CANAttack: Assessing Vulnerabilities within Controller Area Network

Oladimeji, Damilola; Rasheed, Amar; Varol, Cihan; Baza, Mohamed; Alshahrani, Hani; Baz, Abdullah

doi:10.3390/s23198223

Cited by 4 publications

(3 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several works have been proposed to secure embedded systems [9][10][11]. Zareen et al [8] present an approach to embedded device security through the development of a Hardware Immune System (HWIS), leveraging Artificial Immune Systems for effective malware detection in IoT devices.…”

Section: Related Workmentioning

confidence: 99%

Detection of Malicious Threats Exploiting Clock-Gating Hardware Using Machine Learning

Kose,

Jinad,

Rasheed

et al. 2024

Sensors

Self Cite

View full text Add to dashboard Cite

Embedded system technologies are increasingly being incorporated into manufacturing, smart grid, industrial control systems, and transportation systems. However, the vast majority of today’s embedded platforms lack the support of built-in security features which makes such systems highly vulnerable to a wide range of cyber-attacks. Specifically, they are vulnerable to malware injection code that targets the power distribution system of an ARM Cortex-M-based microcontroller chipset (ARM, Cambridge, UK). Through hardware exploitation of the clock-gating distribution system, an attacker is capable of disabling/activating various subsystems on the chip, compromising the reliability of the system during normal operation. This paper proposes the development of an Intrusion Detection System (IDS) capable of detecting clock-gating malware deployed on ARM Cortex-M-based embedded systems. To enhance the robustness and effectiveness of our approach, we fully implemented, tested, and compared six IDSs, each employing different methodologies. These include IDSs based on K-Nearest Classifier, Random Forest, Logistic Regression, Decision Tree, Naive Bayes, and Stochastic Gradient Descent. Each of these IDSs was designed to identify and categorize various variants of clock-gating malware deployed on the system. We have analyzed the performance of these IDSs in terms of detection accuracy against various types of clock-gating malware injection code. Power consumption data collected from the chipset during normal operation and malware code injection attacks were used for models’ training and validation. Our simulation results showed that the proposed IDSs, particularly those based on K-Nearest Classifier and Logistic Regression, were capable of achieving high detection rates, with some reaching a detection rate of 0.99. These results underscore the effectiveness of our IDSs in protecting ARM Cortex-M-based embedded systems against clock-gating malware.

show abstract

Section: Related Workmentioning

confidence: 99%

Detection of Malicious Threats Exploiting Clock-Gating Hardware Using Machine Learning

Kose,

Jinad,

Rasheed

et al. 2024

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…Therefore, this article focuses on the EIBsec protocol as its research subject. Using the CPN Tools [15] modeling tool combined with the Dolev-Yao attacker model, we analyze the message interaction process of the protocol, evaluate the security attributes of the protocol, identify potential security vulnerabilities [16], and ultimately put forth an improved plan. This plan aims to mitigate security risks and enhance the system's security attributes.…”

Section: Introductionmentioning

confidence: 99%

Security Evaluation and Improvement of the Extended Protocol EIBsec for KNX/EIB

Feng,

Zhang

2023

Information

View full text Add to dashboard Cite

The European Installation Bus(EIB) protocol, also known as KNX/EIB, is widely used in building and home automation. An extension of the KNX/EIB protocol, EIBsec, is primarily designed to meet the requirements for data transmission security in distributed building automation systems. However, this protocol has some security issues in the request, key distribution, and identity authentication processes. This paper employs a formal analysis method that combines Colored Petri Net (CPN) theory with the Dolev-Yao attack model to evaluate and enhance the EIBsec protocol. It utilizes the CPN Tools to conduct CPN modeling analysis on the protocol and introduces a security assessment model to carry out intrusion detection and security assessment. Through this analysis, vulnerabilities in the protocol, such as tampering and replay attacks, are identified. To address these security concerns, we introduce hash verification and timestamp judgment methods into the original protocol to enhance its security. Subsequently, based on the improved protocol, we conduct CPN modeling and verify the security of the new scheme. Finally, through a comparison and analysis of the performance and security between the original protocol and the improved scheme, it is found that the improved scheme has higher security.

show abstract

“…However, there is no optimal solution, and the problem is mitigated with network segmentation and intrusion detection systems. It is essential to establish a strong security system for automotive networks to maintain the advances in safe technologies and to advance the state of the art in automotive cybersecurity [119][120][121][122].…”

mentioning

confidence: 99%

Design and Experimental Assessment of Real-Time Anomaly Detection Techniques for Automotive Cybersecurity

Dini,

Saponara

2023

Sensors

View full text Add to dashboard Cite

In recent decades, an exponential surge in technological advancements has significantly transformed various aspects of daily life. The proliferation of indispensable objects such as smartphones and computers underscores the pervasive influence of technology. This trend extends to the domains of the healthcare, automotive, and industrial sectors, with the emergence of remote-operating capabilities and self-learning models. Notably, the automotive industry has integrated numerous remote access points like Wi-Fi, USB, Bluetooth, 4G/5G, and OBD-II interfaces into vehicles, amplifying the exposure of the Controller Area Network (CAN) bus to external threats. With a recognition of the susceptibility of the CAN bus to external attacks, there is an urgent need to develop robust security systems that are capable of detecting potential intrusions and malfunctions. This study aims to leverage fingerprinting techniques and neural networks on cost-effective embedded systems to construct an anomaly detection system for identifying abnormal behavior in the CAN bus. The research is structured into three parts, encompassing the application of fingerprinting techniques for data acquisition and neural network training, the design of an anomaly detection algorithm based on neural network results, and the simulation of typical CAN attack scenarios. Additionally, a thermal test was conducted to evaluate the algorithm’s resilience under varying temperatures.

show abstract

CANAttack: Assessing Vulnerabilities within Controller Area Network

Cited by 4 publications

References 37 publications

Detection of Malicious Threats Exploiting Clock-Gating Hardware Using Machine Learning

Detection of Malicious Threats Exploiting Clock-Gating Hardware Using Machine Learning

Security Evaluation and Improvement of the Extended Protocol EIBsec for KNX/EIB

Design and Experimental Assessment of Real-Time Anomaly Detection Techniques for Automotive Cybersecurity

Contact Info

Product

Resources

About