Analyzed the data files that I've mentioned about in the previous post. Turns out that Machine Learning is a novel and effective choice for Sybil attack detection in VANETs. Only 10% of the nodes with varying support levels were varied. Details of this work will be soon published as a part of my VANET security survey journal and probably be discussed also in the Sybil Attack Detection Conference paper. Was a good learning experience with Weka for about a week.
Our basic assumption was that the nodes use up all the possible fake IDs it has. For example, if you are a moving vehicle with 10 IDs V1....V10 (and your original ID is V0) that you have fabricated, you are posing as V0, V1,....V10 simultaneously. So if we keep confidence level 1 and perform the analysis, we were able to detect all Sybil nodes without any false positives!!! yayyyy!!!!! that's so exciting and we had our day - but next morning (in this case a couple of weeks later) after couple of cups of coffee (read couple of other brain-storms on independent research issues) we figured out, that's not-only-dumb-but-meaningless assumption. Why would anybody use up all the aces (fake IDs) and shout out loud "look I'm the mischiefer.....catch meeee".....So we started figuring out ways to deal with probabilistic distribution a malicious node might follow to use up fake IDs. That's my Friday night companion tonight........let's see......