An experimental study towards attacker identification in automotive networks

Jing Ning; Jiajia Liu

doi:10.1109/GLOBECOM38437.2019.9013930

An experimental study towards attacker identification in automotive networks

Jing Ning, Jiajia Liu

Xidian University

Research output: Contribution to journal › Conference article › peer-review

9 Scopus citations

Abstract

The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.

Original language	English
Article number	9013930
Journal	Proceedings - IEEE Global Communications Conference, GLOBECOM
DOIs	https://doi.org/10.1109/GLOBECOM38437.2019.9013930
State	Published - 2019
Externally published	Yes
Event	2019 IEEE Global Communications Conference, GLOBECOM 2019 - Waikoloa, United States Duration: 9 Dec 2019 → 13 Dec 2019

Access to Document

10.1109/GLOBECOM38437.2019.9013930

Cite this

@article{33aa5303e71e4aa98bf1cbdfaab76374,

title = "An experimental study towards attacker identification in automotive networks",

abstract = "The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.",

author = "Jing Ning and Jiajia Liu",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 2019 IEEE Global Communications Conference, GLOBECOM 2019 ; Conference date: 09-12-2019 Through 13-12-2019",

year = "2019",

doi = "10.1109/GLOBECOM38437.2019.9013930",

language = "英语",

journal = "Proceedings - IEEE Global Communications Conference, GLOBECOM",

issn = "2334-0983",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - An experimental study towards attacker identification in automotive networks

AU - Ning, Jing

AU - Liu, Jiajia

PY - 2019

Y1 - 2019

N2 - The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.

AB - The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.

UR - http://www.scopus.com/inward/record.url?scp=85081946502&partnerID=8YFLogxK

U2 - 10.1109/GLOBECOM38437.2019.9013930

DO - 10.1109/GLOBECOM38437.2019.9013930

M3 - 会议文章

AN - SCOPUS:85081946502

SN - 2334-0983

JO - Proceedings - IEEE Global Communications Conference, GLOBECOM

JF - Proceedings - IEEE Global Communications Conference, GLOBECOM

M1 - 9013930

T2 - 2019 IEEE Global Communications Conference, GLOBECOM 2019

Y2 - 9 December 2019 through 13 December 2019

ER -

An experimental study towards attacker identification in automotive networks

Abstract

Access to Document

Other files and links

Fingerprint

Cite this