Mitigating Vulnerabilities of Voltage-based Intrusion Detection Systems in Controller Area Networks

07/25/2019
by   Sang Uk Sagong, et al.
0

Data for controlling a vehicle is exchanged among Electronic Control Units (ECUs) via in-vehicle network protocols such as the Controller Area Network (CAN) protocol. Since these protocols are designed for an isolated network, the protocols do not encrypt data nor authenticate messages. Intrusion Detection Systems (IDSs) are developed to secure the CAN protocol by detecting abnormal deviations in physical properties. For instance, a voltage-based IDS (VIDS) exploits voltage characteristics of each ECU to detect an intrusion. An ECU with VIDS must be connected to the CAN bus using extra wires to measure voltages of the CAN bus lines. These extra wires, however, may introduce new attack surfaces to the CAN bus if the ECU with VIDS is compromised. We investigate new vulnerabilities of VIDS and demonstrate that an adversary may damage an ECU with VIDS, block message transmission, and force an ECU to retransmit messages. In order to defend the CAN bus against these attacks, we propose two hardware-based Intrusion Response Systems (IRSs) that disconnect the compromised ECU from the CAN bus once these attacks are detected. We develop four voltage-based attacks by exploiting vulnerabilities of VIDS and evaluate the effectiveness of the proposed IRSs using a CAN bus testbed.

READ FULL TEXT

page 8

page 9

research
08/13/2018

An Entropy Analysis based Intrusion Detection System for Controller Area Network in Vehicles

Dozens of Electronic Control Units (ECUs) can be found on modern vehicle...
research
07/25/2018

Shape of the Cloak: Formal Analysis of Clock Skew-Based Intrusion Detection System in Controller Area Networks

This paper presents a new masquerade attack called the cloaking attack a...
research
10/17/2022

CAN-BERT do it? Controller Area Network Intrusion Detection System based on BERT Language Model

Due to the rising number of sophisticated customer functionalities, elec...
research
03/27/2020

Hardware Fingerprinting for the ARINC 429 Avionic Bus

ARINC 429 is the most common data bus in use today in civil avionics. Ho...
research
08/25/2020

Divider: Delay-Time Based Sender Identification in Automotive Networks

Controller Area Network (CAN) is one of the in-vehicle network protocols...
research
06/16/2021

Detecting message modification attacks on the CAN bus with Temporal Convolutional Networks

Multiple attacks have shown that in-vehicle networks have vulnerabilitie...
research
10/07/2019

CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has alre...

Please sign up or login with your details

Forgot password? Click here to reset