READ: Reverse Engineering of Automotive Data Frames

Marchetti, Mirco; Stabili, Dario

doi:10.1109/tifs.2018.2870826

Cited by 98 publications

(75 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, visual inspection of the token plot (bottom) show values vacillating between the 4-bit minimum (2 0 = 0) and maximum (2 3−1 = 15) over a regular period, revealing that it is a Counter Token. The characteristics of Counter Tokens, as well as Checksum Tokens, are described in [13] and are apparently added to prevent particular types of attacks in safety-critical messages (e.g., injections or replay attacks). We note that many of our unmatched tokens may correspond to these Counter or Checksum Tokens.…”

Section: Resultsmentioning

confidence: 99%

ACTT: Automotive CAN Tokenization and Translation

Verma

Bridges

Hollifield

2018

2018 International Conference on Computational Science and Computational Intelligence (CSCI)

View full text Add to dashboard Cite

Modern vehicles contain scores of Electrical Control Units (ECUs) that broadcast messages over a Controller Area Network (CAN). Vehicle manufacturers rely on security through obscurity by concealing their unique mapping of CAN messages to vehicle functions which differs for each make, model, year, and even trim. This poses a major obstacle for after-market modifications notably performance tuning and in-vehicle network security measures. We present ACTT: Automotive CAN Tokenization and Translation, a novel, vehicle-agnostic, algorithm that leverages available diagnostic information to parse CAN data into meaningful messages, simultaneously cutting binary messages into tokens, and learning the translation to map these contiguous bits to the value of the vehicle function communicated.

show abstract

Section: Resultsmentioning

confidence: 99%

ACTT: Automotive CAN Tokenization and Translation

Verma

Bridges

Hollifield

2018

2018 International Conference on Computational Science and Computational Intelligence (CSCI)

View full text Add to dashboard Cite

show abstract

“…We categorized some typical related works about reverse engineering as below [8][9][10] [ [20][21][22] Multiplayer online game [11] Logic analysis [12][13][14] Semi-automatic tools, including Ollydbg, Windbg, and Cheat Engine, are mature enough for reverse engineering.…”

Section: Related Workmentioning

confidence: 99%

“…They defined 3 data types of data segment, then designed several data segment byte feature extraction methods to construct feature sequences, and finally presented a deep learning-based approach with feature sequences as input to recognize the data type byte by byte. M. Marchetti [22] proposed a method for the automatic Reverse Engineering of Automotive Data frames. It has been designed to analyze traffic traces containing unknown CAN (controller area network) bus messages in order to automatically identify and label different types of data.…”

Section: Related Workmentioning

confidence: 99%

Reversely Discovering and Modifying Properties Based on Active Deep Q-Learning

Huo

2020

IEEE Access

View full text Add to dashboard Cite

Many researchers studied DQN (Deep Q-Networks) to train a game AI to beat human players, while we trained an improved AI to reversely modify properties of 3D video games. Our ultimate objective is to improve automatic debug for software and cloud services. However, the problem that reversely discovers properties in online 3D Video Games in an automatic way has not been studied yet. Therefore, related special difficulties are first discussed in the paper. RMDQN (a Reverse Method based on our active Deep Q-Networks) is proposed to deal with the problem, and an active DQN is invented to make the reverse procedure automatic and intelligent. The action engine of RMDQN is able to control any operational game object like a player is playing, which makes automatic debug possible. A video demonstration is provided to show the result of reversely modifying game properties by our method. It was proved that our method can improve debug technology in 3D video games, and it will be applied in cloud services with few modifications.

show abstract

“…Automotive systems based on CAN bus are already in common use, but no security considerations against hacking have been made since the design of the protocol. Since 2010, many instances of car hacking through the on-board diagnostics II (OBD-II) port for in-vehicle diagnosis and the infotainment system have been reported [ 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 ]. Thus, security measures for modern cars against hacking threats also have been actively researched [ 7 , 9 , 10 ].…”

Section: Introductionmentioning

confidence: 99%

A Multiple Rényi Entropy Based Intrusion Detection System for Connected Vehicles

Kim

Lim

et al. 2020

Entropy

View full text Add to dashboard Cite

In this paper, we propose an intrusion detection system based on the estimation of the Rényi entropy with multiple orders. The Rényi entropy is a generalized notion of entropy that includes the Shannon entropy and the min-entropy as special cases. In 2018, Kim proposed an efficient estimation method for the Rényi entropy with an arbitrary real order α . In this work, we utilize this method to construct a multiple order, Rényi entropy based intrusion detection system (IDS) for vehicular systems with various network connections. The proposed method estimates the Rényi entropies simultaneously with three distinct orders, two, three, and four, based on the controller area network (CAN)-IDs of consecutively generated frames. The collected frames are split into blocks with a fixed number of frames, and the entropies are evaluated based on these blocks. For a more accurate estimation against each type of attack, we also propose a retrospective sliding window method for decision of attacks based on the estimated entropies. For fair comparison, we utilized the CAN-ID attack data set generated by a research team from Korea University. Our results show that the proposed method can show the false negative and positive errors of less than 1% simultaneously.

show abstract

READ: Reverse Engineering of Automotive Data Frames

Cited by 98 publications

References 21 publications

ACTT: Automotive CAN Tokenization and Translation

ACTT: Automotive CAN Tokenization and Translation

Reversely Discovering and Modifying Properties Based on Active Deep Q-Learning

A Multiple Rényi Entropy Based Intrusion Detection System for Connected Vehicles

Contact Info

Product

Resources

About