ABSTRACT
With the development of smart internet-connected vehicles, in-vehicle networks are facing increasing security threats. Controller Area Network (CAN), as the most commonly used communication method in vehicles, has become the main target of malicious network attacks due to its lack of security. This paper focuses on three common attack methods: CAN message injection, replay and Dos attack, and designs five attack experiments based on these three methods. Due to the upgrading of vehicle electronic and electrical architectures, the traditional three CAN attack experiments cannot affect most new vehicles. This paper proposes an experimental method based on UDS (Unified Diagnostic Services) CAN message injection and DoS attack, which causes functional interference in new vehicles, and proposes protective measures to safeguard the security of in-vehicle CAN network based on the analysis of the experiments. Network security protection measures are proposed based on the experimental analysis.
- Woo S, Jo H J, Lee D H. A practical wireless attack on the connected car and security protocol for in-vehicle CAN [J]. IEEE Transactions on intelligent transportation systems, 2014, 16(2): 993-1006.Google Scholar
- Rathore R S, Hewage C, Kaiwartya O, In-vehicle communication cyber security: challenges and solutions [J]. Sensors, 2022, 22(17): 6679.Google ScholarCross Ref
- Liu J, Zhang S, Sun W, In-vehicle network attacks and countermeasures: Challenges and future directions [J]. IEEE Network, 2017, 31(5): 50-58.Google ScholarDigital Library
- Kim J H, Seo S H, Hai N T, Gateway framework for in-vehicle networks based on CAN, FlexRay, and Ethernet [J]. IEEE transactions on vehicular technology, 2014, 64(10): 4472-4486.Google Scholar
- Navale V M, Williams K, Lagospiris A, (R) evolution of E/E architectures [J]. SAE International Journal of Passenger Cars-Electronic and Electrical Systems, 2015, 8(2015-01-0196): 282-288.Google ScholarCross Ref
- Miller C, Valasek C. Remote exploitation of an unaltered passenger vehicle [J]. Black Hat USA, 2015, 2015(S 91): 1-91.Google Scholar
- Nie S, Liu L, Du Y. Free-fall: Hacking tesla from wireless to can bus [J]. Briefing, Black Hat USA, 2017, 25(1): 16.Google Scholar
- Tencent Keen Security Lab. Experimental security research of Tesla autopilot [J]. Tencent Keen Security Lab, 2019.Google Scholar
- Bandur V, Pantelic V, Tomashevskiy T, A Safety Architecture for Centralized E/E Architectures [C]//2021 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). IEEE, 2021: 67-70.Google Scholar
- Plappert C, Fenzl F, Rieke R, SECPAT: security patterns for resilient automotive E/E architectures [C]//2022 30th Euromicro international conference on parallel, distributed and network-based processing (PDP). IEEE, 2022: 255-264.Google Scholar
- Song H M, Woo J, Kim H K. In-vehicle network intrusion detection using deep convolutional neural network [J]. Vehicular Communications, 2020, 21: 100198.Google ScholarDigital Library
- Park J S, Heurtefeux K, Eom S, Routing Methods Considering Security and Real-Time of Vehicle Gateway System [J]. SAE Tech. Pap, 2020, 1: 1294.Google Scholar
Index Terms
- In-Vehicle Network Attack Based on CAN and UDS: Demonstration and Analysis
Recommendations
CAN Signal Extinction-based DoS Attack on In-Vehicle Network
As automobiles become more electrified, more and more Electronic Control Units (ECU) are installed in vehicles. ECUs communicate with each other through dedicated protocols such as a controller area network (CAN), but these protocols do not have their own ...
Flooding attack mitigator for in-vehicle CAN using fault confinement in CAN protocol
AbstractFor driver convenience and safety, a number of electronic control units (ECUs) have been installed on modern vehicles. To support communications among ECUs, the controller area network (CAN) is commonly used as in-vehicle network for ...
Comments