论文信息 - Source Identification Using Signal Characteristics in Controller Area Networks

Source Identification Using Signal Characteristics in Controller Area Networks

The CAN (Controller Area Network) bus, i.e., the de facto standard for connecting ECUs inside cars, is increasingly becoming exposed to some of the most sophisticated security threats. Due to its broadcast nature and ID oriented communication, each node is sightless in regards to the source of the received messages and assuring source identification is an uneasy challenge. While recent research has focused on devising security in CAN networks by the use of cryptography at the protocol layer, such solutions are not always an alternative due to increased communication and computational overheads, not to mention backward compatibility issues. In this work we set steps for a distinct approach, namely, we try to take authentication up to unique physical characteristics of the frames that are placed by each node on the bus. For this we analyze the frames by taking measurements of the voltage, filtering the signal and examining mean square errors and convolutions in order to uniquely identify each potential sender. Our experimental results show that distinguishing between certain nodes is clearly possible and by clever choices of transceivers and frame IDs each message can be precisely linked to its sender.

Bogdan Groza | Pal-Stefan Murvay | B. Groza | Pal-Stefan Murvay

[1] Jana Dittmann,et al. Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[2] Hovav Shacham,et al. Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[3] Ananthram Swami,et al. PHY Layer Security Based on Protected Zone and Artificial Noise , 2013, IEEE Signal Processing Letters.

[4] Mani Mina,et al. Physical-Layer Identification of Wired Ethernet Devices , 2012, IEEE Transactions on Information Forensics and Security.

[5] Wenyuan Xu,et al. Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[6] Michel Barbeau,et al. Radio Frequency Fingerprinting for Intrusion Detection in Wireless Networks , 2005 .

[7] Ingrid Verbauwhede,et al. CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[8] Philip Koopman,et al. Low cost multicast authentication via validity voting in time-triggered embedded control networks , 2010, WESS '10.