Secure Passive Keyless Entry and Start System Using Machine Learning

Despite the benefits of the passive keyless entry and start (PKES) system in improving the locking and starting capabilities, it is vulnerable to relay attacks even though the communication is protected using strong cryptographic techniques. In this paper, we propose a data-intensive solution based on machine learning to mitigate relay attacks on PKES Systems. The main contribution of the paper, beyond the novelty of the solution in using machine learning, is in (1) the use of a set of security features that accurately profiles the PKES system, (2) identifying abnormalities in PKES regular behavior, and (3) proposing a countermeasure that guarantees a desired probability of detection with a fixed false alarm rate by trading off the training time and accuracy. We evaluated our method using the last three months log of a PKES system using the Decision Tree, SVM, KNN and ANN and provide the comparative analysis of the relay attack detection results. Our proposed framework leverages the accuracy of supervised learning on known classes with the adaptability of k-fold cross-validation technique for identifying malicious and suspicious activities. Our test results confirm the effectiveness of the proposed solution in distinguishing relayed messages from legitimate transactions.

[1]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[2]  Mohan M. Trivedi,et al.  A General Active-Learning Framework for On-Road Vehicle Recognition and Tracking , 2010, IEEE Transactions on Intelligent Transportation Systems.

[3]  Shwetak N. Patel,et al.  Experimental Security Analysis of a Modern Automobile , 2010, 2010 IEEE Symposium on Security and Privacy.

[4]  Moti Yung,et al.  Fourth-factor authentication: somebody you know , 2006, CCS '06.

[5]  Yi Lu Murphey,et al.  Intelligent Vehicle Power Control Based on Machine Learning of Optimal Control Parameters and Prediction of Road Type and Traffic Congestion , 2009, IEEE Transactions on Vehicular Technology.

[6]  Roderic Broadhurst,et al.  Towards a Feature Rich Model for Predicting Spam Emails containing Malicious Attachments and URLs , 2014 .

[7]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[8]  Wenyuan Xu,et al.  Risks of trusting the physics of sensors , 2018, Commun. ACM.

[9]  Antonella Santone,et al.  Who's Driving My Car? A Machine Learning based Approach to Driver Identification , 2018, ICISSP.

[10]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[11]  Ryad Benadjila,et al.  One Car, Two Frames: Attacks on Hitag-2 Remote Keyless Entry Systems Revisited , 2017, WOOT.

[12]  Ludovic Apvrille,et al.  Car2X Communication: Securing the Last Meter - A Cost-Effective Approach for Ensuring Trust in Car2X Applications Using In-Vehicle Symmetric Cryptography , 2011, 2011 IEEE Vehicular Technology Conference (VTC Fall).

[13]  Srdjan Capkun,et al.  Are We Really Close? Verifying Proximity in Wireless Systems , 2017, IEEE Security & Privacy.

[14]  Hisashi Kashima,et al.  Supervised and Unsupervised Intrusion Detection Based on CAN Message Frequencies for In-vehicle Network , 2018, J. Inf. Process..

[15]  Eric Sax,et al.  Embedded Hybrid Anomaly Detection for Automotive CAN Communication , 2018 .

[16]  Jemal H. Abawajy,et al.  Using feature selection for intrusion detection system , 2012, 2012 International Symposium on Communications and Information Technologies (ISCIT).

[17]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[18]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[19]  Won Suk Choi,et al.  Sound-Proximity: 2-Factor Authentication against Relay Attack on Passive Keyless Entry and Start System , 2018 .

[20]  Srdjan Capkun,et al.  Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars , 2010, NDSS.

[21]  Krishna Kant,et al.  A Lightweight Integrity Protection Scheme for Fast Communications in Smart Grid , 2017, SECRYPT.

[22]  Jing Wang,et al.  Protecting Private Keys against Memory Disclosure Attacks Using Hardware Transactional Memory , 2015, 2015 IEEE Symposium on Security and Privacy.