ANALYZING THE CAN PROTOCOL: VULNERABILITIES, PROTECTIVE MEASURES AND IMPROVEMENTS

Abstract

The Controller Area Network (CAN) bus, originally designed for internal communication among a limited number of Electronic Control Units (ECUs) within vehicles, faces significant security challenges due to the rapid expansion of ECUs in modern automobiles. This expansion necessitates accessibility for diagnostic purposes, yet the CAN protocol lacks fundamental security features such as encryption, authentication, and integrity checks, rendering it vulnerable to various attacks including message injection, Denial of Service (DoS), and masquerading ECUs. This paper surveys existing literature and investigates potential intrusions on the CAN bus, highlighting attacks ranging from GPS spoofing to remote sensor tampering. Various solutions are discussed, including network subdivision, encryption, authentication techniques, and intrusion detection systems (IDS). Recent research proposes IDS solutions utilizing machine learning algorithms such as Random Forest, Support Vector Machine, and Deep Neural Networks (DNN), demonstrating effectiveness in detecting known attacks. However, challenges persist in identifying unknown attacks and enhancing overall system performance. Innovative approaches, such as event-triggered detection and bloom filtering techniques, show promise in mitigating specific attack vectors but may introduce overhead or limitations in real-time response. Deep learning-based IDS systems exhibit high performance but struggle with the detection of novel attacks. Furthermore, while some solutions address specific vulnerabilities, others propose more comprehensive security measures, such as preventing remote manipulation of critical vehicle functions like steering and braking. Overall, the research emphasizes the critical need for robust security measures in automotive systems to safeguard against evolving threats to vehicle safety and integrity.