nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

CANSentry: Securing CAN-Based Cyber-Physical Systems against Denial and Spoofing Attacks

verfasst von : Abdulmalik Humayed, Fengjun Li, Jingqiang Lin, Bo Luo

Erschienen in: Computer Security – ESORICS 2020

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Controller Area Network (CAN) has been widely adopted as the de facto standard to support the communication between the ECUs and other computing components in automotive and industrial control systems. In its initial design, CAN only provided very limited security features, which is seriously behind today’s standards for secure communication. The newly proposed security add-ons are still insufficient to defend against the majority of known breaches in the literature. In this paper, we first present a new stealthy denial of service (DoS) attack against targeted ECUs on CAN. The attack is hardly detectable since the actions are perfectly legitimate to the bus. To defend against this new DoS attack and other denial and spoofing attacks in the literature, we propose a CAN firewall, namely CANSentry, that prevents malicious nodes’ misbehaviors such as injecting unauthorized commands or disabling targeted services. We implement CANSentry on a cost-effective and open-source device, to be deployed between any potentially malicious CAN node and the bus, without needing to modify CAN or existing ECUs. We evaluate CANSentry on a testing platform built with parts from a modern car. The results show that CANSentry successfully prevents attacks that have shown to lead to safety-critical implications.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Anonymity Preserving Byzantine Vector Consensus

Nächstes Kapitel Distributed Detection of APTs: Consensus vs. Clustering

Nur mit Berechtigung zugänglich

Grimm co. cant. https://github.com/bitbane/CANT

Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium (2011)

Cho, K.-T., Shin, K.G.: Error handling of in-vehicle networks makes them vulnerable. In: ACM CCS, pp. 1044–1055. ACM (2016)

Cho, K.-T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: USENIX Security Symposium (2016)

Cho, K.-T., Shin, K.G.: Viden: attacker identification on in-vehicle networks. In: ACM CCS (2017)

Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ECUS using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Tech. 67(6), 4757–4770 (2018)CrossRef

Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: Voltageids: low-level communication characteristics for automotive intrusion detection system. IEEE TIFS 13(8), 2114–2129 (2018)

Dagan, T., Wool, A.: Parrot, a software-only anti-spoofing defense system for the can bus. ESCAR EUROPE (2016)

Dardanelli, A., et al.: A security layer for smartphone-to-vehicle communication over bluetooth. IEEE Embed. Syst. Lett. 5(3), 34–37 (2013)CrossRef

10.

Foruhandeh, M., Man, Y., Gerdes, R., Li, M., Chantem, T.: Simple: single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks. In: ACSAC, pp. 229–244 (2019)

11.

Foster, I., Prudhomme, A., Koscher, K., Savage, S.: A story of telematic failures. In: USENIX WOOT, Fast and Vulnerable (2015)

12.

Fröschle, S., Stühring, A.: Analyzing the capabilities of the CAN attacker. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 464–482. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_27CrossRef

13.

Gmiden, M., Gmiden, M.H., Trabelsi, H.: An intrusion detection method for securing in-vehicle can bus. In: IEEE STA (2016)

14.

Gupta, R.A., Chow, M.-Y.: Networked control system: overview and research trends. IEEE Trans. Ind. Electron. 57(7), 2527–2535 (2010)CrossRef

15.

Halder, S., Conti, M., Das, S.K.: COIDS: a clock offset based intrusion detection system for controller area networks. In: ICDCN (2020)

16.

Han, K., Potluri, S.D., Shin, K.G.: On authentication in a connected vehicle: secure integration of mobile devices with vehicular networks. In: ACM/IEEE ICCPS, pp. 160–169 (2013)

17.

Han, K., Weimerskirch, A., Shin, K.G.: A practical solution to achieve real-time performance in the automotive network by randomizing frame identifier. In: Proceedings of Europe Embedded Security Cars (ESCAR), pp. 13–29 (2015)

18.

Hartkopp, O., Schilling, R.M.: Message authenticated can. In: Escar Conference, Berlin, Germany (2012)

19.

Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks – practical examples and selected short-term countermeasures. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 235–248. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87698-4_21CrossRef

20.

Humayed, A., Lin, J., Li, F., Luo, B.: Cyber-physical systems security a survey. IEEE IoT J. 4(6), 1802–1831 (2017)

21.

Humayed, A., Luo, B.: Cyber-physical security for smart cars: taxonomy of vulnerabilities, threats, and attacks. In: ACM/IEEE ICCPS (2015)

22.

Humayed, A., Luo, B.: Using ID-hopping to defend against targeted DOS on CAN. In: SCAV Workshop (2017)

23.

Iehira, K., Inoue, H., Ishida, K.: Spoofing attack using bus-off attacks against a specific ECU of the can bus. In: IEEE CCNC (2018)

24.

Karray, K., Danger, J.-L., Guilley, S., Elaabid, M.A.: Identifier randomization: an efficient protection against CAN-bus attacks. In: Koç, Ç.K. (ed.) Cyber-Physical Systems Security, pp. 219–254. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98935-8_11CrossRef

25.

Kneib, M., Huth, C.: Scission: signal characteristic-based sender identification and intrusion detection in automotive networks. In: ACM CCS (2018)

26.

Kornaros, G., Tomoutzoglou, O., Coppola, M.: Hardware-assisted security in electronic control units: secure automotive communications by utilizing one-time-programmable network on chip and firewalls. IEEE Micro 38(5), 63–74 (2018)CrossRef

27.

Koscher, K., et al.: Experimental security analysis of a modern automobile. In: IEEE S&P (2010)

28.

Kurachi, R., Matsubara, Y., Takada, H., Adachi, N., Miyashita, Y., Horihata, S.: Cacan-centralized authentication system in can (controller area network). In: International Conference on ESCAR (2014)

29.

Lukasiewycz, M., Mundhenk, P., Steinhorst, S.: Security-aware obfuscated priority assignment for automotive can platforms. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 21(2), 32 (2016)

30.

Matsumoto, T., Hata, M., Tanabe, M., Yoshioka, K., Oishi, K.: A method of preventing unauthorized data transmission in controller area network. In: IEEE VTC (2012)

31.

Miller, C., Valasek, C.: Adventures in automotive networks and control units. Def Con 21, 260–264 (2013)

32.

Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA 2015, 91 (2015)

33.

Moore, E.F.: Gedanken-experiments on sequential machines. Automata Stud. 34, 129–153 (1956)MathSciNet

34.

Mundhenk, P., et al.: Security in automotive networks: lightweight authentication and authorization. ACM TODAES 22(2), 1–27 (2017)CrossRef

35.

Murvay, P.-S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)CrossRef

36.

Murvay, P.-S., Groza, B.: Dos attacks on controller area networks by fault injections from the software layer. In: ARES. ACM (2017)

37.

Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE Intelligent Vehicles Symposium (2011)

38.

Narayanan, S.N., Mittal, S., Joshi, A.: Obd\_securealert: an anomaly detection system for vehicles. In: IEEE SMARTCOMP (2016)

39.

Nie, S., Liu, L., Yuefeng, D.: Free-fall: hacking tesla from wireless to can bus. Brief. Black Hat USA 25, 1–16 (2017)

40.

Nowdehi, N., Aoudi, W., Almgren, M., Olovsson, T.: CASAD: can-aware stealthy-attack detection for in-vehicle networks. arXiv:1909.08407 (2019)

41.

Nürnberger, S., Rossow, C.: – vatiCAN – vetted, authenticated CAN bus. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 106–124. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_6CrossRef

42.

Palanca, A., Evenchick, E., Maggi, F., Zanero, S.: A stealth, selective, link-layer denial-of-service attack against automotive networks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 185–206. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60876-1_9CrossRef

43.

Petit, J., Shladover, S.E.: Potential cyberattacks on automated vehicles. IEEE Trans. Intell. Transp. Syst. 16(2), 546–556 (2015)

44.

Radu, A.-I., Garcia, F.D.: LeiA: a lightweight authentication protocol for CAN. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 283–300. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45741-3_15CrossRef

45.

Rizvi, S., Willet, J., Perino, D., Marasco, S., Condo, C.: A threat to vehicular cyber security and the urgency for correction. Procedia Comput. Sci. 114, 100–105 (2017)CrossRef

46.

Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: a tire pressure monitoring system case study. In: USENIX Security Symposium (2010)

47.

Sagstetter, F., et al.: Security challenges in automotive hardware/software architecture design. In: DATE. IEEE (2013)

48.

Souma, D., Mori, A., Yamamoto, H., Hata, Y.: Counter attacks for bus-off attacks. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 319–330. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99229-7_27CrossRef

49.

Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaaniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: IEEE/IFIP DSN (2013)

50.

Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: IEEE DSAA (2016)

51.

Theissler, A.: Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection. Knowl.-Based Syst. 123, 163–173 (2017)CrossRef

52.

Tian, D., et al.: an intrusion detection system based on machine learning for CAN-Bus. In: Chen, Y., Duong, T.Q. (eds.) INISCOM 2017. LNICST, vol. 221, pp. 285–294. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74176-5_25CrossRef

53.

Van Bulck, J., Mühlberg, J.T., Piessens, F.: Vulcan: efficient component authentication and software isolation for automotive control networks. In: ACSAC, pp. 225–237 (2017)

54.

Van Herrewege, A., Singelee, D., Verbauwhede, I.: Canauth-a simple, backward compatible broadcast authentication protocol for can bus. In: ECRYPT Workshop on Lightweight Cryptography, vol. 2011 (2011)

55.

Wang, Q., Sawhney, S.: Vecure: a practical security framework to protect the can bus of vehicles. In: IEEE International Conference on IOT (2014)

56.

Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. In: Workshop on Embedded Security in Cars (2004)

57.

Woo, S., Jo, H.J., Lee, D.H.: A practical wireless attack on the connected car and security protocol for in-vehicle can. IEEE Trans. Intell. Transp. Syst. 16(2), 993–1006 (2014)

58.

Woo, S., Moon, D., Youn, T.-Y., Lee, Y., Kim, Y.: Can ID shuffling technique (CIST): moving target defense strategy for protecting in-vehicle can. IEEE Access 7, 15521–15536 (2019)CrossRef

59.

Wu, W., et al.: IDH-CAN: a hardware-based ID hopping can mechanism with enhanced security for automotive real-time applications. IEEE Access 6, 54607–54623 (2018)CrossRef

60.

Ziermann, T., Wildermann, S., Teich, J.: Can+: a new backward-compatible controller area network (can) protocol with up to 16\(\times \) higher data rates. In: DATE. IEEE (2009)

Titel: CANSentry: Securing CAN-Based Cyber-Physical Systems against Denial and Spoofing Attacks
verfasst von: Abdulmalik Humayed
Fengjun Li
Jingqiang Lin
Bo Luo
Verlag: Springer International Publishing
Buch: Computer Security – ESORICS 2020
Print ISBN: 978-3-030-58950-9

Electronic ISBN: 978-3-030-58951-6

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-58951-6_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner