A Stealth, Selective, Link-Layer Denial-of-Service Attack Against Automotive Networks

Modern vehicles incorporate tens of electronic control units (ECUs), driven by as much as 100,000,000 lines of code. They are tightly interconnected via internal networks, mostly based on the CAN bus standard. Past research showed that, by obtaining physical access to the network or by remotely compromising a vulnerable ECU, an attacker could control even safety-critical inputs such as throttle, steering or brakes. In order to secure current CAN networks from cyberattacks, detection and prevention approaches based on the analysis of transmitted frames have been proposed, and are generally considered the most time- and cost-effective solution, to the point that companies have started promoting aftermarket products for existing vehicles.

[1]  Julian Proenza,et al.  Designing sfiCAN: A star-based physical fault injector for CAN , 2011, ETFA2011.

[2]  J. Proenza,et al.  CANcentrate: an active star topology for CAN networks , 2004, IEEE International Workshop on Factory Communication Systems, 2004. Proceedings..

[3]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[4]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[5]  Alfonso Valdes,et al.  Communication pattern anomaly detection in process control systems , 2009, 2009 IEEE Conference on Technologies for Homeland Security.

[6]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[7]  Aaron Hunter,et al.  A Security Analysis of an In-Vehicle Infotainment and App Platform , 2016, WOOT.

[8]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[9]  Wenyuan Xu,et al.  Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[10]  Nathalie Japkowicz,et al.  Frequency-based anomaly detection for the automotive CAN bus , 2015, 2015 World Congress on Industrial Control Systems Security (WCICSS).

[11]  Peter R. Thom,et al.  A Spy Under the Hood: Controlling Risk and Automotive EDR , 2008 .

[12]  Kang G. Shin,et al.  Error Handling of In-vehicle Networks Makes Them Vulnerable , 2016, CCS.

[13]  Armin Wasicek,et al.  Enhancing security in CAN systems using a star coupling router , 2012, 7th IEEE International Symposium on Industrial Embedded Systems (SIES'12).

[14]  Huy Kang Kim,et al.  Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network , 2016, 2016 International Conference on Information Networking (ICOIN).

[15]  André Weimerskirch,et al.  State of the Art: Embedding Security in Vehicles , 2007, EURASIP J. Embed. Syst..

[16]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[17]  Stefan Savage,et al.  Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.

[18]  Flavio D. Garcia,et al.  Lock It and Still Lose It - on the (In)Security of Automotive Remote Keyless Entry Systems , 2016, USENIX Security Symposium.

[19]  André Weimerskirch,et al.  Truck Hacking: An Experimental Analysis of the SAE J1939 Standard , 2016, WOOT.

[20]  D.K. Nilsson,et al.  An approach to specification-based attack detection for in-vehicle networks , 2008, 2008 IEEE Intelligent Vehicles Symposium.

[21]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.