Review of the Security of Backward-Compatible Automotive Inter-ECU Communication

Advanced electronic units inside modern vehicles have enhanced the driving experience, but also introduced a myriad of security problems due to the inherent limitations of the internal communication protocol. In the last two decades, a number of security threats have been identified and accordingly, security measures have been proposed. While a large body of research on the vehicular security domain is focused on exposing vulnerabilities and proposing counter measures, there is an apparent paucity of research aimed at reviewing existing works on automotive security and at extracting insights. This paper provides a systematic review of security threats and countermeasures for the ubiquitous CAN bus communication protocol. It further exposes the limitations of the existing security measures, and discusses a seemingly-overlooked, simple, cost-effective and incrementally deployable solution which can provide a reasonable defense against a major class of packet injection attacks and many denial of service attacks.

[1]  Qi Alfred Chen,et al.  Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT , 2020, USENIX Security Symposium.

[2]  Yongqiang Lyu,et al.  LEAP: A Lightweight Encryption and Authentication Protocol for In-Vehicle Communications , 2019, 2019 IEEE Intelligent Transportation Systems Conference (ITSC).

[3]  Sevil Sen,et al.  A survey of attacks and detection mechanisms on intelligent transportation systems: VANETs and IoV , 2017, Ad Hoc Networks.

[4]  Mirco Marchetti,et al.  Anomaly detection of CAN bus messages through analysis of ID sequences , 2017, 2017 IEEE Intelligent Vehicles Symposium (IV).

[5]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[6]  Hafiz Malik,et al.  State-of-the-Art Survey on In-Vehicle Network Communication (CAN-Bus) Security and Vulnerabilities , 2018, ArXiv.

[7]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[8]  Andrey Bogdanov,et al.  Attacks on the Keeloq Block Cipher and Authentication Systems , 2007 .

[9]  Andrea Bittau,et al.  BlueSniff: Eve Meets Alice and Bluetooth , 2007, WOOT.

[10]  Michael Short,et al.  Improving information throughput and transmission predictability in Controller Area Networks , 2010, 2010 IEEE International Symposium on Industrial Electronics.

[11]  Vyas Sekar,et al.  CANNON: Reliable and Stealthy Remote Shutdown Attacks via Unaltered Automotive Microcontrollers , 2021, 2021 IEEE Symposium on Security and Privacy (SP).

[12]  Gregory V. Bard,et al.  Algebraic and Slide Attacks on KeeLoq , 2008, FSE.

[13]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[14]  Manuel Barbosa,et al.  An overview of controller area network , 1999 .

[15]  Muhammet Baykara,et al.  A Novel Hybrid Approach for Detection of Web-Based Attacks in Intrusion Detection Systems , 2017 .

[16]  Muhammet Baykara,et al.  A novel honeypot based security approach for real-time intrusion detection and prevention systems , 2018, J. Inf. Secur. Appl..

[17]  Yves Deswarte,et al.  Survey on security threats and protection mechanisms in embedded automotive networks , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[18]  Siddharth Shukla Embedded Security for Vehicles : ECU Hacking , 2016 .

[19]  Christoph Ruland,et al.  Secure and authentic communication on existing in-vehicle networks , 2009, 2009 IEEE Intelligent Vehicles Symposium.

[20]  Erland Jonsson,et al.  Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes , 2008, 2008 IEEE 68th Vehicular Technology Conference.

[21]  Mohamed Azab,et al.  Survey on Security Issues in Vehicular Ad Hoc Networks , 2015 .

[22]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[23]  Hafedh Trabelsi,et al.  An intrusion detection method for securing in-vehicle CAN bus , 2016, 2016 17th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA).

[24]  Roberto Nardone,et al.  CAN-Bus Attack Detection With Deep Learning , 2021, IEEE Transactions on Intelligent Transportation Systems.

[25]  Wenyuan Xu,et al.  Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[26]  A. Hazem,et al.  LCAP - A Lightweight CAN Authentication Protocol for Securing In-Vehicle Networks , 2012 .

[27]  Haibo Zeng,et al.  Understanding and Using the Controller Area Network Communication Protocol: Theory and Practice , 2012 .

[28]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[29]  Phu H. Phung,et al.  Vehicle ECU classification based on safety-security characteristics , 2008 .

[30]  Nathalie Japkowicz,et al.  Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks , 2016, 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA).

[31]  Panagiotis G. Sarigiannidis,et al.  Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems , 2019, IEEE Access.

[32]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[33]  Avishai Wool,et al.  Field classification, modeling and anomaly detection in unknown CAN bus networks , 2017, Veh. Commun..

[34]  Stacy J. Prowell,et al.  Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection , 2017, CISRC.

[35]  Nathalie Japkowicz,et al.  Frequency-based anomaly detection for the automotive CAN bus , 2015, 2015 World Congress on Industrial Control Systems Security (WCICSS).

[36]  Steven E. Shladover,et al.  Potential Cyberattacks on Automated Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[37]  Dong Hoon Lee,et al.  Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks , 2016, IEEE Transactions on Vehicular Technology.

[38]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[39]  Jiajia Liu,et al.  In-Vehicle Network Attacks and Countermeasures: Challenges and Future Directions , 2017, IEEE Network.

[40]  Qiyan Wang,et al.  VeCure: A practical security framework to protect the CAN bus of vehicles , 2014, 2014 International Conference on the Internet of Things (IOT).

[41]  Bruno Crispo,et al.  Security and privacy in vehicular communications: Challenges and opportunities , 2017, Veh. Commun..

[42]  Muhammet Baykara,et al.  A Survey on Potential Applications of Honeypot Technology in Intrusion Detection Systems , 2015 .

[43]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .

[44]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[45]  Simon S. Woo,et al.  CANTransfer: transfer learning based intrusion detection on a controller area network using convolutional LSTM network , 2020, SAC.

[46]  Suwon Kang,et al.  High speed CAN transmission scheme supporting data rate of over 100 Mb/s , 2016, IEEE Communications Magazine.

[47]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[48]  Mohammed Saeed Al-kahtani,et al.  Survey on security attacks in Vehicular Ad hoc Networks (VANETs) , 2012, 2012 6th International Conference on Signal Processing and Communication Systems.

[49]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[50]  Huy Kang Kim,et al.  Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network , 2016, 2016 International Conference on Information Networking (ICOIN).

[51]  Jürgen Teich,et al.  CAN+: A new backward-compatible Controller Area Network (CAN) protocol with up to 16× higher data rates. , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[52]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[53]  Jin Cui,et al.  A review on safety failures, security attacks, and available countermeasures for autonomous vehicles , 2019, Ad Hoc Networks.

[54]  Gianpiero Costantino,et al.  Trade-off analysis of safety and security in CAN bus communication , 2017, 2017 5th IEEE International Conference on Models and Technologies for Intelligent Transportation Systems (MT-ITS).

[55]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[56]  Stefan Savage,et al.  Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.

[57]  Eli Biham,et al.  A Practical Attack on KeeLoq , 2008, Journal of Cryptology.

[58]  Bogdan Groza,et al.  Source Identification Using Signal Characteristics in Controller Area Networks , 2014, IEEE Signal Processing Letters.

[59]  Flavio D. Garcia,et al.  LeiA: A Lightweight Authentication Protocol for CAN , 2016, ESORICS.

[60]  Anis Laouiti,et al.  VANet security challenges and solutions: A survey , 2017, Veh. Commun..

[61]  Kun Jiang,et al.  Attacks and defences on intelligent connected vehicles: a survey , 2020, Digit. Commun. Networks.

[62]  Christian Rossow,et al.  - vatiCAN - Vetted, Authenticated CAN Bus , 2016, CHES.

[63]  Stefano Zanero,et al.  A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks , 2017, DIMVA.

[64]  Kai Zeng,et al.  Hardware Module-Based Message Authentication in Intra-vehicle Networks , 2017, 2017 ACM/IEEE 8th International Conference on Cyber-Physical Systems (ICCPS).

[65]  Kang G. Shin,et al.  Error Handling of In-vehicle Networks Makes Them Vulnerable , 2016, CCS.

[66]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[67]  Andrey Bogdanov Cryptanalysis of the KeeLoq block cipher , 2007, IACR Cryptol. ePrint Arch..