References of "Turcanu, Ion"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailPreventing Frame Fingerprinting in Controller Area Network Through Traffic Mutation
Buscemi, Alessio UL; Turcanu, Ion; Castignani, German UL et al

in IEEE ICC 2022 Workshop - DDINS, Seoul 16-20 May 2022 (2022, May)

The continuous increase of connectivity in commercial vehicles is leading to a higher number of remote access points to the Controller Area Network (CAN) – the most popular in-vehicle network system. This ... [more ▼]

The continuous increase of connectivity in commercial vehicles is leading to a higher number of remote access points to the Controller Area Network (CAN) – the most popular in-vehicle network system. This factor, coupled with the absence of encryption in the communication protocol, poses serious threats to the security of the CAN bus. Recently, it has been demonstrated that CAN data can be reverse engineered via frame fingerprinting, i.e., identification of frames based on statistical traffic analysis. Such a methodology allows fully remote decoding of in-vehicle data and paves the way for remote pre-compiled vehicle-agnostic attacks. In this work, we propose a first solution against CAN frame fingerprinting based on mutating the traffic without applying modifications to the CAN protocol. The results show that the proposed methodology halves the accuracy of CAN frame fingerprinting. [less ▲]

Detailed reference viewed: 132 (16 UL)
Full Text
Peer Reviewed
See detailOn Frame Fingerprinting and Controller Area Networks Security in Connected Vehicles
Buscemi, Alessio UL; Turcanu, Ion; Castignani, German et al

in IEEE Consumer Communications & Networking Conference, Virtual Conference 8-11 January 2022 (2022, January)

Modern connected vehicles are equipped with a large number of sensors, which enable a wide range of services that can improve overall traffic safety and efficiency. However, remote access to connected ... [more ▼]

Modern connected vehicles are equipped with a large number of sensors, which enable a wide range of services that can improve overall traffic safety and efficiency. However, remote access to connected vehicles also introduces new security issues affecting both inter and intra-vehicle communications. In fact, existing intra-vehicle communication systems, such as Controller Area Network (CAN), lack security features, such as encryption and secure authentication for Electronic Control Units (ECUs). Instead, Original Equipment Manufacturers (OEMs) seek security through obscurity by keeping secret the proprietary format with which they encode the information. Recently, it has been shown that the reuse of CAN frame IDs can be exploited to perform CAN bus reverse engineering without physical access to the vehicle, thus raising further security concerns in a connected environment. This work investigates whether anonymizing the frames of each newly released vehicle is sufficient to prevent CAN bus reverse engineering based on frame ID matching. The results show that, by adopting Machine Learning techniques, anonymized CAN frames can still be fingerprinted and identified in an unknown vehicle with an accuracy of up to 80 %. [less ▲]

Detailed reference viewed: 132 (18 UL)
Full Text
Peer Reviewed
See detailCANMatch: A Fully Automated Tool for CAN Bus Reverse Engineering based on Frame Matching
Buscemi, Alessio UL; Turcanu, Ion; Castignani, German et al

in IEEE Transactions on Vehicular Technology (2021)

Controller Area Network (CAN) is the most frequently used in-vehicle communication system in the automotive industry today. The communication inside the CAN bus is typically encoded using proprietary ... [more ▼]

Controller Area Network (CAN) is the most frequently used in-vehicle communication system in the automotive industry today. The communication inside the CAN bus is typically encoded using proprietary formats in order to prevent easy access to the information exchanged on the bus. However, it is still possible to decode this information through reverse engineering, performed either manually or via automated tools. Existing automated CAN bus reverse engineering methods are still time-consuming and require some manual effort, i.e., to inject diagnostic messages in order to trigger specific responses. In this paper, we propose CANMatch a fully automated CAN bus reverse engineering framework that does not require any manual effort and significantly decreases the execution time by exploiting the reuse of CAN frames across different vehicle models. We evaluate the proposed solution on a dataset of CAN logs, or traces, related to 479 vehicles from 29 different automotive manufacturers, demonstrating its improved performance with respect to the state of the art. [less ▲]

Detailed reference viewed: 116 (20 UL)
Full Text
Peer Reviewed
See detailPoster: A Methodology for Semi-Automated CAN Bus Reverse Engineering
Buscemi, Alessio UL; Turcanu, Ion; German, Castignani et al

Poster (2021, November)

Semi-automated Controller Area Network (CAN) reverse engineering has been shown to provide decoding accuracy comparable to the manual approach, while reducing the time required to decode signals. However ... [more ▼]

Semi-automated Controller Area Network (CAN) reverse engineering has been shown to provide decoding accuracy comparable to the manual approach, while reducing the time required to decode signals. However, current approaches are invasive, as they make use of diagnostic messages injected through the On-Board Diagnostics (OBD-II) port and often require a high amount of non-CAN external data. In this work, we present a non-invasive universal methodology for semi-automated CAN bus reverse engineering, which is based on the taxonomy of CAN signals. The data collection is simplified and its time reduced from the current standard of up to an hour to few minutes. A mean recall of around 80 % is obtained. [less ▲]

Detailed reference viewed: 105 (28 UL)