An official website of the United States government
The smart city landscape is rife with opportunities for mobility and economic optimization, but also presents many security concerns spanning the range of components and systems in the smart ecosystem. One key enabler for this ecosystem is smart transportation and transit, which is foundationally built upon connected vehicles. Ensuring vehicular security, while necessary to guarantee passenger and pedestrian safety, is itself challenging due to the broad attack surfaces of modern automotive systems. A single car contains dozens to hundreds of small embedded computing devices known as electronic control units (ECUs) executing 100s of millions of lines of code; the inherent complexity of this tightly-integrated cyber-physical system (CPS) is one of the key problems that frustrates effective security. We describe an approach to help reduce the complexity of security analyses by leveraging unsupervised machine learning to learn clusters of messages passed between ECUs that correlate with changes in the CPS state of a vehicle as it moves through the world. Our approach can help to improve the security of vehicles in a smart city, and can leverage smart city infrastructure to further enrich and refine the quality of the machine learning output.
more »
« less
Towards Reverse Engineering Controller Area Network Messages Using Machine Learning
The automotive Controller Area Network (CAN) allows Electronic Control Units (ECUs) to communicate with each other and control various vehicular functions such as engine and braking control. Consequently CAN and ECUs are high priority targets for hackers. As CAN implementation details are held as proprietary information by vehicle manufacturers, it can be challenging to decode and correlate CAN messages to specific vehicle operations. To understand the precise meanings of CAN messages, reverse engineering techniques that are time-consuming, manually intensive, and require a physical vehicle are typically used. This work aims to address the process of reverse engineering CAN messages for their functionality by creating a machine learning classifier that analyzes messages and determines their relationship to other messages and vehicular functions. Our work examines CAN traffic of different vehicles and standards to show that it can be applied to a wide arrangement of vehicles. The results show that the function of CAN messages can be determined without the need to manually reverse engineer a physical vehicle.
more »
« less
- Award ID(s):
- 1645987
- PAR ID:
- 10198349
- Date Published:
- Journal Name:
- Proceedings of the IEEE World Forum on Internet of Things (WF-IoT)
- Page Range / eLocation ID:
- 1 to 6
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Cyber Physical Systems (CPS) consist of integration of cyber and physical spaces through computing, communication, and control operations. In vehicular CPS, modern vehicles with multiple Electronic Control Units (ECUs) and networking with other vehicles help autonomous driving. Vehicular CPS is vulner-able to multitude of cyber attacks, including false data injection attacks. This paper presents an Asynchronous Federated Learning (AFL) with a Gated Recurrent Unit (GRU) model for identifying False Data Injection (FDI) attacks in a VCPS. The AFL model continuously monitors the network and constructs a digital twin using the data obtained from a VCPS for intrusion detection. The proposed model is evaluated using different evaluation metrics. Numerical results show that the AFL model outperforms other existing models.more » « less
-
The Controller Area Network (CAN) protocol used in vehicles today was designed to be fast, reliable, and robust. However, it is inherently insecure due to its lack of any kind of message authentication. Despite this, CAN is still used extensively in the automotive industry for various electronic control units (ECUs) and sensors which perform critical functions such as engine control. This paper presents a novel methodology for in-vehicle security through fingerprinting of ECUs. The proposed research uses the fingerprints injected in the signal due to material imperfections and semiconductor impurities. By extracting features from the physical CAN signal and using them as inputs for a machine learning algorithm, it is possible to determine the sender ECU of a packet. A high classification accuracy of up to 100.0% is possible when every node on the bus has a sufficiently different channel length.more » « less
-
A vehicular communication network allows vehicles on the road to be connected by wireless links, providing road safety in vehicular environments. Vehicular communication network is vulnerable to various types of attacks. Cryptographic techniques are used to prevent attacks such as message modification or vehicle impersonation. However, cryptographic techniques are not enough to protect against insider attacks where an attacking vehicle has already been authenticated in the network. Vehicular network safety services rely on periodic broadcasts of basic safety messages (BSMs) from vehicles in the network that contain important information about the vehicles such as position, speed, received signal strength (RSSI) etc. Malicious vehicles can inject false position information in a BSM to commit a position falsification attack which is one of the most dangerous insider attacks in vehicular networks. Position falsification attacks can lead to traffic jams or accidents given false position information from vehicles in the network. A misbehavior detection system (MDS) is an efficient way to detect such attacks and mitigate their impact. Existing MDSs require a large amount of features which increases the computational complexity to detect these attacks. In this paper, we propose a novel grid-based misbehavior detection system which utilizes the position information from the BSMs. Our model is tested on a publicly available dataset and is applied using five classification algorithms based on supervised learning. Our model performs multi-classification and is found to be superior compared to other existing methods that deal with position falsification attacks.more » « less
-
Modern vehicles are largely controlled by many embedded computers, known as Electronic Control Units (ECUs). The increased use of ECUs has brought many in-vehicle security concerns. Specifically, injection of malware into ECUs poses a significant risk to vehicle operation. Indeed, many ECU malware injection attacks have been performed, and much work has been introduced towards mitigating these vulnerabilities. A main defense is for ECUs to perform a self-attestation over their firmware state. However, most current self-attestation solutions do not enable runtime checking due to their high computational cost. Additionally, existing solutions mostly do not incorporate any ECU self-repairing in coordination with the attestation mechanisms. In this work, we have designed FSAVER, a highly efficient self-attestation and self-repair framework for in-vehicle ECUs. For the self-attestation, we adapt highly efficient spot-checking techniques, so that the firmware can be checked periodically at runtime. To perform these attestations, we rely on the TEE already equipped within each ECU. For self-repair, we take advantage of the isolated flash memory controller (FMC) in the storage device. Specifically, we coordinate it with the update mechanism and self-attestations to guarantee that the latest benign firmware version can always be restored. To realize this while malware is running, a special mechanism has been carefully developed to notify the FMC of the malicious presence.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/WF-IoT48130.2020.9221383
