On Frame Fingerprinting and Controller Area Networks Security in Connected Vehicles

Buscemi, Alessio; Turcanu, Ion; Castignani, German; Engel, Thomas

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

On Frame Fingerprinting and Controller Area Networks Security in Connected Vehicles

Buscemi, Alessio; Turcanu, Ion; Castignani, German et al.

2022 • In IEEE Consumer Communications & Networking Conference, Virtual Conference 8-11 January 2022

Peer reviewed

Permalink
https://hdl.handle.net/10993/48391

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

paper_stamped.pdf

Author preprint (309.84 kB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

Connected Vehicles Security; CAN Bus Reverse Engineering; Machine Learning; Frame Identification

Abstract :

[en] Modern connected vehicles are equipped with a large number of sensors, which enable a wide range of services that can improve overall traffic safety and efficiency. However, remote access to connected vehicles also introduces new security issues affecting both inter and intra-vehicle communications. In fact, existing intra-vehicle communication systems, such as Controller Area Network (CAN), lack security features, such as encryption and secure authentication for Electronic Control Units (ECUs). Instead, Original Equipment Manufacturers (OEMs) seek security through obscurity by keeping secret the proprietary format with which they encode the information. Recently, it has been shown that the reuse of CAN frame IDs can be exploited to perform CAN bus reverse engineering without physical access to the vehicle, thus raising further security concerns in a connected environment. This work investigates whether anonymizing the frames of each newly released vehicle is sufficient to prevent CAN bus reverse engineering based on frame ID matching. The results show that, by adopting Machine Learning techniques, anonymized CAN frames can still be fingerprinted and identified in an unknown vehicle with an accuracy of up to 80 %.

Disciplines :

Computer science

Author, co-author :

Buscemi, Alessio ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

Turcanu, Ion; Luxembourg Institute of Science & Technology - LIST > ITIS

Castignani, German; University of Luxembourg > FSTM

Engel, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)

External co-authors :

Language :

English

Title :

On Frame Fingerprinting and Controller Area Networks Security in Connected Vehicles

Publication date :

January 2022

Event name :

2022 IEEE Consumer Communications & Networking Conference

Event date :

from 08-01-2022 to 11-01-2022

Main work title :

IEEE Consumer Communications & Networking Conference, Virtual Conference 8-11 January 2022

Peer reviewed :

Peer reviewed

FnR Project :

FNR10621687 - Security And Privacy For System Protection, 2015 (01/01/2017-30/06/2023) - Sjouke Mauw

Available on ORBilu :

since 18 October 2021

Statistics

Number of views

237 (33 by Unilu)

Number of downloads

216 (12 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

M. Bertoncello, G. Camplone, P. Gao, et al., "Monetizing car data-new service business opportunities to create new customer benefits, " McKinsey & Company, 2016.
L. Nkenyereye and J.-W. Jang, "Integration of big data for querying CAN bus data from connected car, " in 9th International Conference on Ubiquitous and Future Networks (ICUFN), 2017, pp. 946-950.
V. H. Le, J. den Hartog, and N. Zannone, "Security and privacy for innovative automotive applications: A survey, " Computer Communications, vol. 132, pp. 17-41, 2018.
J. Cui, L. S. Liew, G. Sabaliauskaite, and F. Zhou, "A review on safety failures, security attacks, and available countermeasures for autonomous vehicles, " Ad Hoc Networks, vol. 90, p. 101 823, 2019.
W. Wu, R. Li, G. Xie, et al., "A survey of intrusion detection for in-vehicle networks, " IEEE Transactions on Intelligent Transportation Systems, vol. 21, no. 3, pp. 919-933, 2019.
G. Brindescu. "DARPA Hacked a Chevy Impala Through Its OnStar System. " (2015), [Online]. Available: https://www. autoevolution. com/news/darpa-hacked-a-chevy-impala-through-its-onstar-system-video-92194. html (visited on 04/02/2021).
C. Miller and C. Valasek, "Remote exploitation of an unaltered passenger vehicle, " Black Hat USA, vol. 2015, no. S 91, 2015.
C. Quigley, D. Charles, and R. McLaughlin, "CAN Bus Message Electrical Signatures for Automotive Reverse Engineering, Bench Marking and Rogue ECU Detection, " in SAE Technical Paper, SAE International, Apr. 2019.
A. Buscemi, I. Turcanu, G. Castignani, R. Crunelle, and T. Engel, "Poster: A Methodology for Semi-Automated CAN Bus Reverse Engineering, " in 13th IEEE Vehicular Networking Conference (VNC), IEEE, Nov. 2021.
M. Jaynes, R. Dantu, R. Varriale, and N. Evans, "Automating ECU identification for vehicle security, " in 15th International Conference on Machine Learning and Applications (ICMLA), IEEE, 2016, pp. 632-635.
M. Marchetti and D. Stabili, "READ: Reverse engineering of automotive data frames, " IEEE Transactions on Information Forensics and Security, vol. 14, no. 4, pp. 1083-1097, 2018.
M. D. Pese, T. Stacer, C. A. Campos, E. Newberry, D. Chen, and K. G. Shin, "LibreCAN: Automated CAN Message Translator, " in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS), ACM, 2019, pp. 2283-2300.
M. R. Moore, R. A. Bridges, F. L. Combs, and A. L. Anderson, "Data-Driven Extraction of Vehicle States From CAN Bus Traffic for Cyberprotection and Safety, " IEEE Consumer Electronics Magazine, vol. 8, no. 6, pp. 104-110, 2019.
A. Buscemi, G. Castignani, T. Engel, and I. Turcanu, "A Data-Driven Minimal Approach for CAN Bus Reverse Engineering, " in 3rd IEEE Connected and Automated Vehicles Symposium (CAVS), Victoria, Canada: IEEE, Oct. 2020.
A. Buscemi, I. Turcanu, G. Castignani, R. Crunelle, and T. Engel, "CANMatch: A Fully Automated Tool for CAN Bus Reverse Engineering based on Frame Matching, " IEEE Transactions on Vehicular Technology, vol. 70, no. 12, Nov. 2021.
B. C. Nolan, S. Graham, B. Mullins, and C. S. Kabban, "Unsupervised time series extraction from controller area network payloads, " in IEEE 88th Vehicular Technology Conference (VTC-Fall), IEEE, 2018, pp. 1-5.
K.-T. Cho and K. G. Shin, "Fingerprinting Electronic Control Units for Vehicle Intrusion Detection, " in 25th USENIX Security Symposium (USENIX Security 16), Aug. 2016, pp. 911-927.
C. Geng, S. Huang, and S. Chen, "Recent Advances in Open Set Recognition: A Survey, " CoRR, vol. abs/1811. 08581, 2018.
P. R. M. Junior, R. Souza, R. de Oliveira Werneck, et al., "Nearest neighbors distance ratio open-set classifier, " Machine Learning, vol. 106, pp. 359-386, 2016.
T. K. Ho, "Random decision forests, " in Proceedings of 3rd International Conference on Document Analysis and Recognition, vol. 1, 1995, 278-282 vol. 1.
M. Z. Alom, T. M. Taha, C. Yakopcic, et al., "A State-of-the-Art Survey on Deep Learning Theory and Architectures, " Electronics, vol. 8, no. 3, 2019.
A. Bendale and T. E. Boult, "Towards Open Set Deep Networks, " in 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2016, pp. 1563-1572.
L. P. Jain, W. J. Scheirer, and T. E. Boult, "Multi-class Open Set Recognition Using Probability of Inclusion, " in Computer Vision-ECCV 2014, D. Fleet, T. Pajdla, B. Schiele, and T. Tuytelaars, Eds., Springer International Publishing, 2014, pp. 393-409.
E. M. Rudd, L. P. Jain, W. J. Scheirer, and T. E. Boult, "The Extreme Value Machine, " CoRR, vol. abs/1506. 06112, 2015. [Online]. Available: http://arxiv. org/abs/1506. 06112.
S. Kotz and S. Nadarajah, Extreme value distributions: theory and applications, W. Scientific, Ed. 2000.
A. Niculescu-Mizil and R. Caruana, "Predicting Good Probabilities with Supervised Learning, " in Proceedings of the 22nd International Conference on Machine Learning, ser. ICML '05, Bonn, Germany: Association for Computing Machinery, 2005, pp. 625-632.