Identifier Randomization: An Efficient Protection Against CAN-Bus Attacks

The Cyber-Physical Architecture of vehicles is composed of sensors, actuators, and electronic control units all communicating over shared communication buses. For historical reasons the internal communication buses, as the Controller Area Network (CAN), do not implement security mechanisms; the communications are assumed to be “trusted.” Recently these trusted relations have been challenged and leveraged to launch cyber-physical attacks against modern vehicles. As a result, it becomes urgent to enhance the security features of vehicles and notably the robustness of the CAN bus which represents an important channel of attacks.

[1]  Erland Jonsson,et al.  Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes , 2008, 2008 IEEE 68th Vehicular Technology Conference.

[2]  Mirco Marchetti,et al.  Anomaly detection of CAN bus messages through analysis of ID sequences , 2017, 2017 IEEE Intelligent Vehicles Symposium (IV).

[3]  Bo Luo,et al.  Using ID-Hopping to Defend Against Targeted DoS on CAN , 2017, SCAV@CPSWeek.

[4]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[5]  Nathalie Japkowicz,et al.  Frequency-based anomaly detection for the automotive CAN bus , 2015, 2015 World Congress on Industrial Control Systems Security (WCICSS).

[6]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[7]  Michele Colajanni,et al.  Detecting attacks to internal vehicle networks through Hamming distance , 2017, 2017 AEIT International Annual Conference.

[8]  Sylvain Guilley,et al.  On the optimality and practicability of mutual information analysis in some scenarios , 2016, Cryptography and Communications.

[9]  Stefan Savage,et al.  Fast and Vulnerable: A Story of Telematic Failures , 2015, WOOT.

[10]  Shwetak N. Patel,et al.  Experimental Security Analysis of a Modern Automobile , 2010, 2010 IEEE Symposium on Security and Privacy.

[11]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.