The Security Perspectives of Vehicular Networks: A Taxonomical Analysis of Attacks and Solutions

: Vehicular networks are the combination of transport systems and the internet systems formed with the main motive to increase the safety of passengers, although non-safety applications are also provided by vehicular networks. Internet of Things (IoT) has a subsection called Mobile Ad hoc Network (MANET)m which in turn has a subsection called Vehicular Ad hoc Network (VANET). Internet of Energy (IoE) is a new domain that is formed using electric vehicles connected with VANETs. As a large number of transport systems are coming into operation and various pervasive applications are designed to handle such networks, the increasing number of attacks in this domain is also creating threats. As IoE is connected to VANETs extension with electric cars, the future of VANETs can be a question if security measures are not signiﬁcant. The present survey is an attempt to cover various attack types on vehicular networks with existing security solutions available to handle these attacks. This study will help researchers in getting in-depth information about the taxonomy of vehicular network security issues which can be explored further to design innovative solutions. This knowledge will also be helpful for new research directions, which in turn will help in the formulation of new strategies to handle attacks in a much better way.


Introduction
Intelligent Transport System (ITS) is the present and future of vehicular communications. It is a framework that incorporates various innovative technologies in the classical transport system to make it smarter, safer, convenient, and congestion-free [1]. A similar motive is behind the formation of Vehicular Ad hoc Networks (VANETs) where communication takes place among vehicles and various other units of the infrastructure [2,3]. Initially, VANETs were used for communication among cars with the help of roadside units. Later, this communication level extended to connect other vehicles and units such as pedestrians and grids. At present, these networks are deployed in the metropolitan cities only to provide information about accidents, tolls, parking areas, and charging spots. Another motivation for the formation of these networks is to establish communication among all vehicles and the global classical network, i.e., the internet that connects VANET applications with the other users.
VANETs can be described as a hierarchy shown in Figure 1. It represents the relationship of the Internet of Things (IoT) with VANETs. It indicates that VANET is a sub-type of the IoTs and also adopts various attributes of IoTs and MANETs. With the rise in the availability of internet facilities and its speed, it is now possible to connect the devices that would not be possible earlier. Electric Vehicles (EVs) are also an important part of these vehicular networks. These vehicles can communicate with smart grids and charging spots. Vehicles having surplus electricity may pass to smart grids through charging spots (aggregators) [4]. This way a pool of energy from all the vehicles is created which can serve other vehicles. This creates a network of energy called the Internet of Energy (IoE) [5].
Not only vehicles are connected in IoE, but other appliances are also connected to it that use energy. IoE is also connected with the solar panels for the energy storage process for futuristic IoTs. The sustainable development of the technology has produced EVs. IoE is well connected with these EVs. In the future, most vehicles will be electric and this will use facilities provided by IoE. EVs, IoE, and vehicular networks are now closely coupled with each other, and this combination is exploring further possibilities.

Motivation and Contribution
VANETs and smart vehicles are connected to each other. The future of smart vehicles also urges the electric vehicles to connect in VANETs. Therefore, IoTs, VANETs, and IoE are closely connected. Rigorous research is going on these fields with the increasing demand of smart applications, seamless multimedia transfers, smart navigation, and others. This motivates us for the present study. Therefore, in this survey, we accumulate almost all the types of research dimensions related to VANETs. We provide a preliminary understanding of VANETs for the naive readers to trigger an interest in this domain. Further, we discuss various attacks on VANETs and also show different researched solutions to prevent such attacks. In a nutshell, this survey provides a pathway for understanding the research status in VANETs. We compare our survey with the existing surveys, and we find it complete in discussing the multi-dimensions of VANETs security attacks and solutions. We also note some important factors of VANETs for future research.
We have also compared our survey with the existing surveys in the literature. We have shown this comparison in the latter part of the survey. We have observed that, though there are various useful taxonomies in use, the complete classification as in our present survey is different from theirs. Moreover, the connection of EVs and IoE in the survey is a new direction in this survey. Our open research problems are also connected with the same. Therefore, our present survey is oriented for futuristic VANET development.

Organization
Section 2 explains some basic architectural knowledge, modules and applications, features, and security requirements of VANETs. Section 3 shows the taxonomy of the attacks on VANETs. Section 4 shows various solutions existing in the literature for vehicular networks. It provides a taxonomical classification of the solutions and also notifies the gaps in the existing solutions. We also compare our study with the existing surveys in this section. Section 5 shows some open research problems to motivate the research community in this direction and to enrich the domain with upcoming significant solutions. Finally, Section 6 concludes the survey.

Preliminary Understanding of VANETs
In this section, we initialize our discussion with the architecture of VANETs followed by the applications, features, and futuristic deployment.

Architecture of VANETs
The architecture of VANET can be described based on the components [6]. A generic VANET architecture is illustrated in Figure 2. It demonstrates various components and parties involved in a VANET and also shows communication techniques. VANETs are made up of many components like vehicles (electric and nonelectric), on-board units of vehicles, roadside units, and pedestrians, communication channels like Dedicated Short Range Communication (DSRC), cellular networks, and charging grids of electric vehicles [7][8][9]. Two types of communication can be observed in VANETs: Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I), and reversely, Infrastructure-to-Vehicle (I2V). Infrastructure-to-Infrastructure (I2I) communication takes place among roadside units and also with base stations. They use the internet as a backbone. To distribute the credentials or keys, trusted authorities also use this communication type. The components of the architecture are shown in Figure 3.  Mobile component: All vehicles like cars, jeeps, trucks, buses, motorcycles, and pedestrians fall in this category. It also includes all those components or devices which are carried by passengers and those components which remain in the vehicle. Examples of these components and devices are on-board units, Personal Digital Assistant (PDA), navigation devices such as Global Positioning System (GPS), laptops, and smart mobile phones, etc.
Application Unit: It is the front end of the driver module. It is an application that is either provided by the manufacturer of the On-Board Unit (OBU), or it may be obtained from an external source. For example, in the case of PDA, applications may be downloaded from various resources using cloud applications.
Onboard Unit: An Onboard Unit (OBU) is a device that is placed in the vehicle used for communication with other vehicles using various communication technologies. It can also communicate with infrastructural components or Road-Side Units (RSUs) such as traffic lights, charging spots of electric vehicles, and trusted authority. For this, it may use some other mechanism of communication like 3G, LTE, VoLTE, or 4G networks. OBU further consists of multiple components like sensors, storage, GPS, a processor, and an interface for communication. Other components that may be used here are a Tamper-Proof Device (TPD) [10], event data recorder (EDR) [11], and GPS receiver [12]. OBUs are designed to consume less power so that the vehicles' functions can be executed smoothly.
Infrastructural components: These components don't move, but play important role in network communication. Some components are placed on the roads and are called the Road-Side Units (RSUs). For example, charging spots, poles, and traffic lights are considered as RSUs.
Road-Side Unit (RSU): These units are configured with antennas, processors, sensors, charging spots, and storage systems. They are generally placed alongside the road, but in many cases, these are also placed in parking areas and sometimes at other locations feasible for communication coverage.
Trusted Authority (TA): To implement security in VANETs, there is always a need for a trusted authority which handles the security issues. A trusted authority (TA) is a centralized or decentralized authority responsible for various activities like registration of vehicle users, OBUs, and RSUs [13,14]. These authorities are located in such a place where all the traffic is easily manageable. TAs have systems with high computational power, large storage capacity, and consume large amounts of power without any interruption. All these systems form the central infrastructure of the VANETs. These TAs can observe data traffic flowing in between various vehicles and can identify any suspicious activity. Various types of attacks may also be identified and stopped by taking appropriate action like removing a malicious node or stopping traffic from that malicious node. Different types of cryptographic keys are also initiated by these TAs.

•
Safety applications [27]: Safety applications include all those services which ensure the safety of vehicles and passengers traveling in these vehicles. Collision detection systems, real-time traffic information, and finding congestion-free paths are some of the services in this category. • Comfort applications [28]: These applications are used for entertainment of the drivers and passengers in the vehicles such as audio and video facilities, and even gaming applications. On tolls, payment may be collected electronically, which saves time and fuel of customers and also saves the time of toll collectors. In big cities, parking is a big challenge, but with the help of VANET-based applications, it is easy to identify parking locations using VANET communications. • Commercial applications [29]: Vehicles can download personalized settings of vehicles using the internet. Many companies use VANETs for providing security for rented cabs/vehicles. Commercial advertisements are used by companies to attract customers who are general drivers of vehicles. These advertisements may relate to restaurants, petrol pumps, hotels, etc. • Environmental applications [30]: These applications use many sensors to get information from the environment, which proves beneficial to travelers. Vehicles may get information related to weather, and based on this information, traveling-related decisions are taken. For example, applications may suggest not using a path which may have snowfall, rainfall, or storm-like condition.

Features of VANETs
Security is important for all networks, but it is considered more crucial in VANETs, as it is related to human lives by providing congestion and the collision-free path to ambulances and vehicles. Various features of VANETs include the following [31,32].

•
Centralized security system: In VANETs, a centralized security system is used, which is responsible for the implementation of security among all the nodes. Generally, servers are used for this. Packets are not monitored or rarely monitored in ad hoc networks, which make it more insecure. In these networks, either no security-protocol is used or used at very few occasions that make it more vulnerable to attacks.
• Time constraint: In critical situations, messages need to be forwarded within a specified time, otherwise collision cannot be avoided. On the other hand, the authenticity of these messages needs verification, which may lead to extra delays. Time constraint specifies that secure and authentic messages should be forwarded within a specified time. • Shared broadcast channel: VANET is a wireless network that uses broadcast for transmission. Therefore, it is very easy for hackers to get the information traveling in these networks.

•
Volatility and no fixed topology: Vehicles never move at the same speed and in the same direction, so it is not possible to maintain a network for a very long period. It is a short-lived communication network where an attacker may launch an attack and move from its location and escape. Moving vehicles leads to another issue of no fixed topology of the network. Without topology, routing becomes a difficult process to be implemented. Routes are frequently reconfigured, which increases routing overheads. • Infrastructure less: VANET is an ad hoc network, and all the ad hoc networks do not contain any infrastructure. Although V2I communication considers RSUs and TAs as infrastructure, but still major infrastructure components like routers and servers are not used. Therefore, a trust relationship should be established among vehicles using reputation management systems. Other important features are Quality of Service (QoS), authentication, repudiation, scalability, heterogeneity, and multi-hop connection, etc.

Future of Vehicular Networks
Vehicular networks have the potential to safeguard the lives of millions of people all over the world. It can be implemented by all the developing countries and in all metropolitan cities of developed countries. It is expected that 64% of people of developing countries and 86% of people of developed countries will shift in urban areas by 2050 [33]. This increase in the population of urban areas will lead to an increase in traffic which may completely shut down the entire transport system if traffic will be regulated in an unmounted way. ITS with VANETs will surely replace the existing transport system and lots of advanced technologies and features will be included in it. Many countries have deployed various types of cameras and sensors at various locations for traffic regulations, e.g., cameras can find persons using mobile phones while driving. Moreover, in case of vehicle theft cases these cameras can immediately inform about their location after reading the number plate. In this way, the electric vehicles are also becoming part of IoTs [34]. Electric vehicles and automatic vehicles are going to play an important role in future vehicular networks. Many countries already have electric vehicle transport policies and many are considering them. Petrol pumps are also incorporating charging spots, and offices are also deploying these charging spots on their premises [35]. These vehicles can work in bidirectional mode by giving the electricity back to the electric grid with a good price [36]. For the sustainable growth of the world environment, these vehicles are going to be the soul of VANETs.

Security Requirements in Vehicular Networks
Security requirement specifies the attributes that should exist in any security solution. After observing various security aspects of VANET, services which are required by VANETs are discussed below [37,38].
Confidentiality: It is the process of making information visible only to those persons for whom this information is generated, and for other people it remains hidden. Sensitive information always requires confidentiality.
Integrity: It means receiving the same information that was sent by the sender. Information sent by the sender may be hacked in between, and may be re-transmitted after the alteration.
Availability: Requested services and resources should be always available to legitimate users whenever they require it.
Non-repudiation: It provides a kind of surety that data received by the receiver is sent by a genuine user and initiated from a protected source. It also makes sure that the integrity of data is also maintained.
Authentication: It ensures only authentic users are accessing that information or service, and only that section that belongs to them or for which they are authorized.
Authorization: It defines the kind and extent of information accessible by a particular user. In this, it is decided how much information may be accessed by the user, for what duration, and what other services the user can access.
Accounting: It means observing user activities and maintaining the record of it, like active time for which the user has used resources and services, and other relevant statistics. It is implemented using log files.
ID traceability: In this process, real identities of vehicles are identified, which locates the real source of the message [39]. In normal circumstances, these IDs are used to refer to the original sender and receiver.
Revocability: When any vehicle misbehaves in the network, central authority may revoke its certification and de-register it from the network. In this process, malicious nodes are removed from the network [40].
Liability identification: It is based on the non-repudiation service, which makes drivers liable for the mistakes they have made (if any).
Real-time Constraints: Vehicular information should always be delivered in real-time for better performance. Any kind of delay may lead to serious consequences [41].

Classification of Attacks in VANETs
Many informational attacks are launched against the vehicles and smart grids [37]. These networks are less secure because of no or minimum-security standards maintained for them. Various types of attacks are launched on the different layers of the network. These attacks may be categorized based on the security service which targets integrity, confidentiality, or availability [38]. It is necessary to understand the nature of the attack and the attacker with the motive behind the attacks. We have classified the VANET security attacks based on security services, attacker types, VANET layers, and VANET components.

Classification Based on Security Services
• Attacks on confidentiality: When the information is exchanged between vehicles, various solutions like public keys and certificates are used to encrypt the information and make it confidential. Still, attackers launch various kinds of attacks on the confidentiality of information using novel attack methods. Some common and popular attacks launched on the confidentiality of information include man-in-the-middle attack, traffic analysis attack, social attack, and eavesdropping attack. • Attacks on data integrity: With the help of integrity, it is made sure that the information transferred is not modified, delayed, or deleted during the transmission process. Attacks that may be launched against this security service include masquerading attack, replay attack, message tampering attack, and illusion attack. • Attacks on availability: Availability defines that all the information should be available to legitimate users when they require it. If data is not available to the right person at the right time, then it means vehicular networks are not working efficiently. Attacks that may be launched against this security service include DoS/DDoS, sleep deprivation, jamming attacks, jellyfish attack, intelligent cheater attack, blackhole attack, greyhole attack, greedy behavior attack, spamming attack, etc.
• Attacks on authentication: Authentication is also a significant service that ensures that the information is provided to users after proper cross-checking. This way, with the help of authentication, the share of information that belongs to a specific user is provided to that particular user only. However, still many types of attacks may be launched against authentications include sybil attack, tunneling attack, GPS spoofing, free-riding attack, certificate/key replication attack, etc. • Attacks on non-repudiation: With the help of this service, it ensured that once after sending any particular message, the sender cannot say that he has not sent any message. In case of any dispute, this service provides proof regarding the message sent by the attacker. Repudiation attacks and loss of event are attacks in this category.
Some of the attacks in this category are shown in Table 1.

Classification Based on Attacker Type
In vehicular networks, there may be different kinds of attackers that may launch an attack using different methods [11,66]. VANET attackers may be classified as follows. Basic attacker categories are active and passive attackers. Active attackers are those who actively take part in the attack, while on the other hand, passive attackers, which are considered relatively less harmful, don't participate actively in the attack and just monitor the information. Additionally, we can classify them as internal and external attackers. These attackers are also known as insider and outsider attackers. Internal attackers are part of the network and they have full information about the network, but external attackers are not part of the network and do not have any kind of information about network structure. Another classification can be malicious and rational attackers. Rational attackers are those who launch an attack for the sake of money or some other personal reason like revenge, and malicious attackers on the other hand launch attacks without having any personal benefits. Furthermore, some other categories can also exist. Timing attacker modifies the timing involved in communication or inserts unnecessary delays in the communication [67]. Communication attacker selects a particular type of communication like V2V or V2I as a target and launches an attack against the VANET systems. Area attacker launches an attack on a specific vehicle or set of vehicles or on specific areas with some predetermined objectives.

Classification Based on VANET Layers
Vehicular networks are made up of different layers just like the OSI model [68]. All these layers may also become vulnerable under some attacks. • Application Layer [69]: This layer is responsible for receiving the inputs from the user and forwarding it to further layers. All the application-based attacks try to modify the basic functionalities of this layer. The heterogeneity of VANET modules make it a greater concern to create a security baseline for this layer.  [73].
A list of layer-wise attacks in VANETs is shown in Table 2. We also provide a short and summarized table for attacks in Table 3. It shows that the application layer and network layer of VANETs are more vulnerable.

Classification Based on VANET Components
We can also categorize the VANET attacks based on the components attacked. Three categories exist here. They are as follows.  Table 4.

Attacks on Electric Vehicles
Electric Vehicles (EVs) [85] also play an important role in VANETs because these EVs can communicate with Smart Grids (SG) along with communication with vehicles and infrastructure. The automobile industry is concentrating on electric vehicles because in the future, all the vehicles are going to be electrical. These are not limited to few countries now, these are available across the globe, and these are increasing in numbers. Electric vehicles use smart charging to charge their battery in which data connection is shared by EV and charging device with the charging operator. Electric vehicles may use Grid to Vehicles (G2V) or Vehicle to Grids (V2G) systems for charging. Smart charging is a G2V charging system in which electricity moves in one direction that is from the charging point or grid to the vehicle. However, in the case of V2G charging, electricity moves in both directions. It means when the vehicle battery is low, it may be charged from the V2G point, and when the battery is having surplus electricity, then the V2G point may absorb that surplus electricity. This kind of electricity system works using smart grids [86]. A more advanced system of charging may be used in which smart grids are not used, instead a vehicle to vehicle charging system is used. In this method, vehicles meet at a particular location near to both and where these vehicles exchange electricity [87]. Various assets of electric vehicle which may be targeted by the attackers are access control policies, time, configuration data, software, firmware, and drivers, control commands, clock setting, meter data, tariff data, customer id, and location data, etc. [88]. All these assets are vulnerable to various kinds of threats that also affect other vehicular networks. Various ISO/IEC standards have been defined to provide security for the charging systems and the smart grids. All the attacks which may be launched against other vehicles may also be launched against electric vehicles. In addition to those attacks, many more attacks are possible against infrastructure used for vehicle charging and electricity distribution systems. So, additional security is required in the case of electric vehicles.

Security Solutions
To secure vehicular networks from the above-mentioned security issues, various solutions have been provided with help of different approaches [89,90]. A categorization of these solutions are described in the following subsections.

Identity-Based Solutions for VANETs
Identity-based security solution was first introduced by Adi Shamir in the year 1984, but implemented practically later in 2001 by Boneh and Franklin [90]. In identity (ID) based cryptography solutions, certificates are not used for verification of public keys as these are used in Public Key Infrastructure (PKI). In this system, identity information of an entity is used for generating the public keys. This information is publicly available like name, IP address, email address, etc. This was first used with bilinear pairings on elliptic curves. ID-Based Cryptographic (IBC) solutions are further divided into Identity-Based Encryption (IBE) and Identity Based Signatures (IBS). Some of the important solutions are mentioned here. An ID-based blind signature and ring signature are used in a solution [91]. It uses bilinear pairings for less computational overheads. Signatures are also used with Gap Diffie Hellman (GDH) groups [92]. Bilinear pairings are constructed for Computational Diffie-Hellman problem (CDHP). Small signature size increases the efficiency. Other IDbased ring signatures are used in [93,94]. Pairing computations are used with variable group size. The signature size is less, and therefore, computational complexity is less. Security frameworks based on cryptographic parameters are shown in [95,96]. No extra memory is used to map the pseudonymity. As VANETs are connected with IoE, security solutions are also important for grids. Such a solution is shown in [97]. It uses the Identitybased Key Infrastructure for Grid (IKIG) and uses gentry-Silverberg full HIBE and HIBS schemes. The least cost of computation and communication are the advantages of this solution. Privacy preservation with an ID-based scheme is shown in [98]. It observes a 92% improvement in various factors and also ensures less computation complexity. A solution using Elliptic Curve Cryptography (ECC) is shown in [99]. It uses general one-way hash functions in the process. It provides reduced single signature cost = 0.4438 ms and batch signature cost = 0.442 + 0.0018n ms. A proficient message verification scheme is shown in [100]. It claims for less computational cost as compared to the traditional verification schemes. VANET-based Privacy-Preserving Communication Scheme (VPPCS) is shown in [101]. It uses ECC and ID-based encryption and ensures content and contextual privacy. A summarization of these solutions are listed in Table 5.

Key-Based Solutions for VANETs
This approach is more conventional than the ID-based cryptographic solutions. In this approach, public keys are used, which may be symmetric and asymmetric keys. These solutions are known as Public Key Infrastructure (PKI), but they also use private keys and hash functions as well. The main difference between these solutions and ID-based solutions is the use of certificates [102]. An Authenticated Routing protocol (ARAN) is shown in [103]. It uses certificates of authentication. Simplicity of the protocol make it significant to use in VANETs. Ariadne protocol is introduced in [104]. It uses initial route request timeout, maximum route request timeout, cache size, and cache replacement policy for the security purpose. 41.7% lower packet overhead has been achieved by this protocol. SEAD protocol is shown in [105]. Periodic route update interval, maximum packets buffered per node per destination, hash length (q), periodic updates: these parameters are used for the solution process. It claims to obtain a 95% packet delivery ration, which is very efficient. An explicit VANET oriented protocol is introduced in [44]. It enforces privacy in V2I communication; hence, it is named as Vehicle-to-Infrastructure communication Privacy Enforcement pRotocol (VIPER). It uses G (the group size), n (the message batch size), and p f (the probability of forwarding) for the security solution. VIPER is efficient in terms of low computations, reduced time delays, and less count of initialization messages. Another cryptography solution in this direction is noteworthy [43]. The solution named as Mobile Payment Protocol uses less communication and computation cost, and therefore, it is suitable for VANET applications. The summarization of this research is shown in Table 6.

Trust-Based Solutions for VANETs
In dynamic VANETs condition, many vulnerabilities exist, as we have seen from the previous section. Therefore, it is very hard to make a decision on the parameter of trust, as the VANET environments are dynamic; vehicles can in and out on-the-fly leading to the frequent changes of the networks. However, trust in such networks is very much important and requires thorough development. Different existing trust models in VANETs can be segregated in two halves: data-oriented and entity-oriented. Data-oriented trust models focus on the data used while the communication and entity-oriented trust models focus on the trustworthiness of the drivers of vehicular entities. In [106], a solution for VANETs' security is provided with a trust-based system. It depends upon attack history and attack profiles. It can solve DoS/DDoS attack. Delay, average latency, packet delivery ratio, and energy consumption are considered as parameters. It claims for a detection rate 95.8%, average latency 30s, and packet delivery ratio is 86% in their obtained results. Another trust-based collaborative intrusion detection system is researched by Nandy et al. [107]. It is also able to provide security against DoS/DDoS attacks for availability services. Packet Drop Count (PDC), Packet Transfer Delay (PTD), and Packet Transfer Interval (PTI) are considered for experimentation. Intelligent cheater attacks can atill be launched in such trust-based environments.

Machine Learning and Deep Learning Solutions for VANETs
Among the available solutions for VAENTs, machine learning is well established and is proven to be very beneficial for prediction and analysis of the attacks. The machine learning and deep learning approaches are mostly used in preventing Denial of Service (DoS) and its variants. Various machine learning algorithms such as: Random Forest and Naïve-bayes [108][109][110], Support Vector Machine (SVM) [111][112][113][114], Artificial neural network (ANN) [115], K-clustering [109,116], neuro-fuzzy algorithms [117], decision tree based on features extracted [118], Markov chain integrated with ant-colony optimization [119], DeepVCM using CNN and LSTM [120,121] are used. Besides, some adaptive algorithms are also seen for intrusion detection in VANETs. For example, Heuristic-based adaptive IDS in [122]. Knot flow classification with spline implementation is shown in [123]. All these algorithms' performance are quite significant as they achieve approximately 90% of their accuracy related to their classification and detection of attacks. However, some of the limitations are also observed in these approaches. These solutions are summarized in Table 7.

Hybrid Solutions for VANETs
Hybrid solutions use a combination of techniques to handle various vehicular attacks. Some of these attack solutions are provided in Table 8. Plausibility validation network is shown in [51]. Five sets of rules are used. Entropy-based solution for Distributed Denial of Service (DDoS) detection is shown in [60]. It uses data type and flag values for feature extraction. A secure genetic-based framework for VANETs is researched in [47]. It claims for 86.54% of accuracy in simulation. A mathematical model for security features for VANETs has been derived with features of lost packets, total busy time, total lost packets, etc. [124]. Attack vehicle detection is 100% accurate as claimed by the authors. A non-learning based method with drop-in packets feature is shown in [49]. With various types of vehicles and EV infrastructure, the VANETs are becoming heterogeneous in nature. A solution for such a network is shown based on communication framework with the hybrid information exchange [125]. Its uses waiting time, packet delivery ratio, and overhead analysis for the security measurements. All these algorithms are significant in VANETs, but having some limitations in their applicability or validation. A summarization of such problems and other security features are listed in Table 8.

Solutions for EV Infrastructure
EVs are the part of the vehicular networks and future generation transportation systems; it is necessary to provide security solutions for EV-based vehicular networks. Though the amount of research is less in this direction, some of the significant contribution are mentioned here. A privacy preserving scheme for EVs is researched in [126]. It uses Randomized Anonymous Credentials (RAC). The committed hashchains are used as one of the parameters. Some blockchain-based feasibility in security solutions of EV infrastructure are studied in [127,128]. Spatio-temporal parameters, roles, sessions, and environment of operation have been considered as parameters. A flatness control and rule-based algorithm for EVs are shown in [129]. It uses fuzzy logic to control the system and optimum value. It is more used for energy management in EV infrastructure. Use of lattice-based cryptography and SWIFFT hashing for EV communication is investigated in [130]. The use of lattice cryptography provides the less computational and communication complexity and moreover, the approach is post-quantum attack resistant. Another novel research has been found in this direction of EV-based security by using wavelet decomposition method [131]. A modified SVM is used for stability and proper classification of the security and insecurity of the incidents. The summarization of these solutions are shown in Table 9.

Comparison of Existing Surveys
Various surveys related to vehicular networks and related areas are observed in recent years. Attributes like architectures, attacks, and various solutions are mentioned in those surveys. In Table 10, we have shown the comparison of existing surveys along with our present survey to notify the potentials of our study. It shows that our study covers all the dimensions of the insecurity issues and security provisions, highlighting the significance of our study in the direction of VANETs.

Open Research Problems
VANETs are one of the concerning research domains as it is connected with IoTs and IoEs. The increasing number of vehicles, applications and sophisticated attack processes are making it hard to stabilize the security notions of VANETs. Therefore, with the technology progress, VANETs also require some futuristic developments for secure sustainability. In this section, we discuss some open research problems in a multi-dimensional way as future directions.

•
Dynamic topology: Dynamic topology is an obvious feature of VANETs. When a vehicle sends a message, it passes through several intermediate nodes. The maliciousness of those nodes is always a question due to the ad hoc-ness. Therefore, research must be carried out to map these dynamic topologies in some directed acyclic graph and to compute some reputation system over it depending upon the past behavior or trust score. Another considerable aspect is that we can also try to use distributed ledgers for the transparency of the system transactions in this dynamic topology. • Real-time constraints: The mobility of vehicular networks always has been a challenging issue. The real-time data monitoring, prediction of anomalies with high accuracy, and low false rates always have attracted the research community. Various machine learning and deep learning methods exist for these; however, we should explore more for collaborative learning or federated learning to gather the attack knowledge from the environment adaptive. This would help to detect the zero-day vulnerabilities in VANETs. As VANETs majorly use Dedicated Short-Range Communication (DSRC), the novel futuristic methods must support the short range communication maintaining the QoS of the networks.
• Privacy: Maintaining the privacy of user information is also an important research area. In today's VANETs or ITS, multimedia transmission is another issue. Users always prefer the seamless multimedia data transfer while moving from one place to another. These multimedia are controlled and stored by various clouds and service providers, and therefore, cloud security must be enhanced. On the other way, VANET security can also affect the cloud security. In both the cases, users' privacy must be protected. For example, the GPS-based location in taxi services must not unnecessarily reveal the user's travel behavior to a third party. The information that is sensitive and requires confidentiality, if leaked, may impact organizations by losing its credibility. Even users' personal information stored on a device from which multimedia is getting transferred using a VANET may be misused for financial frauds. Such vulnerabilities must be checked thoroughly, and necessary solutions need to be developed by all the possible stakeholders. • Liability and revocability: It is based on the non-repudiation service which makes drivers liable for the mistakes they have made (if any). There may be vehicle drivers which can disturb the network or may launch some kind of attack. It includes a process of ID traceability in which real identities of vehicles are identified, which also locates the real source of the message. It is a real challenge to find the real attacker or malicious vehicle in the network due to camouflage identities; however, if such messages are detected, the network can be protected with prediction. Moreover, from the drivers' point of view, sentiment analysis of the drivers and the behavioral aspects can also work as attack enablers in VANETs, which needs to be explored further. When an attacker is identified or any vehicle user misbehaves in the network, central authority may revoke its certification and de-register it from the network. In this process, malicious nodes are removed from the network. In trust-based networks, it is very difficult to find the misbehaving node and then revoke the assigned privileges, and therefore, some suitable methods need to be developed. • Safe and economical hardware: Vehicles should be deployed with tamper-proof hardware which will have more security as compared to software issues. These hardware components should be economical and within the budget of all the users. Though this is not directly technically connected, it is for making awareness to the VANET users to always go for validated trusted platforms of security hardware. • Network scale: The increasing number of vehicles in VANETs are a concerning parameter. Many security solutions exist in the literature that are unable to address the scalability of the VANETs. For example, the generic security models use traditional PKIs, which are time consuming as compared to the advanced security provisions. Therefore, the progress of lattice based cryptography should be explored rigorously to enhance the performance of VANET security. The lightweight and less complex methods should be developed to scale the network efficiently. • Information authenticity: In vehicular networks, there are different kinds of attacks in which the attacker may send fake messages using a spoofed identity. So the authenticity of the information is also an important research area. With the increasing number of multimedia forms and the increasing demand of the users, the information authenticity process also faces problems. For example, a user of a vehicle may be interested in some infotainment or it may be a simple document from their google drive; in such cases, different authenticity mechanisms are required, as infotainment requires seamless authentication and continuous availability of data stream. • Jamming: There are various kinds of attacks in which radio interference are used to block the communication. These attacks may be launched against any wireless device. Therefore, it is perfectly suitable for VANETs. Jamming may be further classified into four categories, which are constant, deceptive, random, and reactive. In the existing literature, this jamming problem is less addressed, and therefore, it can be explored further with the new technologies.
• Handling data: With the increase in vehicular networks, it is expected that a massive amount of data will exist in these networks. These data are heterogeneous and distributed in nature and are stored in clouds. This growing amount of data and the size of the vehicular networks will lead to new and unique challenges in handling this data. Therefore, cloud storage security and backup security, and recovery and maintenance, should be some of the concerns to look out for in future ventures. • Access control: VANETs consist of various layers of data communication such as V2V, V2I, or I2V. In each of these communications, proper access control is required. For example, a vehicle running on a road must not be able to access the other vehicle's infotainment system in V2V communication. Similarly, a vehicle must not be able to include its data in EV charging machine or RSUs. Only some controlled access must be allowed. Some decentralized mechanisms of access control and their verifiability must be researched. • Heterogeneity: In vehicular networks, there are different kinds of OBUs, cellular transmitters, sensors, digital audio systems, GPS, etc. Therefore, the data is heterogeneous. A standard security model or the benchmark for VANET security is a missing link. It will be very much beneficial for VANETs to have such a baseline security attempting to detect the anomalies and adapting itself to increase the knowledge base for analysis of new vulnerabilities. • Attacks solution: From the literature, we have observed that DoS/DDoS attacks are the major consideration in VANET security. This is true, as these attacks are executed in all the layers of VANETs and may take various forms. However, the other categories of attacks need to be explored for developing optimized security method. • IoE consideration: The future of VANETs is closely connected with IoE that is connected with power generation units with various resources. The connection of vulnerabilities between VANETs and IoEs must be explored in all possible directions. Appropriate solutions must be developed to mitigate the risk of attacking energy infrastructure through VANET components. • Blockchain aspects: The decentralization and distribute computing is one of the major enablers in the present technologies. Blockchain ensures these features efficiently. Therefore, such blockchain-based solutions can be beneficial for VANET security. The VANET infrastructural components can work in a transparent and decentralized way to account the transactions of data. However, methods should be developed to enhance this feature along with maintaining the required security services.

Conclusions
This survey is an attempt to cover different types of attacks in vehicular networks with security solutions. As an additional feature, we have added the electric vehicles for the future generation transport systems. Various attacks are classified according to attack layers, security services, types of attackers, and types of components targeted providing a multidimensional taxonomy of attacks. Relevant studies related to the solution approaches are compared to identify the advantages and disadvantages. Lastly, the open research problems are accumulated to give a future direction to the researchers in the directions of VANETs.

Data Availability Statement:
No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Conflicts of Interest:
The authors declare no conflict of interest.