ABSTRACT
Almost all aspects of modern automobiles are controlled by embedded computers, known as Electronic Control Units (ECUs). ECUs are connected with each other over a Controller Area Network (CAN) network. ECUs communicate with each other and control the automobile's behavior using messages. Heavy vehicles, unlike passenger cars, are constructed using ECUs manufactured by different Original Equipment Manufacturers (OEMs). For reasons of interoperability, the Society of Automotive Engineers (SAE) mandates that all ECUs should communicate using the standardized SAE-J1939 protocol that gives semantics to the signals transmitted on the CAN network. Security concerns have been historically ignored in protocols and standards. Consequently, an ECU having malicious code can spoof other ECUs, e.g., a message can be injected through the OBD-II port or the telematics unit into the internal network to interfere with the behavior of the vehicle. Intrusion Detection Systems (IDS) have been proposed and utilized to detect various types of security attacks. However, such systems are only capable of detecting attacks and cannot mitigate them. A compromised ECU may generate invalid data values; even if such invalid values are detected, there is still a need to counter their effects. Almost all prior works focus on detecting attacks. We demonstrate how to make the vehicle resilient to attacks. We analyze the log files of real driving scenarios and show ECUs are significantly dependent on other ECUs to operate. We demonstrate that parameters of a compromised ECU can be reconstructed from those of other non-compromised ECUs to allow the vehicle to continue operation and make it resilient to attacks. We achieve this by modeling the behavior of an ECU using the multivariate Long Short-Term Memory (LSTM) neural network. We then reconstruct compromised ECU values using information obtained from trustworthy ECUs. Despite some levels of errors, our model can reconstruct trustworthy data values that can be substituted for values generated by compromised ECUs. The error between the reconstructed values and the correct ones is less than 6% of the operating range for the compromised ECU, which is significantly low and can be substituted. Our proposed approach makes the vehicle resilient without requiring changes to the internal architecture.
Supplemental Material
- 2015. Road vehicles - Controller area network (CAN). https://www.iso.org/ standard/63648.htmlGoogle Scholar
- 2018. Serial Control and Communications Heavy Duty Vehicle Network. https: //doi.org/10.4271/J1939_201808Google Scholar
- 2018. Transportation Statistics Annual Report 2018. USDOT Bureau of Transportation Statistics (2018). https://doi.org/10.21949/1502596Google Scholar
- Thomas M Breuel, Adnan Ul-Hasan, Mayce Ali Al-Azawi, and Faisal Shafait. 2013. High-Performance OCR for Printed English and Fraktur Using LSTM Networks. In 12th International Conference on Document Analysis and Recognition. 683--687.Google Scholar
- Yelizaveta Burakova, Bill Hass, Leif Millar, and André Weimerskirch. 2016. Truck Hacking: An Experimental Analysis of the SAE J1939 Standard. In 10th USENIX Workshop on Offensive Technologies (WOOT 16).Google Scholar
- Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno. 2011. Comprehensive Experimental Analyses of Automotive Attack Surfaces. In 20th USENIX Security Symposium (USENIX Security 11).Google Scholar
- Kyong-Tak Cho and Kang G. Shin. 2016. Fingerprinting Electronic Control Units for Vehicle Intrusion Detection. In 25th USENIX Security Symposium, USENIX Security 16. 911--927.Google Scholar
- Valliappa Chockalingam, Ian Larson, Daniel Lin, and Spencer Nofzinger. 2016. Detecting Attacks on the CAN Protocol With Machine Learning. Annu EECS 558, 7.Google Scholar
- Wonsuk Choi, Hyo Jin Jo, Samuel Woo, Ji Young Chun, Jooyoung Park, and Dong Hoon Lee. 2018. Identifying ECUs using inimitable characteristics of signals in controller area networks. In Transactions on Vehicular Technology.Google Scholar
- Wonsuk Choi, Kyungho Joo, Hyo Jin Jo, Moon Chan Park, and Dong Hoon Lee. 2018. Voltageids: Low-level communication characteristics for automotive intrusion detection system. In Transactions on Information Forensics and Security.Google Scholar
- Jeremy Daily, Rose Gamble, Stephen Moffitt, Connor Raines, Paul Harris, Jannah Miran, Indrakshi Ray, Subhojeet Mukherjee, Hossein Shirazi, and James Johnson. 2016. Towards a Cyber Assurance Testbed for Heavy Vehicle Electronic Controls. SAE International Journal of Commercial Vehicles 9, 2 (2016), 339--349.Google ScholarCross Ref
- Felix A. Gers, Jürgen Schmidhuber, and Fred Cummins. 2000. Learning to Forget: Continual Prediction with LSTM. Journal of Neural Computation 12, 10 (2000), 2451--2471.Google ScholarDigital Library
- A. Graves, N. Jaitly, and A. Mohamed. 2013. Hybrid speech recognition with Deep Bidirectional LSTM. In IEEE Workshop on Automatic Speech Recognition and Understanding. 273--278.Google Scholar
- Sepp Hochreiter and Jürgen Schmidhuber. 1997. Long Short-Term Memory. Journal of Neural Computation 9, 8 (1997), 1735--1780.Google ScholarDigital Library
- Min-Ju Kang and Je-Won Kang. 2016. A Novel Intrusion Detection Method Using Deep Neural Network for In-Vehicle Network Security. In 83rd IEEE Vehicular Technology Conference (VTC Spring). 1--5.Google ScholarCross Ref
- Kaveh Bakhsh Kelarestaghi, Kevin Heaslip, and Ryan M. Gerdes. 2018. Vehicle Security: Risk Assessment in Transportation. arXiv preprint arXiv abs/1804.07381 (2018).Google Scholar
- Diederik P Kingma and Jimmy Ba. 2014. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014).Google Scholar
- Charlie Miller and Chris Valasek. 2015. Remote exploitation of an unaltered passenger vehicle. Black Hat USA 2015 (2015), 91. http://illmatics.com/Remote% 20Car%20Hacking.pdfGoogle Scholar
- Jelena Mirkovic and Peter Reiher. 2004. A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. ACM SIGCOMM Computer Communication Review 34, 2 (2004), 39--53.Google ScholarDigital Library
- Subhojeet Mukherjee, Hossein Shirazi, Indrakshi Ray, Jeremy Daily, and Rose Gamble. 2016. Practical DoS Attacks on Embedded Networks in Commercial Vehicles. In Information Systems Security. Vol. 10063. Cham, 23--42.Google Scholar
- Pal-Stefan Murvay and Bogdan Groza. 2014. Source identification using signal characteristics in controller area networks. In Signal Processing Letters.Google Scholar
- Pal-Stefan Murvay and Bogdan Groza. 2018. Security Shortcomings and Countermeasures for the SAE J1939 Commercial Vehicle Bus Protocol. IEEE Transactions on Vehicular Technology 67 (2018), 4325--4339.Google ScholarCross Ref
- Sandeep Nair Narayanan, Sudip Mittal, and Anupam Joshi. 2016. OBD_SecureAlert: An Anomaly Detection System for Vehicles. In International Conference on Smart Computing.Google ScholarCross Ref
- Dennis K Nilsson, Ulf E Larson, and Erland Jonsson. 2008. Efficient in-vehicle delayed data authentication based on compound message authentication codes. In Vehicular Technology Conference.Google ScholarCross Ref
- Hossein Shirazi, Indrakshi Ray, and Charles Anderson. 2020. Using Machine Learning to Detect Anomalies in Embedded Networks in Heavy Vehicles. In Foundations and Practice of Security, Vol. 12056. Springer International Publishing, 39--55.Google Scholar
- Christopher Johnathan Szilagyi. 2012. Low cost multicast network authentication for embedded control systems. Ph. D. Dissertation. Carnegie Mellon University.Google Scholar
- Adrian Taylor, Sylvain Leblanc, and Nathalie Japkowicz. 2016. Anomaly detection in automobile control network data with long short-term memory networks. In International Conference on Data Science and Advanced Analytics.Google ScholarCross Ref
- Anthony Van Herrewege, Dave Singelee, and Ingrid Verbauwhede. 2011. CANAuth-a simple, backward compatible broadcast authentication protocol for CAN bus. In Workshop on Lightweight Cryptography.Google Scholar
- Marko Wolf and Robert Lambert. 2017. Hacking trucks-cybersecurity risks and effective cybersecurity protection for heavy duty vehicles. Automotive-Safety & Security 2017-Sicherheit und Zuverlässigkeit für automobile Informationstechnik (2017).Google Scholar
- Di Wu, Zhongkai Jiang, Xiaofeng Xie, Xuetao Wei, Weiren Yu, and Renfa Li. 2020. LSTM Learning With Bayesian and Gaussian Processing for Anomaly Detection in Industrial IoT. IEEE Transactions on Industrial Informatics 16, 8 (2020), 5244-- 5253.Google ScholarCross Ref
- Xinxin Zhu, Lixiang Li, Jing Liu, Ziyi Li, Haipeng Peng, and Xinxin Niu. 2018. Image captioning with triple-attention and stack parallel LSTM. Neurocomputing 319 (2018), 55--65.Google ScholarCross Ref
Index Terms
- Towards Resiliency of Heavy Vehicles through Compromised Sensor Data Reconstruction
Recommendations
Improved rollover prevention controller for heavy vehicles with varying velocity and values of vehicle parameters
AbstractIn general, vehicle longitudinal velocity varies and the values of vehicle parameters vary greatly. Therefore, when we ignore the facts and design a controller, the controlled vehicle system may have undesired control performance. In the worst ...
Adaptive rollover prevention controller for driver---vehicle systems
In the paper, we propose an adaptive rollover prevention controller for heavy vehicles. At first, a design method for an ideal vehicle model is proposed. The designed ideal vehicle model has the property that good rollover prevention performance can be ...
COMPANION -- Towards Co-operative Platoon Management of Heavy-Duty Vehicles
ITSC '15: Proceedings of the 2015 IEEE 18th International Conference on Intelligent Transportation SystemsThe objective of the EU project COMPANION is to develop co-operative mobility technologies for supervised vehicle platooning, in order to improve fuel efficiency and safety for goods transport. The potential social and environmental benefits inducted by ...
Comments