This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
CAN Security: Cost-Effective Intrusion Detection for Real-Time Control Systems
Technical Paper
2014-01-0340
ISSN: 0148-7191, e-ISSN: 2688-3627
Annotation ability available
Sector:
Language:
English
Abstract
In-vehicle networks are generally used for computerized control and connecting information technology devices in cars. However, increasing connectivity also increases security risks. “Spoofing attacks”, in which an adversary infiltrates the controller area network (CAN) with malicious data and makes the car behave abnormally, have been reported. Therefore, countermeasures against this type of attack are needed.
Modifying legacy electronic control units (ECUs) will affect development costs and reliability because in-vehicle networks have already been developed for most vehicles. Current countermeasures, such as authentication, require modification of legacy ECUs. On the other hand, anomaly detection methods may result in misdetection due to the difficulty in setting an appropriate threshold. Evaluating a reception cycle of data can be used to simply detect spoofing attacks. However, this may result in false detection due to fluctuation in the data reception cycle in the CAN.
We propose the “delayed-decision cycle detection” method for improving a conventional cycle detection method, which does not require modification of legacy ECUs, detects intrusions with a low misdetection rate, and prevents intrusions. We evaluated this method in a simulated environment of an actual car. The processing load of the method was sufficiently low. In some specific cases, the method resulted in misdetection. Therefore, we further improved the proposed detection method.
Security architecture for in-vehicle networks should be constructed of multi-layer countermeasures to prevent single point of attacks. The proposed method can be easily applied as one layer of security architecture because it has several advantages, such as low processing load, and does not require the modification of legacy ECUs.
Recommended Content
Authors
Citation
Otsuka, S., Ishigooka, T., Oishi, Y., and Sasazawa, K., "CAN Security: Cost-Effective Intrusion Detection for Real-Time Control Systems," SAE Technical Paper 2014-01-0340, 2014, https://doi.org/10.4271/2014-01-0340.Also In
References
- Koscher , K. , Czeskis , A. , Roesner , F. , Patel , S. et al. Experimental security analysis of a modern automobile IEEE Symposium on Security and Privacy 2010 447 462 2010
- Checkoway , S. , McCoy , D. , Kantor , B. , Anderson , D. et al. Comprehensive experimental analyses of automotive attack surfaces the 20th USENIX Security Symposium USA August 8 12 2011
- ISO International Standard Road vehicles - Functional safety ISO Standard 26262 Nov. 2011
- Hoppe , T. , Kiltz , S. , and Dittmann , J. Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures Proceedings of the 27th international conference on Computer Safety, Reliability, and Security, SAFECOMP '08 235 248 2009
- Herrewege , V. A. , Singelee , D. , and Verbauwhede , I. CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus Embedded Security in Cars 9th 7 Dresden, DE 2011
- Müter , M. , and Asaj , N. Entropy-Based Anomaly Detection for In-Vehicle Networks 2011 IEEE Intelligent Vehicles Symposium (IV) Baden-Baden, Germany June 5 9 2011
- Müter , M. , Groll , A. , and Freiling , C.F. A Structured Approach to Anomaly Detection for In-Vehicle Networks Information Assurance and Security (IAS), 2010 Sixth International Conference 23 25 Aug. 2010
- Matsumoto , T. , Hata , M. , Tanabe , M. , Yoshioka , K. et al. A Method of Preventing Unauthorized Data Transmission in Controller Area Network Vehicular Technology Conference (VTC Spring), 2012 IEEE 75 th 2012