Simulation of In-Vehicle Network CAN (In)Security
Keywords:
CAN bus, in-vehicle network, CAN bus security, cybersecurityAbstract
In-vehicle network security is becoming one of the leading research fields in the cybersecurity area. Modern automobiles consist of Electronic Control Units (ECUs), microcontrollers that control the operations of a vehicle. These ECUs are mainly interconnected through an in-vehicle Controller Area Network (CAN), a message-based protocol that allows communication between different ECUs. The vulnerabilities of CAN which have no encryptions, authentication and integrity checking attributes are widely known but continuous research is made on the security and exploitation of CAN. This is because, the safety and security of vehicles and passengers have become more concerning due to the increase of external and internal vehicle communications. Our paper aims to discuss related works of CAN bus vulnerabilities and security through literature review. This paper conducts simple cyberattacks against CAN bus by data collection, data analysis and attack experiment on the Instrument Cluster Simulator (ICSim) with the help of CAN network analysis tool, CANalyse. CAN packets were collected and analysed and the ID for a number of car functions in ICSim were determined. Attack experiments resulted in sniffing and replay attacks against CAN buses were valid. Finally, from these findings, the paper proposes recommended security measures of CAN bus which are network segmentation, cryptography-based method, and Intrusion Detection System (IDS).
References
Ueda, H., Kurachi, R., Takada, H., Mizutani, T., Inoue, M., & Horihata, S. (2015). Security authentication system for in-vehicle network. SEI technical review, 81, 5-9.
Zhang, H., Meng, X., Zhang, X., & Liu, Z. (2020). CANsec: a practical in-vehicle controller area network security evaluation tool. Sensors, 20(17), 4900.
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., & Savage, S. (2010, May). Experimental security analysis of a modern automobile. In 2010 IEEE symposium on security and privacy (pp. 447-462). IEEE.
Mansor, H., Markantonakis, K., & Mayes, K. (2014, June). CAN bus risk analysis revisit. In IFIP International Workshop on Information Security Theory and Practice (pp. 170-179). Springer, Berlin, Heidelberg.
Palanca, A., Evenchick, E., Maggi, F., & Zanero, S. (2017, July). A stealth, selective, link-layer denial-of-service attack against automotive networks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 185-206). Springer, Cham.
Payne, B. R. (2019). Car Hacking: Accessing and Exploiting the CAN Bus Protocol. Journal of Cybersecurity Education, Research and Practice, 2019(1), 5.
Bella, G., & Biondi, P. (2018, September). Towards an Integrated Penetration Testing Environment for the CAN Protocol. In International Conference on Computer Safety, Reliability, and Security (pp. 344-352). Springer, Cham.
Lade, K. (2020). CANalyse. Retrieved Jan 6, 2022 from https://github.com/KartheekLade/CANalyse
Aliwa, E., Rana, O., Perera, C., & Burnap, P. (2021). Cyberattacks and countermeasures for in-vehicle networks. ACM Computing Surveys (CSUR), 54(1), 1-37.
Bozdal, Mehmet & Samie, Mohammad & Aslam, Sohaib & Jennions, I.K.. (2020). Evaluation of CAN Bus Security Challenges. Sensors. 20. 16-17. 10.3390/s20082364.
Smith, C. (2017). ICSim: Instrument Cluster Simulator for SocketCAN. Retrieved Jan 6, 2022 from https://github.com/zombieCraig/ICSim