Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Towards Safety and Security Co-engineering Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

INCANTA - INtrusion Detection in Controller Area Networks with Time-Covert Authentication

verfasst von : Bogdan Groza, Lucian Popa, Pal-Stefan Murvay

Erschienen in: Security and Safety Interplay of Intelligent Software Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

We explore the use of delays to create a time-covert cryptographic authentication channel on the CAN bus. The use of clock skews has been recently proposed for detecting intrusions on CAN, using similar mechanisms that were previously exploited in computer or mobile networks in the past decade. However, the fine-grained control of timers easily allows controllers to adjust their clock potentially making such mechanisms ineffective as we argue here and was also proved by a recent research work. We exploit this potential shortcoming in a constructive sense, i.e., the accuracy of arrival times on in-vehicle buses and the fine-grained control of timer/counter circuits on automotive controllers allows us to use time as a covert channel to carry cryptographic authentication. Based on this procedure we propose an effective authentication and intrusion detection mechanism that is fully back-ward compatible with legacy implementations on CAN. Our proposal directly applies to any modern in-vehicle bus, e.g., CAN-FD, FlexRay, etc.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel CAN-FD-Sec: Improving Security of CAN-FD Protocol
Nächstes Kapitel Detection of Injection Attacks in Compressed CAN Traffic Logs
Literatur
1.
AUTOSAR: Specification of Secure Onboard Communication, 4.3.1 edn (2017)
2.
Boudguiga, A., Klaudel, W., Boulanger, A., Chiron, P.: A simple intrusion detection method for controller area network. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–7. IEEE (2016)
3.
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium, San Francisco (2011)
4.
Cho, K.-T., Shin, K. G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th USENIX Security Symposium (2016)
5.
Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: VoltageIDS: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forensics Secur. 13(8), 2114–2129 (2018)CrossRef
6.
Cristea, M., Groza, B.: Fingerprinting smartphones remotely via ICMP timestamps. IEEE Commun. Lett. 17(6), 1081–1083 (2013)CrossRef
7.
Giannopoulos, H., Wyglinski, A.M., Chapman, J.: Securing vehicular controller area networks: an approach to active bus-level countermeasures. IEEE Veh. Technol. Mag. 12(4), 60–68 (2017)CrossRef
8.
9.
Groza, B., Murvay, S.: Efficient protocols for secure broadcast in controller area networks. IEEE Trans. Industr. Inf. 9(4), 2034–2042 (2013)CrossRef
10.
Hartkopp, O., Reuber, C., Schilling, R.: MaCAN-message authenticated CAN. In: 10th International Conference on Embedded Security in Cars (ESCAR 2012) (2012)
11.
Hoppe, T., Dittman, J.: Sniffing/replay attacks on can buses: a simulated attack on the electric window lift classified using an adapted cert taxonomy. In: Proceedings of the 2nd Workshop on Embedded Systems Security (WESS), pp. 1–6 (2007)
12.
13.
Kang, M.-J., Kang, J.-W.: Intrusion detection system using deep neural network for in-vehicle network security. PLoS One 11(6), e0155781 (2016)CrossRef
14.
Kang, M.-J., Kang, J.-W.: A novel intrusion detection method using deep neural network for in-vehicle network security. In: 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring), pp. 1–5. IEEE (2016)
15.
Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93–108 (2005)CrossRef
16.
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE (2010)
17.
Kurachi, R., Matsubara, Y., Takada, H., Adachi, N., Miyashita, Y., Horihata, S.: CaCAN - centralized authentication system in CAN (controller area network). In: 14th International Conference on Embedded Security in Cars (ESCAR 2014) (2014)
18.
Li, H., Zhao, L., Juliato, M., Ahmed, S., Sastry, M.R., Yang, L.L.: POSTER: intrusion detection system for in-vehicle networks using sensor correlation and integration. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2531–2533. ACM (2017)
19.
Lin, C.-W., Zhu, Q., Sangiovanni-Vincentelli, A.: Security-aware modeling and efficient mapping for CAN-based real-time distributed automotive systems. IEEE Embed. Syst. Lett. 7(1), 11–14 (2015)CrossRef
20.
Marchetti, M., Stabili, D., Guido, A., Colajanni, M.: Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms. In: Research and Technologies for Society and Industry Leveraging a better Tomorrow (RTSI), pp. 1–6. IEEE (2016)
21.
Miller, C., Valasek, C.: Adventures in automotive networks and control units. DEF CON 21, 260–264 (2013)
22.
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015)
23.
Moon, S.B., Skelly, P., Towsley, D.: Estimation and removal of clock skew from network delay measurements. In: INFOCOM 1999, Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, Proceedings, vol. 1, pp. 227–234. IEEE (1999)
24.
Moore, M.R., Bridges, R.A., Combs, F.L., Starr, M.S., Prowell, S.J.: Modeling inter-signal arrival times for accurate detection of can bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection. In: Proceedings of the 12th Annual Conference on Cyber and Information Security Research, pp. 11. ACM (2017)
25.
Mueller, A., Lothspeich, T.: Plug-and-secure communication for CAN. CAN Newsl. 4, 10–14 (2015)
26.
Murvay, P.-S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)CrossRef
27.
Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: 2011 IEEE of the Intelligent Vehicles Symposium (IV), po. 1110–1115. IEEE (2011)
28.
Müter, M., Groll, A., Freiling, F.C.: A structured approach to anomaly detection for in-vehicle networks. In: 2010 Sixth International Conference on Information Assurance and Security (IAS), pp. 92–98. IEEE (2010)
29.
Narayanan, S.N., Mittal, S., Joshi, A.: \(\text{OBD}\_\text{ SecureAlert }\): an anomaly detection system for vehicles. In: 2016 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 1–6. IEEE (2016)
30.
Radu, A.-I., Garcia, F.D.: LeiA: a \(\underline{{\rm L}}\)ightweight auth\(\underline{{\rm e}}\)nticat\(\underline{{\rm i}}\)on protocol for C\(\underline{{\rm A}}\)N. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 283–300. Springer, Cham (2016). https://​doi.​org/​10.​1007/​978-3-319-45741-3_​15CrossRef
31.
Sagong, S.U., Ying, X., Clark, A., Bushnell, L., Poovendran, R.: Cloaking the clock: emulating clock skew in controller area networks. In: Proceedings of the 9th ACM/IEEE International Conference on Cyber-Physical Systems, pp. 32–42. IEEE Press (2018)
32.
Song, H.M., Kim, H.R., Kim, H.K.: Intrusion detection system based on the analysis of time intervals of can messages for in-vehicle network. In: 2016 International Conference on Information Networking (ICOIN), pp. 63–68. IEEE (2016)
33.
Studnia, I., Alata, E., Nicomette, V., Kaâniche, M., Laarouchi, Y.: A language-based intrusion detection approach for automotive embedded networks. Int. J. Embed. Syst. 10(1), 1–12 (2018)CrossRef
34.
Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA), pp. 130–139. IEEE (2016)
35.
Theissler, A.: Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection. Knowl.-Based Syst. 123, 163–173 (2017)CrossRef
36.
37.
Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. In: ECRYPT Workshop on Lightweight Cryptography, vol. 2011 (2011)
Metadaten
Titel
INCANTA - INtrusion Detection in Controller Area Networks with Time-Covert Authentication
verfasst von
Bogdan Groza
Lucian Popa
Pal-Stefan Murvay
Copyright-Jahr
2019
Buch
Security and Safety Interplay of Intelligent Software Systems

Print ISBN: 978-3-030-16873-5

Electronic ISBN: 978-3-030-16874-2

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-16874-2_7

Premium Partner

    Bildnachweise