Evading Voltage-Based Intrusion Detection on Automotive CAN

works/nodes through USB, cellular, Bluetooth, and WiFi connections [48]. Unfortunately, these interfaces provide various attack surfaces making these ECUs vulnerable to a remote adversary [6], [31], [32], [35], [36]. After infiltrating CAN by compromising any of these ECUs, the adversary can carry out a variety of attacks [24], [32], [35], [36], [49] against other ECUs since the CAN lacks mainstream network security capabilities due to resource constraints. In particular, a compromised ECU (e.g., Telematics Control Unit) may impersonate a benign ECU (e.g., Engine Control Unit) that cannot be remotely compromised, and forge the latter’s CAN messages to disrupt safety-critical automotive functions (e.g., engine speed). We call such attacks ECU masquerade attacks.

[1]  Christopher Huth,et al.  EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive Networks , 2020, NDSS.

[2]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[3]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[4]  Qiang Hu,et al.  Review of Secure Communication Approaches for In-Vehicle Network , 2018, International Journal of Automotive Technology.

[5]  Qi Alfred Chen,et al.  Automated Cross-Platform Reverse Engineering of CAN Bus Commands From Mobile Apps , 2020, NDSS.

[6]  Kang G. Shin,et al.  Error Handling of In-vehicle Networks Makes Them Vulnerable , 2016, CCS.

[7]  Mirco Marchetti,et al.  READ: Reverse Engineering of Automotive Data Frames , 2003, IEEE Transactions on Information Forensics and Security.

[8]  Pavel Laskov,et al.  Practical Evasion of a Learning-Based Classifier: A Case Study , 2014, 2014 IEEE Symposium on Security and Privacy.

[9]  Xiaojin Zhu,et al.  Using Machine Teaching to Identify Optimal Training-Set Attacks on Machine Learners , 2015, AAAI.

[10]  Steven E. Shladover,et al.  Potential Cyberattacks on Automated Vehicles , 2015, IEEE Transactions on Intelligent Transportation Systems.

[11]  Bogdan Groza,et al.  Development of an AUTOSAR Compliant Cryptographic Library on State-of-the-Art Automotive Grade Controllers , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[12]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[13]  Qi Alfred Chen,et al.  Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT , 2020, USENIX Security Symposium.

[14]  Christopher Huth,et al.  Scission: Signal Characteristic-Based Sender Identification and Intrusion Detection in Automotive Networks , 2018, CCS.

[15]  Kang G. Shin,et al.  LibreCAN: Automated CAN Message Translator , 2019, CCS.

[16]  Ming Li,et al.  SIMPLE: single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks , 2019, ACSAC.

[17]  Blaine Nelson,et al.  Poisoning Attacks against Support Vector Machines , 2012, ICML.

[18]  Alan Burns,et al.  Controller Area Network (CAN) schedulability analysis: Refuted, revisited and revised , 2007, Real-Time Systems.

[19]  Stefan Nürnberger,et al.  I Know Where You Parked Last Summer : Automated Reverse Engineering and Privacy Analysis of Modern Cars , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[20]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[21]  Ivan Martinovic,et al.  Losing the Car Keys: Wireless PHY-Layer Insecurity in EV Charging , 2019, USENIX Security Symposium.

[22]  Kang G. Shin,et al.  Viden: Attacker Identification on In-Vehicle Networks , 2017, CCS.

[23]  Dong Hoon Lee,et al.  A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN , 2015, IEEE Transactions on Intelligent Transportation Systems.

[24]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[25]  Edison Pignaton de Freitas,et al.  A Quantitative Performance Study on CAN and CAN FD Vehicular Networks , 2018, IEEE Transactions on Industrial Electronics.

[26]  Bogdan Groza,et al.  Security Solutions for the Controller Area Network: Bringing Authentication to In-Vehicle Networks , 2018, IEEE Vehicular Technology Magazine.

[27]  Marc Pous,et al.  EMI radiated characterization of an hybrid bus , 2011, 10th International Symposium on Electromagnetic Compatibility.

[28]  Enrique San Millán,et al.  Cryptographically secure pseudo-random bit generator for RFID tags , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[29]  Chang Liu,et al.  Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[30]  Radha Poovendran,et al.  Cloaking the Clock: Emulating Clock Skew in Controller Area Networks , 2017, 2018 ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS).

[31]  Avishai Wool,et al.  Field classification, modeling and anomaly detection in unknown CAN bus networks , 2017, Veh. Commun..

[32]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[33]  Christian Rossow,et al.  - vatiCAN - Vetted, Authenticated CAN Bus , 2016, CHES.

[34]  Antonio Lima,et al.  Towards Safe and Secure Autonomous and Cooperative Vehicle Ecosystems , 2016, CPS-SPC '16.

[35]  Dong Hoon Lee,et al.  VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System , 2018, IEEE Transactions on Information Forensics and Security.

[36]  Felix C. Freiling,et al.  A structured approach to anomaly detection for in-vehicle networks , 2010, 2010 Sixth International Conference on Information Assurance and Security.