Abstract
External wireless interfaces and the lack of security design of controller area network (CAN) standards make it vulnerable to CAN-targeting attacks. Unfortunately, various defense solutions have been proposed merely to detect CAN intrusion attacks, while only a few works are devoted to intrusion source identification. Demonstrated by our experimental studies, the most advanced IDS with intrusion source identification, which is based on the physical feature fingerprints of the in-vehicle Electronic Control Units (ECUs), will fail when the temperature changes. In this paper, we innovatively propose temperature-varied fingerprinting, called TVF, for CAN intrusion detection and intrusion source identification. Motivated by the remarkable observation that the physical feature of an ECU, i.e., its clock offset, changes linearly with the temperature of ECUs, the concept of temperature-varied fingerprints is proposed. Then, for a severe intrusion case, we provide an advanced TVF for further supplemented and expanded. The proposed advanced temperature-varied fingerprinting is implemented, and extensive performance evaluation experiments are conducted in both CAN bus prototype and real vehicles. The experimental results illustrate the effectiveness and performance of advanced TVF.
Highlights
With the development of automobile intelligent control systems, multifunctional Electronic Control Units (ECUs) have been mounted in contemporary vehicles
A controller area network (CAN) bus prototype with four Arduino-based ECUs and a desktop thermostatic test chamber is used for the simulation experiment, and a real vehicle is used in the real-world situation experiment
Since the temperature was stable at about 5°C when collecting the initial data, we can distinguish whether the message is from the same ECU by using the clock-based fingerprint method [10]. en, we found messages 0 × 24F, 0 × 2C1, and 0 × 163 were transmitted from three ECUs, respectively. e TVF of ECUs on a real vehicle is shown in Figure 14(d). e results show that the temperature clock fingerprint can be used in real vehicles
Summary
With the development of automobile intelligent control systems, multifunctional Electronic Control Units (ECUs) have been mounted in contemporary vehicles. An intrusion attack can be mounted by adversaries through ECU X by sending forged commands Msgy to the CAN bus to seduce ECU Z performing unexpected braking. We innovatively propose the temperaturevaried fingerprinting for intrusion detection and source identification in the in-vehicle CAN network. We utilize the characteristics of clock offsets, which varied with temperature, as fingerprints of each ECU to detect the intrusions and identify the source. Compared to existing solutions that utilize the information of clock offset for detection and identification, the advanced TVF is more suitable for the interior environment of a vehicle with significant temperature change.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
