research-article

Detection and Mitigation of Sensor and CAN Bus Attacks in Vehicle Anti-Lock Braking Systems

Authors:

Haiying ShenAuthors Info & Claims

ACM Transactions on Cyber-Physical Systems (TCPS), Volume 6, Issue 1

Article No.: 9, Pages 1 - 24

https://doi.org/10.1145/3495534

Published: 06 January 2022 Publication History

Abstract

For a modern vehicle, if the sensor in a vehicle anti-lock braking system (ABS) or controller area network (CAN) bus is attacked during a brake process, the vehicle will lose driving direction control and the driver’s life will be highly threatened. However, current methods for detecting attacks are not sufficiently accurate, and no method can provide attack mitigation. To ensure vehicle ABS security, we propose an attack detection method to accurately detect both sensor attack (SA) and CAN bus attack in a vehicle ABS, and an attack mitigation strategy to mitigate their negative effects on the vehicle ABS. In our attack detection method, we build a vehicle state space equation that considers the real-time road friction coefficient to predict vehicle states (i.e., wheel speed and longitudinal brake force) with their previous values. Based on sets of historical measured vehicle states, we develop a search algorithm to find out attack changes (vehicle state changes because of attack) by minimizing errors between the predicted vehicle states and the measured vehicle states. In our attack mitigation strategy, attack changes are subtracted from the measured vehicle states to generate correct vehicle states for a vehicle ABS. We conducted the first real SA experiments to show how a magnet affects sensor readings. Our simulation results demonstrate that our attack detection method can detect SA and CAN bus attack more accurately compared with existing methods, and also that our attack mitigation strategy almost eliminates the attack’s effects on a vehicle ABS.

References

[1]

Robert N. Charette. 2009. This car runs on code. IEEE Spectrum 46, 3 (2009), 1–3.

[2]

Michael Müter, André Groll, and Felix C. Freiling. 2010. A structured approach to anomaly detection for in-vehicle networks. In Proceedings of the 2010 6th International Conference on Information Assurance and Security(IAS’10).

[3]

Christof Paar and André Weimerskirch. 2007. Embedded security in a pervasive world. Information Security Technical Report 12, 3 (2007), 155–161.

Digital Library

[4]

Yasser Shoukry, Paul Martin, Paulo Tabuada, and Mani Srivastava. 2013. Non-invasive spoofing attacks for anti-lock braking systems. In Cryptographic Hardware and Embedded Systems—CHES 2013. Lecture Notes in Computer Science, Vol. 8086. Springer, 55-72.

Digital Library

[5]

Samuel Woo, Hyo Jin Jo, and Dong Hoon Lee. 2015. A practical wireless attack on the connected car and security protocol for in-vehicle CAN. IEEE Transactions on Intelligent Transportation Systems 16, 2 (2015), 993–1006.

[6]

Charlie Miller and Chris Valasek. 2015. Remote Exploitation of an Unaltered Passenger Vehicle. Technical White Paper. IOActive.

[7]

Buke Ao, Yongcai Wang, Lu Yu, Richard R. Brooks, and S. S. Iyengar. 2016. On precision bound of distributed fault-tolerant sensor fusion algorithms. ACM Computing Surveys 49, 1 (2016), Article 5, 23 pages.

Digital Library

[8]

Junkil Park, Radoslav Ivanov, James Weimer, Miroslav Pajic, and Insup Lee. 2015. Sensor attack detection in the presence of transient faults. In Proceedings of the ACM/IEEE 6th International Conference on Cyber-Physical Systems (ICCPS’15). 1–10.

Digital Library

[9]

Radoslav Ivanov, Miroslav Pajic, and Insup Lee. 2014. Resilient multidimensional sensor fusion using measurement history. In Proceedings of the 3rd ACM International Conference on High Confidence Networked Systems (HiCoNS’14).

Digital Library

[10]

Jongho Shin, Youngmi Baek, Jaeseong Lee, and Seonghun Lee. 2019. Cyber-physical attack detection and recovery based on RNN in automotive brake systems. Applied Sciences 9, 1 (2019), 82.

[11]

Joe Halabi and Hassan Artail. 2018. A lightweight synchronous cryptographic hash chain solution to securing the vehicle CAN bus. In Proceedings of the 2018 IEEE International Multidisciplinary Conference on Engineering Technology (IMCET’18). 1–6.

[12]

Assaf Harel and Amir Hezberg. 2019. Optimizing CAN Bus Security with In-Place Cryptography. Technical Report. SAE.

[13]

Mabrouka Gmiden, Mohamed Hedi Gmiden, and Hafedh Trabelsi. 2019. Cryptographic and intrusion detection system for automotive CAN bus: Survey and contributions. In Proceedings of the 2019 16th International Multi-Conference on Systems, Signals, and Devices (SSD’19). 158–163.

[14]

Ki-Dong Kang, Youngmi Baek, Seonghun Lee, and Sang Hyuk Son. 2017. An attack-resilient source authentication protocol in controller area network. In Proceedings of the Symposium on Architectures for Networking and Communications Systems (ANCS’17). 109–118.

Digital Library

[15]

Kyusuk Han, Swapna Divya Potluri, and Kang G. Shin. 2013. On authentication in a connected vehicle: Secure integration of mobile devices with vehicular networks. In Proceedings of the ACM/IEEE 4th International Conference on Cyber-Physical Systems. 160–169.

Digital Library

[16]

Oliver Cros and Gabriel Chenevert. 2019. Hashing-based authentication for CAN bus and application to denial-of-service protection. In Proceedings of the 2019 3rd Cyber Security in Networking Conference (CSNet’19). IEEE, Los Alamitos, CA, 91–98.

[17]

Michael R. Moore, Robert A. Bridges, Frank L. Combs, Michael S. Starr, and Stacy J. Prowell. 2017. Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: A data-driven approach to in-vehicle intrusion detection. In Proceedings of the 12th Annual Conference on Cyber and Information Security Research. Article 11, 4 pages.

Digital Library

[18]

Tobias Hoppe, Stefan Kiltz, and Jana Dittmann. 2011. Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures. Reliability Engineering & System Safety 96, 1 (2011), 11–25.

Digital Library

[19]

Steve Corrigan. 2008. Introduction to the Controller Area Network (CAN). Application Report, Texas Instruments.

[20]

Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, et al. 2010. Experimental security analysis of a modern automobile. In Proceedings of the 2010 IEEE Symposium on Security and Privacy.

Digital Library

[21]

Kathryn A. Ingle. 1994. Reverse Engineering. McGraw-Hill.

[22]

Charlie Miller and Chris Valasek. 2013. Adventures in Automotive Networks and Control Units. Technical White Paper. IOActive.

[23]

Mario Hrgetic, Josko Deur, Vladimir Ivanovic, and Eric Tseng. 2014. Vehicle sideslip angle EKF estimator based on nonlinear vehicle dynamics model and stochastic tire forces modeling. SAE Journal of Passenger Cars—Mechanical Systems 7, 1 (2014), 86–95.

[24]

Thomas A. Wenzel, K. J. Burnham, M. V. Blundell, and R. A. Williams. 2006. Dual extended Kalman filter for vehicle state and parameter estimation. Vehicle System Dynamics 44, 2 (2006), 153–171.

[25]

A. Alexander and A. Vacca. 2017. Longitudinal vehicle dynamics model for construction machines with experimental validation. International Journal of Automotive and Mechanical Engineering 14, 4 (2017), 4616–4633.

[26]

H. B. Pacejka. 2005. Tire brush model. In Tire and Vehicle Dynamics (3rd ed.). Butterworth-Heinemann, Waltham, MA, 90–127.

[27]

Kyong-Tak Cho, Kang G. Shin, and Taejoon Park. 2015. CPS approach to checking norm operation of a brake-by-wire system. In Proceedings of the ACM/IEEE 6th International Conference on Cyber-Physical Systems. 41–50.

Digital Library

[28]

Kyoungseok Han, Seibum B. Choi, Jonghyup Lee, Dongyoon Hyun, and Jounghee Lee. 2017. Accurate brake torque estimation with adaptive uncertainty compensation using a brake force distribution characteristic. IEEE Transactions on Vehicular Technology 66, 12 (2017), 10830–10840.

[29]

Kanwar Bharat Singh and Saied Taheri. 2015. Estimation of tire–road friction coefficient and its application in chassis control systems. Systems Science & Control Engineering 3, 1 (2015), 39–61.

[30]

Yasser Shoukry and Paulo Tabuada. 2015. Event-triggered state observers for sparse sensor noise/attacks. IEEE Transactions on Automatic Control 61, 8 (2015), 2079–2091.

[31]

Danilo P. Mandic. 2004. A generalized normalized gradient descent algorithm. IEEE Signal Processing Letters 11, 2 (2004), 115–118.

[32]

Keisuke Fujii. 2013. Extended Kalman Filter. ACFA-Sim-J Group.

[33]

CarSim. 2018. CarSim Mechanical Simulation. Retrieved November 24, 2021 from https://www.carsim.com/products/carsim/.

[34]

Google. 2018. Malicious ECU Attacks and Security. Retrieved November 24, 2021 from https://sites.google.com/a/g.ucla.edu/malicious-ecu-attacks-and-security/.

[35]

Long Chen, Mingyuan Bian, Yugong Luo, and Keqiang Li. 2016. Real-time identification of the tyre–road friction coefficient using an unscented Kalman filter and mean-square-error-weighted fusion. Proceedings of the Institution of Mechanical Engineers, Part D: Journal of Automobile Engineering 230, 6 (2016), 788–802.

[36]

Youngmi Baek and Minsu Jo. 2018. Adaptive threshold generation for fault detection with high dependability for cyber-physical systems. Applied Sciences 8, 11 (2018), 2235.

[37]

Kanghyun Nam, Yoichi Hori, and Choonyoung Lee. 2015. Wheel slip control for improving traction-ability and energy efficiency of a personal electric vehicle. Energies 8, 7 (2015), 6820–6840.

[38]

Miroslav Pajic, James Weimer, Nicola Bezzo, Paulo Tabuada, Oleg Sokolsky, Insup Lee, and George J. Pappas. 2014. Robustness of attack-resilient state estimators. In Proceedings of the 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS’14). IEEE, Los Alamitos, CA, 163–174.

Digital Library

[39]

Kyong-Tak Cho and Kang G. Shin. 2016. Fingerprinting electronic control units for vehicle intrusion detection. In Proceedings of the USENIX Security Symposium.

Digital Library

Cited By

Chakraborty SJha SSamii SMundhenk P(2024)Introduction to the Special Issue on Automotive CPS Safety & Security: Part 2ACM Transactions on Cyber-Physical Systems10.1145/36502108:2(1-17)Online publication date: 15-May-2024
https://dl.acm.org/doi/10.1145/3650210
Rasheed ABaza MBadr MAlshahrani HChoo K(2024)Efficient Crypto Engine for Authenticated Encryption, Data Traceability, and Replay Attack Detection Over CAN Bus NetworkIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.331254511:1(1008-1025)Online publication date: Jan-2024
https://doi.org/10.1109/TNSE.2023.3312545
Oladimeji DRasheed AVarol CBaza MAlshahrani HBaz A(2023)CANAttack: Assessing Vulnerabilities within Controller Area NetworkSensors10.3390/s2319822323:19(8223)Online publication date: 2-Oct-2023
https://doi.org/10.3390/s23198223
Show More Cited By

Index Terms

Detection and Mitigation of Sensor and CAN Bus Attacks in Vehicle Anti-Lock Braking Systems
1. Information systems
  1. Information systems applications

Recommendations

Non-invasive Spoofing Attacks for Anti-lock Braking Systems
Cryptographic Hardware and Embedded Systems - CHES 2013
Abstract
This work exposes a largely unexplored vector of physical-layer attacks with demonstrated consequences in automobiles. By modifying the physical environment around analog sensors such as Antilock Braking Systems (ABS), we exploit weaknesses in ...
A technique to detect and mitigate false data injection attacks in Cyber–Physical Systems
Abstract
The advancement in communication, computation, and control technology has led to the integration of the cyber-world and physical-world. This has also increased the incidence of malicious attacks in Cyber–Physical Systems (CPSs), of which false ...
IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN
Cyberspace Safety and Security
Abstract
Nowadays, the Internet of Things (IoT) has developed rapidly and changed people’s life into a more convenient style. However, a huge number of vulnerable IoT devices are exploited to constitute botnet by many attackers, which forms a serious ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Cyber-Physical Systems

ACM Transactions on Cyber-Physical Systems Volume 6, Issue 1

January 2022

246 pages

ISSN:2378-962X

EISSN:2378-9638

DOI:10.1145/3492453

Editor:
Chenyang Lu
Washington University in St. Louis, USA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 06 January 2022

Accepted: 01 June 2021

Revised: 01 November 2020

Received: 01 May 2020

Published in TCPS Volume 6, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Refereed

Funding Sources

U.S. NSF
FHWA
Microsoft Research Faculty Fellowship
Commonwealth Cyber Initiative (CCI)

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
600
Total Downloads

Downloads (Last 12 months)132
Downloads (Last 6 weeks)18

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Chakraborty SJha SSamii SMundhenk P(2024)Introduction to the Special Issue on Automotive CPS Safety & Security: Part 2ACM Transactions on Cyber-Physical Systems10.1145/36502108:2(1-17)Online publication date: 15-May-2024
https://dl.acm.org/doi/10.1145/3650210
Rasheed ABaza MBadr MAlshahrani HChoo K(2024)Efficient Crypto Engine for Authenticated Encryption, Data Traceability, and Replay Attack Detection Over CAN Bus NetworkIEEE Transactions on Network Science and Engineering10.1109/TNSE.2023.331254511:1(1008-1025)Online publication date: Jan-2024
https://doi.org/10.1109/TNSE.2023.3312545
Oladimeji DRasheed AVarol CBaza MAlshahrani HBaz A(2023)CANAttack: Assessing Vulnerabilities within Controller Area NetworkSensors10.3390/s2319822323:19(8223)Online publication date: 2-Oct-2023
https://doi.org/10.3390/s23198223
Chen JLiu BLi THu Y(2023)Multiplicative Attacks with Essential Stealthiness in Sensor and Actuator Loops against Cyber-Physical SystemsSensors10.3390/s2304195723:4(1957)Online publication date: 9-Feb-2023
https://doi.org/10.3390/s23041957
Zhang HWang JWang YLi MSong JLiu Z(2023)ICVTest: A Practical Black-Box Penetration Testing Framework for Evaluating Cybersecurity of Intelligent Connected VehiclesApplied Sciences10.3390/app1401020414:1(204)Online publication date: 25-Dec-2023
https://doi.org/10.3390/app14010204
Chakraborty SJha SSamii SMundhenk P(2023)Introduction to the Special Issue on Automotive CPS Safety & Security: Part 1ACM Transactions on Cyber-Physical Systems10.1145/35799867:1(1-6)Online publication date: 22-Mar-2023
https://dl.acm.org/doi/10.1145/3579986
Mohammadi AMalik HAbbaszadeh M(2023)Vehicle Lateral Motion Dynamics Under Braking/ABS Cyber-Physical AttacksIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.329342418(4100-4115)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3293424
Rai RGrover JPandey S(2023)Unveiling Threats: A Comprehensive Taxonomy of Attacks in In-Vehicle Networks2023 16th International Conference on Security of Information and Networks (SIN)10.1109/SIN60469.2023.10474941(1-7)Online publication date: 20-Nov-2023
https://doi.org/10.1109/SIN60469.2023.10474941
Mohammadi AMalik H(2023)Generation of Time-Varying Feedback-Based Wheel Lock Attack Policies with Minimal Knowledge of the Traction DynamicsIntelligent Computing10.1007/978-3-031-37963-5_87(1268-1281)Online publication date: 20-Aug-2023
https://doi.org/10.1007/978-3-031-37963-5_87
Chen JLiu B(2022)On the Detectability of the Mode Division-based Anomaly Detector in Industrial Cyber-physical Systems2022 41st Chinese Control Conference (CCC)10.23919/CCC55666.2022.9902218(4337-4342)Online publication date: 25-Jul-2022
https://doi.org/10.23919/CCC55666.2022.9902218
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View full text|Download PDF

View Issue’s Table of Contents