A wavelet-based intrusion detection system for controller area network (can).

Samie, Mohammad - Associate SupervisorController Area Network (CAN), designed in the early 1980s, is the most widely used in-vehicle communication protocol. The CAN protocol has various features to provide highly reliable communication between the nodes. Some of these features are the arbitration process to provide fixed priority scheduling, error confinement mechanism to eliminate faulty nodes, and message form check along with cyclic redundancy checksum to identify transmission faults. It also has differential voltage architecture on twisted two-wire, eliminating electrical and magnetic noise. Although these features make the CAN a perfect solution for the real-time cyber-physical structure of vehicles, the protocol lacks basic security measures like encryption and authentication; therefore, vehicles are vulnerable to cyber-attacks. Due to increased automation and connectivity, the attack surface rises over time. This research aims to detect CAN bus attacks by proposing WINDS, a wavelet-based intrusion detection system. The WINDS analyses the network traffic behaviour by binary classification in the time-scale domain to identify potential attack instances anomalies. As there is no standard testing methodology, a part of this research constitutes a comprehensive testing framework and generation of benchmarking dataset. Finally, WINDS is tested according to the framework and its competitiveness with state-of-the-art solutions is presented.PhD in Transport System

Resilient Shield: Reinforcing the Resilience of Vehicles Against Security Threats

Vehicles have become complex computer systems with multiple communication interfaces. In the future, vehicles will have even more connections to e.g., infrastructure, pedestrian smartphones, cloud, road-side-units and the Internet. External and physical interfaces, as well as internal communication buses have shown to have potential to be exploited for attack purposes. As a consequence, there is an increase in regulations which demand compliance with vehicle cyber resilience requirements. However, there is currently no clear guidance on how to comply with these regulations from a technical perspective.To address this issue, we have performed a comprehensive threat and risk analysis based on published attacks against vehicles from the past 10 years, from which we further derive necessary security and resilience techniques. The work is done using the SPMT methodology where we identify vital vehicle assets, threat actors, their motivations and objectives, and develop a comprehensive threat model. Moreover, we develop a comprehensive attack model by analyzing the identified threats and attacks. These attacks are filtered and categorized based on attack type, probability, and consequence criteria. Additionally, we perform an exhaustive mapping between asset, attack, threat actor, threat category, and required mitigation mechanism for each attack, resulting in a presentation of a secure and resilient vehicle design. Ultimately, we present the Resilient Shield a novel and imperative framework to justify and ensure security and resilience within the automotive domain

On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines

Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements.This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated. The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks. The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud