CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.Comment: Submitted to conferenc

Tietoturva auton sisäisissä CAN-verkoissa

Tiivistelmä. Tämä tutkielma käsittelee autojen sisäisten CAN-verkkoja sekä niihin liittyviä tietoturvakysymyksiä. Tutkielmassa käsitellään autoissa yleisesti käytetyn CAN-väyläjärjestelmän perusteita, historiaa sekä myös autojen tietoturvaan liittyviä periaatteita teoreettisella tasolla tasolla. Tämän jälkeen tarkastellaan jo olemassa olevan kirjallisuuden ja tutkimuksen pohjalta CAN-väylään liittyviä konkreettisia tietoturvaongelmia, sekä joissain tapauksissa myös tapoja, joilla niitä voidaan poistaa tai vähentää. Tutkielmassa pohditaan myös tietoturvan merkitystä autoissa, sekä sen mahdollisia suuntauksia autoteollisudessa tulevaisuudessa

Spectra: Detecting Attacks on In-Vehicle Networks through Spectral Analysis of CAN-Message Payloads

Nowadays, vehicles have complex in-vehicle networks that have recently been shown to be increasingly vulnerable to cyber-attacks capable of taking control of the vehicles, thereby threatening the safety of the passengers. Several countermeasures have been proposed in the literature in response to the arising threats, however, hurdle requirements imposed by the industry is hindering their adoption in practice. In this paper, we propose SPECTRA, a data-driven anomaly-detection mechanism that is based on spectral analysis of CAN-message payloads. SPECTRA does not abide by the strict specifications predefined for every vehicle model and addresses key real-world deployability challenges