scholarly journals Evaluation of CAN Bus Security Challenges

Sensors ◽  
2020 ◽  
Vol 20 (8) ◽  
pp. 2364 ◽  
Author(s):  
Mehmet Bozdal ◽  
Mohammad Samie ◽  
Sohaib Aslam ◽  
Ian Jennions
Keyword(s):  
Automobile Industry ◽  
Can Bus ◽  
Detection System ◽  
Area Network ◽  
Financial Loss ◽  
Safe Driving ◽  
Vehicle Communication ◽  
Security Issues ◽  
Attack Surface ◽  
Encryption And Authentication

The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS).

scholarly journals A Kohonen SOM Architecture for Intrusion Detection on In-Vehicle Communication Networks

2020 ◽  
Vol 10 (15) ◽  
pp. 5062
Author(s):  
Vita Santa Barletta ◽  
Danilo Caivano ◽  
Antonella Nannavecchia ◽  
Michele Scalera
Keyword(s):  
Intrusion Detection ◽  
Communication Networks ◽  
High Performance ◽  
Clustering Algorithm ◽  
Can Bus ◽  
Detection System ◽  
Complex Structure ◽  
Area Network ◽  
Self Organizing Map ◽  
Vehicle Communication

The diffusion of connected devices in modern vehicles involves a lack in security of the in-vehicle communication networks such as the controller area network (CAN) bus. The CAN bus protocol does not provide security systems to counter cyber and physical attacks. Thus, an intrusion-detection system to identify attacks and anomalies on the CAN bus is desirable. In the present work, we propose a distance-based intrusion-detection network aimed at identifying attack messages injected on a CAN bus using a Kohonen self-organizing map (SOM) network. It is a power classifier that can be trained both as supervised and unsupervised learning. SOM found broad application in security issues, but was never performed on in-vehicle communication networks. We performed two approaches, first using a supervised X–Y fused Kohonen network (XYF) and then combining the XYF network with a K-means clustering algorithm (XYF–K) in order to improve the efficiency of the network. The models were tested on an open source dataset concerning data messages sent on a CAN bus 2.0B and containing large traffic volume with a low number of features and more than 2000 different attack types, sent totally at random. Despite the complex structure of the CAN bus dataset, the proposed architectures showed a high performance in the accuracy of the detection of attack messages.

scholarly journals A CAN-Bus Lightweight Authentication Scheme

Sensors ◽  
2021 ◽  
Vol 21 (21) ◽  
pp. 7069
Author(s):  
Jia-Ning Luo ◽  
Chang-Ming Wu ◽  
Ming-Hour Yang
Keyword(s):  
Can Bus ◽  
Denial Of Service ◽  
Driving Safety ◽  
Area Network ◽  
Delay Guarantee ◽  
Security Issues ◽  
Control Units ◽  
Safety Improvement ◽  
Bus Safety ◽  
Lightweight Authentication

The design of the Controller Area Network (CAN bus) did not account for security issues and, consequently, attacks often use external mobile communication interfaces to conduct eavesdropping, replay, spoofing, and denial-of-service attacks on a CAN bus, posing a risk to driving safety. Numerous studies have proposed CAN bus safety improvement techniques that emphasize modifying the original CAN bus method of transmitting frames. These changes place additional computational burdens on electronic control units cause the CAN bus to lose the delay guarantee feature. Consequently, we proposed a method that solves these compatibility and security issues. Simple and efficient frame authentication algorithms were used to prevent spoofing and replay attacks. This method is compatible with both CAN bus and CAN-FD protocols and has a lower operand when compared with other methods.

scholarly journals Intrusion Detection for in-Vehicle Communication Networks: An Unsupervised Kohonen SOM Approach

2020 ◽  
Vol 12 (7) ◽  
pp. 119
Author(s):  
Vita Santa Barletta ◽  
Danilo Caivano ◽  
Antonella Nannavecchia ◽  
Michele Scalera
Keyword(s):  
Intrusion Detection ◽  
Can Bus ◽  
Traditional Approach ◽  
Detection Accuracy ◽  
Area Network ◽  
Vehicle Communication ◽  
Traditional Procedure ◽  
Wide Range ◽  
Som Network ◽  
Portable Communication

The diffusion of embedded and portable communication devices on modern vehicles entails new security risks since in-vehicle communication protocols are still insecure and vulnerable to attacks. Increasing interest is being given to the implementation of automotive cybersecurity systems. In this work we propose an efficient and high-performing intrusion detection system based on an unsupervised Kohonen Self-Organizing Map (SOM) network, to identify attack messages sent on a Controller Area Network (CAN) bus. The SOM network found a wide range of applications in intrusion detection because of its features of high detection rate, short training time, and high versatility. We propose to extend the SOM network to intrusion detection on in-vehicle CAN buses. Many hybrid approaches were proposed to combine the SOM network with other clustering methods, such as the k-means algorithm, in order to improve the accuracy of the model. We introduced a novel distance-based procedure to integrate the SOM network with the K-means algorithm and compared it with the traditional procedure. The models were tested on a car hacking dataset concerning traffic data messages sent on a CAN bus, characterized by a large volume of traffic with a low number of features and highly imbalanced data distribution. The experimentation showed that the proposed method greatly improved detection accuracy over the traditional approach.

scholarly journals Cyberattacks and Countermeasures for In-Vehicle Networks

2021 ◽  
Vol 54 (1) ◽  
pp. 1-37 ◽  
Author(s):  
Emad Aliwa ◽  
Omer Rana ◽  
Charith Perera ◽  
Peter Burnap
Keyword(s):  
Real Time ◽  
Can Bus ◽  
Mitigation Strategies ◽  
Area Network ◽  
Frame Size ◽  
Control Units ◽  
Time Sensitivity ◽  
Small Frame ◽  
Entry Points ◽  
Attack Surface

As connectivity between and within vehicles increases, so does concern about safety and security. Various automotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay. CAN Bus is the most used in-vehicle network protocol to support exchange of vehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms by design and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made the CAN Bus vulnerable not only from within the vehicle but also from outside. With the rise of connected cars, more entry points and interfaces have been introduced on board vehicles, thereby also leading to a wider potential attack surface. Existing security mechanisms focus on the use of encryption, authentication, and vehicle Intrusion Detection Systems (IDS), which operate under various constraints such as low bandwidth, small frame size (e.g., in the CAN protocol), limited availability of computational resources, and real-time sensitivity. We survey and classify current cryptographic and IDS approaches and compare these approaches based on criteria such as real-time constraints, types of hardware used, changes in CAN Bus behaviour, types of attack mitigation, and software/ hardware used to validate these approaches. We conclude with mitigation strategies limitations and research challenges for the future.

scholarly journals Implementation of a bluetooth attack on controller area network (CAN)

2021 ◽  
Vol 21 (1) ◽  
pp. 321
Author(s):  
Zniti Asmae ◽  
El Ouazzani Nabih
Keyword(s):  
Short Range ◽  
Can Bus ◽  
Controller Area Network ◽  
Area Network ◽  
Safe Driving ◽  
General Overview ◽  
A Priority

<span>In this paper a general overview of the vulnerability of the CAN bus is presented and a practical short-range attack is proposed. There are more and more potential attacks on the CAN bus, which may cause leakage of information and thereby there may be danger for safe driving. The attack combines several techniques, such as how to update a node firmware using a Bluetooth module and inject a priority fake frame, in order to block the legitimate messages. </span>

Research of Automotive Controller Area Network Bus Detection System

2013 ◽  
Vol 662 ◽  
pp. 736-739
Author(s):  
Hong Wei Cui
Keyword(s):  
Data Fusion ◽  
Detection Method ◽  
Can Bus ◽  
Detection System ◽  
Fault Analysis ◽  
Controller Area Network ◽  
Failure Diagnosis ◽  
Area Network ◽  
Fusion Model ◽  
Work Condition

The detection method of automotive controller area network bus is studied in this paper. The composition of detection system is introduced. By analyzing and processing the data of CAN bus and sensors, work condition of automotive is achieved. Multi-pattern data fusion model and algorithm for failure diagnosis is researched. The detection system designed in this paper can be applied to automotive fault analysis, troubleshooting and maintenance.

scholarly journals DSSAM: digitally signed secure acknowledgement method for mobile ad hoc network

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Ashutosh Srivastava ◽  
Sachin Kumar Gupta ◽  
Mohd Najim ◽  
Nitesh Sahu ◽  
Geetika Aggarwal ◽  
...  
Keyword(s):  
Digital Signature ◽  
Intrusion Detection System ◽  
Ad Hoc Network ◽  
Ad Hoc ◽  
Mobile Ad Hoc Network ◽  
Detection System ◽  
Source Routing ◽  
Security Issues ◽  
Dynamic Source ◽  
Mobile Ad Hoc

AbstractMobile ad hoc network (MANET) is an infrastructure-less, self-motivated, arbitrary, self-configuring, rapidly changing, multi-hop network that is self-possessing wireless bandwidth-conscious links without centrally managed router support. In such a network, wireless media is easy to snoop. It is firm to the surety to access any node, easier to insertion of bad elements or attackers for malicious activities in the network. Therefore, security issues become one of the significant considerations for such kind of networks. The deployment of an effective intrusion detection system is important in order to provide protection against various attacks. In this paper, a Digitally Signed Secure Acknowledgement Method (DSSAM) with the use of the RSA digital signature has been proposed and simulated. Three different parameters are considered, namely secure acknowledgment, node authentication, and packet authentication for study. This article observes the DSSAM performance and compares it with two existing standard methods, namely Watchdog and 2-ACK under standard Dynamic Source Routing (DSR) routing environment. In the end, it is noticed that the rate of detection of malicious behaviour is better in the case of the proposed method. However, associated overheads are high. A trade-off between performance and overhead has been considered.

scholarly journals IoT Botnet Anomaly Detection Using Unsupervised Deep Learning

Electronics ◽  
2021 ◽  
Vol 10 (16) ◽  
pp. 1876
Author(s):  
Ioana Apostol ◽  
Marius Preda ◽  
Constantin Nila ◽  
Ion Bica
Keyword(s):  
Deep Learning ◽  
Detection System ◽  
False Positive Rate ◽  
Empirical Evaluation ◽  
Learning Approaches ◽  
Promising Alternative ◽  
Positive Rate ◽  
Unsupervised Deep Learning ◽  
Attack Surface ◽  
Iot Devices

The Internet of Things has become a cutting-edge technology that is continuously evolving in size, connectivity, and applicability. This ecosystem makes its presence felt in every aspect of our lives, along with all other emerging technologies. Unfortunately, despite the significant benefits brought by the IoT, the increased attack surface built upon it has become more critical than ever. Devices have limited resources and are not typically created with security features. Lately, a trend of botnet threats transitioning to the IoT environment has been observed, and an army of infected IoT devices can expand quickly and be used for effective attacks. Therefore, identifying proper solutions for securing IoT systems is currently an important and challenging research topic. Machine learning-based approaches are a promising alternative, allowing the identification of abnormal behaviors and the detection of attacks. This paper proposes an anomaly-based detection solution that uses unsupervised deep learning techniques to identify IoT botnet activities. An empirical evaluation of the proposed method is conducted on both balanced and unbalanced datasets to assess its threat detection capability. False-positive rate reduction and its impact on the detection system are also analyzed. Furthermore, a comparison with other unsupervised learning approaches is included. The experimental results reveal the performance of the proposed detection method.

Sign in / Sign up

Export Citation Format

Share Document