$St\left(Be{h}_{ij}\right)$	Communication intensity
$Ld\left(Be{h}_{ij}\right)$	Data transmission limit
$S\left(Mo{b}_{ij}\right)$	Mobility feature similarity

lists the symbols and descriptions used in this paper.

4.1. Initialization

The management center $M{C}_k$ selects two large prime numbers, p and q, and an addition group $G_k$ of order q and generator $P_k$. Then, $M{C}_k$ selects a random number $S{K}_k\in Z_q^{*}$ as its private key and calculates the corresponding public key $P{K}_k=S{K}_k·P_k$. $M{C}_k$ chooses two hash functions $h_k^0:{\{0,1\}}^{*}\to Z_q^{*}$ and $h_k^1:{\{0,1\}}^{*}\to {(0,1)}^C$, where C is a constant string length, and broadcasts its own system parameter $Para{m}_k=(G_k,p,q,P_k,h_k^0,h_k^1,P{K}_k)$ to the other management center. When the vehicle $u_i$ enters the jurisdiction of $M{C}_k$, it sends its $I{D}_i$ and attribute information to $M{C}_k$ for initialization. $M{C}_k$ generates a pseudonym $PS{E}_i=h_k^1\left(I{D}_i\right)$ for the vehicle and this pseudonym is unique. Next, it selects a random number $S{K}_i\in Z_q^{*}$ as the vehicle’s private key and calculates the vehicle’s public key $P{K}_i=S{K}_i·P_k$. Finally, $M{C}_k$ returns $PS{E}_i$ and $(S{K}_i,P{K}_i)$ to the vehicle via a secure channel.

Feature Cluster Construction

When user $u_i$ wants to conduct group communication, the user sends a feature cluster construction request $Re{q}_i=\{PS{E}_i,Mo{b}_i,At{t}_i,In{t}_i\}$ to the management center. Where, $PS{E}_i$ represents the user pseudonym, and $Mo{b}_i$, $At{t}_i$, and $In{t}_i$, respectively, represent the user mobility, attribute, and interaction features. At the same time, other vehicles entering the coverage area of the management center broadcast their beacon information $Be{a}_i=\{PS{E}_i,Mo{b}_j,At{t}_j,In{t}_j\}$ containing user features. After determining the validity of user information, the management center stores the user’s features in the mobile feature set $SET\left(Mob\right)$, attribute feature set $SET\left(Att\right)$, and interaction feature set $SET\left(Int\right)$. Then, the management center computes user feature similarity based on $SET\left(Mob\right)$, $SET\left(Att\right)$, and $SET\left(Int\right)$. The user mobility feature similarity, attribute feature similarity, and interaction feature similarity are calculated as outlined below.

(a)

Calculation of user mobility feature similarity

$Mo{b}_i=((x_i,y_i),v_i,d_i)$ represents the mobile features of the user, where $(x_i,y_i)$ represents the user location, $v_i$ represents the user speed, and $d_i$ represents the user direction. $S\left(Mo{b}_{ij}\right)$ indicates the mobility feature similarity of users $u_i$ and $u_j$, which has a non-negligible impact on the communication group topology of SIoV.

$$S\left(Mo{b}_{ij}\right)=\frac{1}{1+\sqrt{{(\frac{\sqrt{{\left(\right|x_i|-|x_j\left|\right)}^2+{\left(\right|y_i|-|y_j\left|\right)}^2}}{r_{max}})}^2+{(\frac{\sqrt{|v_i{|}^2+|v_j{|}^2-2|v_i\left|\right|v_j|cos\theta }}{2v_{max}})}^2}}$$

(1)

where $(x_i,y_i)$ and $(x_j,y_j)$ represent the location coordinates of users $u_i$ and $u_j$, $r_{max}$ indicates the maximum transmission range, $v_i$ and $v_j$ represent the speed of users $u_i$ and $u_j$, $v_{max}$ denotes the maximum speed, and $\theta$ represents the angle between their moving directions. If $S\left(Mo{b}_{ij}\right)$ is larger, it means that $u_i$ and $u_j$ are more likely to be in the same feature cluster at the next moment, thus improving the stability of communication between users.

(b)

Calculation of user attribute feature similarity.

Assume that user $u_i$ has m attribute features and its personal attribute feature set is $At{t}_i=\left\{(A_1,A_2,A_3,\dots ,A_m)\right\}$. Similarly, user $u_j$ has n attribute features, and its personal attribute feature set is $At{t}_j=\left\{(A_1,A_2,A_3,\dots ,A_n)\right\}$. Here, $At{t}_i\left(A_k\right)$ and $At{t}_j\left(A_k\right)$ represent the k-th attribute feature of users $u_i$ and $u_j$, respectively, while $R_{A_k}=At{t}_i\cap At{t}_j$ represents the common attribute feature set of $u_i$ and $u_j$. The more common features between users, the greater the degree of trust between users. The coincidence degree of static attribute features between users $u_i$ and $u_j$ can be calculated as:

$$D\left(At{t}_{A_k}(i,j)\right)=\frac{R_{A_k}}{At{t}_i\cup At{t}_j}$$

(2)

Next, the attribute feature similarity between users $u_i$ and $u_j$ is calculated as follows:

$$S\left(At{t}_{ij}\right)=\sum _{k=1}^{K}D\left(At{t}_{A_k}(i,j)\right)·{\partial }_{ij}^{A_k}(i,j)$$

(3)

Here, K is the common number of attribute features between users $u_i$ and $u_j$, ${\partial }_{ij}^{A_k}$ indicates the public attribute parameter. If $u_i$ and $u_j$ have the same attribute values, ${\partial }_{ij}^{A_k}=1$; otherwise, ${\partial }_{ij}^{A_k}=0$.

(c)

Calculation of user interaction feature similarity.

This paper analyzes user interaction features to calculate the interaction feature similarity $S\left(In{t}_{ij}\right)$ between $u_i$ and $u_j$, which is restricted by the communication intensity $St\left(In{t}_{ij}\right)$ and the data transmission limit $Ld\left(In{t}_{ij}\right)$. $St\left(In{t}_{ij}\right)$ and $Ld\left(In{t}_{ij}\right)$ are calculated as follows:

$$St\left(In{t}_{ij}\right)=\frac{{\beta }_{ij}}{\sqrt{N_i·N_j}}·Sp\left(In{t}_{ij}[t,t+\Delta T]\right)$$

(4)

$$Ld\left(In{t}_{ij}\right)=\frac{T_i^k}{T_{ij}}$$

(5)

Here, $N_i$ and $N_j$ represent the data transmission times of users $u_i$ and $u_j$, respectively, ${\beta }_{ij}=\frac{{\sum }_{N_{ij}}{T}_{ij}}{T_i+T_j}$ represents the ratio of the transmission duration ${\sum }_{N_{ij}}{T}_{ij}$ to the overall transmission duration of users $u_i$ and $u_j$. $Sp\left(In{t}_{ij}[t,t+\Delta T]\right)$ represents the communication span between users $u_i$ and $u_j$, reflecting whether the two vehicles have continuous data transmission. If $N_{ij}\ne 0$, the value is $e^{(1+N_{ij})}$, where $N_{ij}$ represents the total number of interactions between users $u_i$ and $u_j$. Otherwise, the value is 1; $T_{ij}$ indicates the contact duration between users $u_i$ and $u_j$, $T_i^k$ is the time for user $u_i$ to transmit a certain type of data. The interaction feature similarity is determined by the communication intensity and the data transmission limit; its calculation formula is as follows:

$$S\left(In{t}_{ij}\right)=\frac{e^{1+St\left(In{t}_{ij}\right)}}{1+arctanLd\left(In{t}_{ij}\right)}$$

(6)

Therefore, the feature similarity $S\left(In{t}_{ij}\right)$ between vehicles $u_i$ and $u_j$ can be calculated by Formula (7).

$$S\left(Fe{a}_{ij}\right)=S\left(In{t}_{ij}\right)·e^{S\left(At{t}_{ij}\right)·S\left(Mo{b}_{ij}\right)}$$

(7)

The management center sends feature cluster joining requests to other users that meet the threshold of $S\left(In{t}_{ij}\right)$ and waits for user confirmation. After receiving the confirmation message from the user, the management center adds these users and the request user to the same feature cluster.

4.2. Data Encryption

The management center builds a feature cluster by including all users who meet the feature similarity threshold and distributes a response message $Me{s}_{Se{s}_i}$ to the users in the cluster.

$$Me{s}_{Se{s}_i}=\{Se{s}_i,\omega ,G_{Se{s}_i},P{K}_{Se{s}_i}\}$$

(8)

Here, $Se{s}_i$ indicates the feature cluster identifier, $\omega$ represents the shared key, $G_{Se{s}_i}=\{PS{E}_1,PS{E}_2,PS{E}_3,\dots ,PS{E}_g\}$ is the list of users in the feature cluster and $P{K}_{Se{s}_i}=\{P{K}_1,P{K}_2,P{K}_3,\dots ,P{K}_g\}$ is the list of user public keys in the feature cluster.

Due to the immutable nature of the blockchain, the data deployed on the blockchain are immutable. Therefore, we combine a consortium blockchain with feature clusters, which can effectively resist internal attacks in feature clusters. The specific implementation process is as follows: When vehicle $u_i$ wants to broadcast transmission data to other members of the feature clusters, uploading the transmission data $T{B}_i$ to the consortium blockchain through the consortium blockchain nodes for recipient verification is required. Before the transmission data are stored, the consortium blockchain needs to undergo a consensus process to ensure that the nodes in the consortium blockchain have a coherent and recognized view of the whole ledger.

$$T{B}_i=\{PS{E}_i,Dat{a}_{Se{s}_i},h_k^1\left(Dat{a}_{Se{s}_i}\right),P{K}_i,Sig{n}_{S{K}_i}(Dat{a}_{Se{s}_i}\left|\right|t_i\left)\right\}$$

(9)

Here, $PS{E}_i$ represents the user pseudonym, $h_k^1\left(Dat{a}_{Se{s}_i}\right)$ represents the hash value of the transmission data $Dat{a}_{Se{s}_i}$, $P{K}_i$ represents the user public key, $Sig{n}_{S{K}_i}(Dat{a}_{Se{s}_i}\left|\right|t_i)$ represents the user’s digital signature, and $t_i$ represents the timestamp.

Compared to other consensus mechanisms [48], the practical Byzantine fault tolerance (PBFT) consensus mechanism has significant advantages in terms of high efficiency, expansibility, fault tolerance, and energy efficiency [49]. Therefore, we intend to adopt PBFT as the consensus mechanism for the consortium blockchain. The consensus process mainly includes four steps:

(1) Pre-prepare step: The primary management center collects the transmission data from different senders in the feature cluster and integrates them to generate a data block. Then, the primary management center generates a pre-prepare certificate and sends it to other slave management centers for verification. The pre-prepare certificate contains the block, timestamp, and digital signature of the primary management center.

(2) Prepare step: After receiving the pre-prepare certificate, slave management centers in the consortium blockchain enter the prepare step. Then, each slave management center verifies the format and validity of the data block in the pre-prepare certificate and uses the private key to sign the audit result digitally. Finally, the slave management center sends the certificate with the audit result to other management centers.

(3) Commit step: After receiving all certificates from the slave management center, the primary management center authenticates the certificates one by one and sends the verification result to other slave management centers. When a management center receives more than $2f+1$ responses that pass authentication, it indicates that the information in the certificate has been widely agreed, where f represents the number of malicious nodes in the consortium blockchain. Then, the management center enters the commit step and broadcasts it to the entire network.

(4) Primary management center feedback step: If more than $2f$ management centers enter the commit step, the authentication succeeds. Then the primary management center will feed back the result to other slave management centers and add the block verified in this consensus to the end of the consortium blockchain. Finally, this consensus process is completed.

Once the transmission data of the sender in the feature cluster is stored in the consortium blockchain, it can broadcast the transmission data to other users in the feature cluster. Before the broadcast, $u_i$ needs to calculate $M=E_{\omega }(PS{E}_i,Dat{a}_{Se{s}_i},Sig{n}_{S{K}_i}(Dat{a}_{Se{s}_i}\left|\right|t_i),t_i)$ and $D=Se{s}_i\oplus h_k^1(\omega \oplus t_i)$. Then it broadcasts the transmission message $R=\{D,M\}$ to other users in the feature cluster. When vehicle $v_j$ in the feature cluster receives this message, it first computes $Se{s}_i\oplus D$ to obtain $h_k^1(\omega \oplus t_i)$ and further calculates ${t_i}^{\prime }=h_k^1(\omega \oplus t_i)\oplus \omega$. If ${t_i}^{{}^{\prime }}\ne t_i$, it means that the transmitted data have expired and the receiver will discard it. Otherwise, it decrypts the ciphertext M with the shared key $\omega$ and uses $P{K}_i$ to verify the signature $Sig{n}_{S{K}_i}(Dat{a}_{Se{s}_i}\left|\right|t_i)$ for ensuring sender reliability. Finally, $v_j$ compares the received transmission data with the data in the consortium blockchain. If so, the transmitted data have not been changed and can be safely received. Otherwise, $v_j$ will discard this message.

4.3. Feature Cluster Updating

When a new user joins or leaves the cluster, the $M{C}_k$ updates the random number key in a timely fashion and distributes the key to all members. Users in the cluster use the new key to encrypt and decrypt data, ensuring the reliability of data transmission and protecting the user’s location privacy. The pseudo-code of the communication key updating algorithm is presented in Algorithm 1, and the update process is as follows:

(1) If the shared key has expired without any change in the cluster members, the $M{C}_k$ selects a new random number as the shared key and sends it to all cluster members. The cluster members encrypt the multimedia data according to the new shared key.

(2) If old members leave or new members join, the $M{C}_k$ updates the cluster member and selects a new shared key to send to all members in the cluster.

Algorithm 1 Communication key updating algorithm pseudo-code

Input: Change of feature cluster members; Output: New key ${\omega }_1$; 1: if $\omega$ expires then 2:     $M{C}_k$ randomly generates a new key ${\omega }_1$ and distributes it to all users; 3:     if old members leave or new members join then 4:          $M{C}_k$ selects a new key ${\omega }_1$ and distributes it to all users in the feature cluster; 5:     end if 6: end if

5. Security Analysis

This section proves that the method can meet the security requirements presented in Section 3.3. In addition, we also provide the critical industrial significance of this method in the construction of the smart city.

(1) Identity privacy protection: Request user $u_i$ sends a feature cluster construction request to the management center. After authenticating the user, the management generates the pseudonym $PS{E}_i$ and a public–private key pair $(P{K}_i,S{K}_i)$ for $u_i$. In addition, $u_i$ uses the pseudonym $PS{E}_i$ instead of $I{D}_i$ to transmit data in the cluster so that the sender’s identity cannot be identified by other users in the feature cluster.

(2) Communication security: The user $u_i$ broadcasts the transmission message $R=\{D,M\}$ to other users in the feature cluster. The shared key $\omega$ of the feature cluster is used to encrypt D, which effectively prevents users outside the feature cluster from decrypting it. In addition, the receiver $u_j$ in the feature cluster can effectively avoid the replay attack in the feature cluster by comparing ${t_i}^{\prime }$ and $t_i$.

(3) Feature cluster security: The management center sends the feature cluster identifier $Se{s}_i$ and shared key $\omega$ to users in the same feature cluster to realize the access control of the feature cluster. When the vehicle leaves the feature cluster, the management center updates the random number key ${\omega }_1$ and distributes it to all users in the cluster. It effectively prevents privacy leakage caused by data transmission in the continuous receiving cluster.

(4) Data integrity: To ensure the integrity and security of the transmission data in the feature cluster, a blockchain structure is introduced. The sender is required to upload the transmission data to the blockchain in the form of transaction bills as evidence. When other users in the feature cluster receive the transmitted data from the sender, they compare it with the transmitted data in the blockchain to verify whether the transmitted data had been tampered with.

6. Time Complexity Analysis

In the process of vehicle registration, due to the relatively simple calculations and communication operations involved in the management center, we mainly considered the two stages of feature cluster construction and consortium blockchain consensus when analyzing the time complexity of the proposed method. The specific analysis process is as follows: Firstly, we assume that there are S users in the coverage range of a management center in the system, among which, N users are requesting users. Then, the management center calculates the feature similarity with other $S-1$ users based on the vehicle movements, attributes, and interaction characteristics. At this time, the time complexity of the system is $O\left(N\right(S-1\left)\right)$. After the feature similarity calculation is complete, the management center sends the request to join feature clusters to P users who meet the demand of constructing feature clusters and waits for the users to join. In this case, since the management center needs to send a feature cluster addition request to each user, the time complexity of the system is $O\left(P\right)$. Finally, before the data can be transmitted, the sender in the feature cluster must upload the transmitted data to the consortium blockchain for verification by the receiver. At this point, the consortium blockchain node needs to perform a consensus process on the transmitted data of the requesting user. The time complexity is $O\left(M^2\right)$, where M is the number of nodes of the consortium blockchain. Therefore, the total time complexity of this method is $O(N(S-1)+P+M^2)$, which is affected by the number of management centers and users within its coverage.

7. Simulation and Results Analysis

The simulation experiments conducted herein were conducted using the Veins 4.6 environment. Veins connects OMNeT++ and SUMO to realize the real-time simulation of the user’s driving status and social behavior. The simulation results of each set of experiments are the average of the multiple simulation runs. Detailed parameter settings of the simulation environment are shown in

Table 3. Detailed parameter settings of the simulation environment.

Parameters	Values
Simulation time	30 mins
Vehicle speed	0–45 km/h
Simulation area	2000 m × 2000 m
Message transmission rate	7 Mbit·s−1
Number of vehicles	50–450
Number of management centers	60
Vehicle communication protocol	802.11 p
Number of feature clusters	0–50

.

7.1. Secure Transmission Metrics

In this paper, the confusion matrix and message exposure rate are taken as indicators to measure the degree of secure data transmission provided by the proposed method, and the running time and transmission accuracy rate are used to evaluate the stability and effectiveness of the proposed method. Specific definitions are as follows:

(1)

Confusion matrix.

The confusion matrix is represented by a matrix with n rows and n columns. Each column of the confusion matrix represents the predicted category (trusted user and malicious user), and each row represents the true category (trusted user and malicious user). The value on the main diagonal in the confusion matrix is the number of accurately identified user types. In contrast, the value of other coordinates is the number of incorrectly identified user types. In order to evaluate the performance of the proposed method in terms of user selection, we use the following evaluation metrics: accuracy ($AC$), $AC=\frac{TP + TN}{TN + FN + TP + FP}$, precision ($PR$), $PR=\frac{TP}{TP + FP}$, and recall ($DR$), $DR=\frac{TP}{FN + TP}$ [50].

(2)

Message exposure rate.

The message exposure rate refers to the probability that an attacker can accurately identify a user message from among numerous messages. The calculation formula of the message exposure rate is as follows:

$$P_e=\frac{I_a}{I}$$

(10)

Here, $I_a$ represents the number of messages exposed by users after employing the location privacy protection method, while I represents all messages in the user’s social process. The greater the degree of message confusion, the greater the uncertainty of messages among users, and the higher the degree of user location privacy protection; conversely, less message confusion results in a lower degree of user location privacy protection.

(3)

Running time.

Running time refers to the time required during the operation of the proposed method. The shorter the running time, the better the running efficiency, and the smaller the communication cost.

(4)

Transmission accuracy rate.

Transmission accuracy rate refers to the ratio of data transmission before and after using the location privacy protection method. It can detect the influence of the proposed method on the accuracy of the transmitted data. The data transmission accuracy will have a certain impact on the decision-making behavior of the receiving end user, and can even cause security issues. Therefore, while protecting location privacy, it is necessary to ensure that the accuracy of transmission between users is as high as possible in order to avoid security problems. The calculation formula for transmission accuracy is as follows:

$$R_L=\frac{B_a}{B_b}$$

(11)

Here, $B_b$ and $B_a$, respectively, represent the amount of data accurately transmitted by users before and after using this method, while $R_L$ indicates the impact of the location privacy protection method on the transmission accuracy rate of the user. The higher the transmission accuracy rate, the better the performance of the privacy protection method.

7.2. Results Analysis

We use the confusion matrix and message exposure rate to evaluate the degree of secure data transmission of the proposed method. In addition, to verify the effectiveness and stability of the proposed method, we compare our proposed approach with the PPAKA [29] and the SASMDT [19] in terms of the running time and transmission accuracy rate.

Figure 3 compares the confusion matrix before and after using this method. As shown in Figure 3a, when the feature selection method is not used, the user identification accuracy is 0.58, the precision is 0.55, and the recall rate is 0.85. The confusion matrix in Figure 3b shows the user selection results when the feature selection method is used. According to the data in Figure 3b, we can see that this method’s user identification accuracy, precision, and recall rate are 0.82, 0.86, and 0.83, respectively. Compared with Figure 3a, the user identification accuracy and precision in Figure 3b are improved by 0.24 and 0.31, respectively, and the recall rate remains basically unchanged. Therefore, our method has good performance in selecting trusted users.

Figure 4 plots the change in the message exposure rate. It can be seen from Figure 4a that with the increase of users, the message exposure rate of the three methods gradually increases. When the number of users is between 40 and 50, the message exposure rate of FC-SDTM is significantly lower than that of other methods. This is because when the number of users increases gradually, FC-SDTM can select more reliable users for the feature cluster by considering the mobile features, attribute features, and interaction features of users, thus reducing the message exposure rate. Figure 4b shows the impact of user similarity on the message exposure rate. When the user similarity is between 0.75 and 0.95, the message exposure rate of the three methods decreases significantly. However, PPAKA does not consider the similarity of users in the selection process of social users, so this method has the highest message exposure rate. Compared to SASMDT, FC-SDTM analyzes the triple similarity of users and enhances the trust relationship between users, so the message exposure rate is the lowest. It can be seen from Figure 4c that the message exposure rate of the three methods increases with the proportion of malicious users. For FC-SDTM, it can resist both external and internal attacks through random number keys and blockchain, so it has the lowest message exposure rate. Compared with PPAKA, SASMDT builds group keys based on user attributes, which improves the trust relationship between group users to a certain extent. Therefore, SASMDT has a lower message exposure rate than PPAKA.

Figure 5 shows the effect of the number of users, user similarity, and proportion of malicious users on the running time. As can be seen from Figure 5a, when the number of users ranges from 10 to 20, the running time of the three methods for encrypting the transmitted data using random number keys and complex group keys has little difference. However, as the number of users increases, the FC-SDTM method shows the best performance in the running. The reasons are: (1) The FC-SDTM method uses a random number key to encrypt and decrypt transmitted data. The key generation process is simple, and users do not need complex encryption and decryption processes, so the system’s running time is reduced. (2) The FC-SDTM method uses the PBFT consensus process to accelerate the consensus process of the consortium blockchain, thereby reducing the uptime of the system. The SASMDT method requires the generation of group keys based on user attributes, and the PPAKA method requires the generation of keys based on the order of D2D users, so these two methods have longer running times. As seen from Figure 5b, the running time of the three methods gradually decreases with the increase of user similarity. At the same time, FC-SDTM can quickly establish feature clusters under high user similarity, so the running time is the lowest. As seen from Figure 5c, as the proportion of malicious users increases, the time required for the three methods to select reliable users for data transmission increases. Among them, PPAKA ignores the similarity of users in the selection process of social users, and establishing communication links with unreliable social users will increase the system’s running time. However, FC-SDTM and SASMDT methods select social users based on user similarity, which reduces the probability of communicating with unreliable users and has the shortest running time.

Figure 6 compares the transmission accuracy rate of the three methods. It can be seen from Figure 6a that the transmission accuracy rate of FC-SDTM is significantly higher than that of other methods, and the transmission accuracy rate gradually becomes stable when the number of users exceeds 25. This is because as the number of users increases, FC-SDTM can select more reliable social users with similar transmission capabilities through feature similarity, thus increasing the accuracy of data transmission between users. In addition, due to the immutability of the consortium blockchain, the use of the consortium blockchain to store the transmitted data of the sender also further improves the accuracy of data transmission between users. Figure 6b shows that with the increase in user similarity, the transmission accuracy rates of SASMDT and FC-SDTM gradually improve. In addition, FC-SDTM introduces blockchain in the data transmission process, so the transmission accuracy rate of FC-SDTM is higher than that of SASMDT. At the same time, the transmission accuracy rate of PPAKA remains unchanged. This is because, compared with the other two methods, PPAKA does not consider user similarity in the selection process of social users. Hence, the change in user similarity has little impact on the transmission accuracy rate of PPAKA. As seen from Figure 6c, the transmission accuracy rate of the three methods decreases as the proportion of malicious users increases. When the proportion of malicious users ranges from 0 to 0.5, the transmission accuracy rate of FC-SDTM changes the least because it effectively reduces the probability of malicious users entering the feature cluster through feature similarity. In addition, FC-SDTM considers the communication ability of users during the construction of feature clusters, thus further improving the transmission accuracy rate.

8. Conclusions

In order to ensure secure and reliable data transmission between users in SIoV, this paper proposes a secure data transmission method based on feature clusters. More specifically, this method calculates user feature similarity in the management center and assigns users with high similarity to feature clusters. In addition, before sending the transmitted data, users in the feature cluster need to transmit the transmitted data to the consortium blockchain to ensure that the recipient can verify the integrity and security of the transmitted data. The simulation experiment results show that the method proposed in this paper achieves good performance in the four selected metrics (confusion matrix, message exposure rate, running time, and transmission accuracy rate).

However, with the increase in vehicle traffic density, the management center will receive more vehicle property information and registration requests, bringing huge storage overhead and computing costs to the management center. To solve this problem, we will consider introducing fog computing architecture in the future. Fog computing architecture allows the management center to move computing and storage tasks to edge nodes closer to users. This not only reduces the data transmission delay but also reduces the burden on the management center.