CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION. Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018
|
|
- Kristina Clarke
- 6 years ago
- Views:
Transcription
1 CONTROLLER AREA NETWORK (CAN) DEEP PACKET INSPECTION Görkem Batmaz, Systems Engineer Ildikó Pete, Systems Engineer 28 th March, 2018
2 Car Hacking Immediately my accelerator stopped working. As I frantically pressed the pedal and watched the RPMs climb, the Jeep lost half its speed, then slowed to a crawl. (Andy Greenberg, Wired) 2014 Jeep Cherokee (remote attack) Engage brakes, Take control of steering
3 Agenda AUTOMOTIVE SECURITY Connectivity in Modern Vehicles Controller Area Network (CAN) Vulnerabilities CAN ATTACKS Attack Types Detection & Prevention CAN ANOMALY DETECTOR Data Approach RESULTS & CONCLUSIONS Discussion of Results 3
4 Automotive Security Results & Conclusions 1 Vehicle to Vehicle Communication Engine Control Unit Internet Telematics Increasing Complexity & functionality Transmission Control Unit 2 Interconnectedness Infotainment Results and Conclusions TPMS OBD-II Figure1. Some connections of a modern car 4
5 Controller Area Network (CAN) Security
6 Automotive Security Results & Conclusions CAN Characteristics Message types: Information, Diagnostic Message exchange: Broadcast Message-based protocol, no addressing Arbitration method to resolve priorities Figure2. The CAN network 6
7 Automotive Security Results & Conclusions CAN Vulnerabilities Confidentiality Every message sent on CAN is broadcast to every node Eavesdropping Authenticity Lack of sender authentication Masquerading Results and Conclusions Arbitration rules (high priority messages) Denial of Service Availability Non Repudiation No mechanisms to prove an ECU sent or received a message 7
8 Automotive Security Results & Conclusions Most Critical Attack Types on CAN REPLAY INJECTION DOS Replace message CAN Anomaly contents Detector with some pre-recorded values Inject false messages appearing to be legitimate Flood the network 8
9 Tamper detection Automotive Security Results & Conclusions Detection & Prevention Over-the-air updates Device identification C RY P TO G R A P H I C S E R V I C E S ANOMALY DETECTION ECU software integrity A N T I - M A LWA R E Results and Conclusions Secure boot 9
10 Automotive Security Results & Conclusions Anomaly Detection Finding unusual patterns in data that do not conform to expected behavior E.g. fraud detection Results and Conclusions 10
11 Automotive Security Results & Conclusions Types of Anomalies Point Anomaly Collective Anomaly Contextual (Conditional) Anomaly E.g. vehicle CAN Anomaly speed is 500 Detector miles/hour E.g. vehicle speed is 80 miles/hour & steering wheel angle is 90 degrees E.g. vehicle speed changes from 50 miles/hour to 80 miles/hour in less than X seconds Results and Conclusions 11
12 Controller Area Network (CAN) Anomaly Detector Controller Area Network (CAN) Security 12
13 Automotive Security Results & Conclusions Detect security-related CAN network anomalies resulting from malicious activities Attacks: Injection, Replay Anomalies: Contextual 13
14 Automotive Security Results & Conclusions CAN Frame CAN Message Start of Frame CAN ID RTR Control Data CRC ACK End of Frame 1 bit 11 or 29 bits 1 bit 6 bits 0-64 bits 16 bits 2 bits 7 bits 14
15 Automotive Security Results & Conclusions The Dataset: BB8 CAN flow Timestamp MessageID Length PAYLOAD BYTE 0 BYTE 1 BYTE 2 BYTE 3 BYTE 4 BYTE 5 BYTE 6 BYTE W-Speed Results and Conclusions SUSPENSION ROLL&YAW ACCELERATION 15
16 Automotive Security Results & Conclusions Constraints Multiple ECUs on the CAN BUS Solutions Message ID Selection Unstructured Data Content Extraction Power/Performance Recurrent Neural Networks (RNNs) 16
17 Automotive Security Results & Conclusions Security Solution CAN BUS Policy Handler CAN Firewall Message ID selector & Content Extractor 1 st NNs Errors 2 nd NN Output: Probability of an attack Contextual Anomaly Detection Stage 2 Detection 17
18 Automotive Security Results & Conclusions Recurrent Neural Network (RNN) Hidden Input Output 18
19 Automotive Security Results & Conclusions Recurrent Neural Network (RNN) Hidden t0 Hidden t1 Hidden t2 Hidden t3 Output Input t0 Input t1 Input t2 Input t3 19
20 Automotive Security Results & Conclusions CAN BUS Input (t) Long Short Term Memory Cell (LSTM) CAN BUS Input (t+1) Hidden (t-1) Forget gate> Sigmoid Hidden (t) Input Gate> Sigmoid Input Forget Cell Output C Next Step Output gate> Sigmoid Memory (t-1) Memory (t) 20
21 Automotive Security Results & Conclusions Dense Layer DENSE LAYER OUTPUT DENSE LAYER OUTPUT LSTM CELL LSTM CELL.. 21
22 Errors Automotive Security Results & Conclusions Contextual Anomaly Detection Work Flow Binary Training (Titan X) Hyperparameters Pre- Processing Model HDF Results and Conclusions Custom error metric Inference Input for Second Stage 22
23 Automotive Security Results & Conclusions Contextual Anomaly Detection Work Flow-2 nd Stage Errors from 1 st NNs Training (Titan X) Inference Model HDF Hyperparameters Results and Conclusions Probability of an Attack 23
24 Automotive Security Results & Conclusions Training Architecture DATA SOURCE CAN DATA FRAMEWORKS Keras Model Hyperparameters TensorFlow NVIDIA GPU TITAN X 24
25 Automotive Security Results & Conclusions Production Architecture DATA SOURCE CAN FLOW FRAMEWORK Probability of an Attack Model TensorRT NVIDIA DRIVE GPU 25
26 Model Evaluation Using Sensitivity & Specificity True Positives (Anomalies) caught True Negatives allowed
27 Automotive Security Results & Conclusions X axis: Deviation RESULTS Y axis: Frequency of errors Median of Positives: 7.82 Median of Negatives: 0.04 Figure 3. Histogram Error values output by the 2 nd NN 27
28 Automotive Security Results & Conclusions X axis: Deviation RESULTS Y axis: Frequency of errors Sensitivity: 0.87 Specificity: 0.94 Figure 4. Histogram Error values output by the 2 nd NN 28
29 Automotive Security Results & Conclusions Results Per Attack Type Injection attacks DISCUSSION Total: 37 Replay attacks Total: 42 Detected: 32 Detected: 37 29
30 Automotive Security Results & Conclusions Conclusion A wall between Autonomous-Driving Software and the unsecured CAN-BUS DISCUSSION Low inference computational cost Fast response Offline training Future Work 30
31 THANK YOU QUESTIONS?
32 References [1] Ivan Studnia, Vincent Nicomette, Eric Alata, Yves Deswarte, Mohamed Kaâniche, Youssef Laarouchi Survey on security threats and protection mechanisms in embedded automotive networks Retrieved: [2] Automotive Security Best Practices Retrieved: [3] Sasan Jafarnejad, Lara Codeca, Walter Bronzi, Raphael Frank, Thomas Engel A Car Hacking Experiment: When Connectivity meets Vulnerability [4] Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage Comprehensive Experimental Analyses of Automotive Attack Surfaces Retrieved: [5] Automtive CAN Bus System Explained Retrieved: [6] Charlie Miller, Chris Valasek. Adventures in Automotive Networks and Control Units Retrieved: [7] Varun Chandola, Arindam Banarjee, Vipin Kumar Anomaly Detection: A Survey Retrieved: [8] Dhruba K. Bhattacharyya, Jugal Kumar Kalita Network Anomaly Detection A machine learning perspective 32
33 Images Figure1. Connections of a modern car Figure 2. CAN network Figure 3. Histogram Error values output by the 2nd NN Figure 4. Histogram Error values output by the 2nd NN 33
34 APPENDICES
35 Equations in a LSTM Cell without the dense layer.
Embedded Automotive Systems Security:
The 3 rd International Workshop on Safety and Security of Intelligent Vehicles (SSIV) June 26, 2017 Embedded Automotive Systems Security: A language-based Intrusion Detection Approach Mohamed Kaâniche
More informationExperimental Security Analysis of a Modern Automobile
Experimental Security Analysis of a Modern Automobile Matthias Lange TU Berlin June 29th, 2010 Matthias Lange (TU Berlin) Experimental Security Analysis of a Modern Automobile June 29th, 2010 1 / 16 Paper
More informationAutomotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving Modes
Automotive Intrusion Detection Based on Constant CAN Message Frequencies Across Vehicle Driving Modes Clinton Young Iowa State University Department of Electrical and Computer Engineering cwyoung@iastate.edu
More informationSecurity Analysis of modern Automobile
Security Analysis of modern Automobile Dixit Verma Department of Electrical & Computer Engineering Missouri University of Science and Technology dv6cb@mst.edu 20 Apr 2017 Outline Introduction Attack Surfaces
More informationModern Automotive Vulnerabilities: Causes, Disclosure & Outcomes Stefan Savage UC San Diego
Modern Automotive Vulnerabilities: Causes, Disclosure & Outcomes Stefan Savage UC San Diego Steve Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage (UCSD) Karl Koscher,
More informationSome example UW security lab projects, related to emerging technologies. Tadayoshi Kohno CSE 484, University of Washington
Some example UW security lab projects, related to emerging technologies Tadayoshi Kohno CSE 484, University of Washington Wireless Implantable Medical Devices Computation and wireless capabilities lead
More informationComputer Security and the Internet of Things
Computer Security and the Internet of Things Tadayoshi Kohno Computer Science & Engineering University of Washington At USENIX Enigma, January 2016 The Internet of Things Door Locks Thermostats Furnaces
More informationField Classification, Modeling and Anomaly Detection in Unknown CAN Bus Networks
Field Classification, Modeling and Anomaly Detection in Unknown CAN Bus Networks Moti Markovitz Tel Aviv University motimark@gmail.com Avishai Wool Tel Aviv University yash@eng.tau.ac.il October 13, 2015
More informationSecurity Issues in Controller Area Networks in Automobiles
Security Issues in Controller Area Networks in Automobiles Robert Buttigieg, Mario Farrugia and Clyde Meli University of Malta Msida Malta mario.a.farrugia@um.edu.mt Abstract Modern vehicles may contain
More informationSecuring the Autonomous Automobile
Securing the Autonomous Automobile Sridhar Iyengar Vice President, Intel Labs Intel Corporation CROSSING Conference May 15-17 2017 Legal Notices and disclaimers This presentation contains the general insights
More informationAnomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network
Anomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network Habeeb Olufowobi habeeb.olufowobi@howard.edu Gaylon Robinson gaylon.robinson@howard.edu Uchenna Ezeobi uchenna.ezeobi@howard.edu
More informationHow to Hack Your Mini Cooper: Reverse Engineering CAN Messages on Passenger Automobiles
How to Hack Your Mini Cooper: Reverse Engineering CAN Messages on Passenger Automobiles Jason Staggs Who is this guy? Jason Staggs Graduate Research Assistant Institute for Information Security (isec)
More informationDevelopment of Intrusion Detection System for vehicle CAN bus cyber security
Development of Intrusion Detection System for vehicle CAN bus cyber security Anastasia Cornelio, Elisa Bragaglia, Cosimo Senni, Walter Nesci Technology Innovation - SSEC 14 Workshop Automotive SPIN Italia
More informationUniversity of Tartu. Research Seminar in Cryptography. Car Security. Supervisor: Dominique Unruh. Author: Tiina Turban
University of Tartu Research Seminar in Cryptography Car Security Author: Tiina Turban Supervisor: Dominique Unruh December 16, 2013 1 Introduction Cars these days are becoming more and more computerized.
More informationSecurity and Privacy challenges in Automobile Systems
Security and Privacy challenges in Automobile Systems Sandip Kundu National Science Foundation on leave from University of Massachusetts, Amherst Automotive Security Breaches Present: Multiple breaches
More informationSecurity Concerns in Automotive Systems. James Martin
Security Concerns in Automotive Systems James Martin Main Questions 1. What sort of security vulnerabilities do modern cars face today? 2. To what extent are external attacks possible and practical? Background
More informationCar Hacking for Ethical Hackers
Car Hacking for Ethical Hackers Dr. Bryson Payne, GPEN, CEH, CISSP UNG Center for Cyber Operations (CAE-CD) 2016-2021 Languages Leadership Cyber Why Car Hacking? Internet-connected and self-driving cars
More informationSecure Software Update for ITS Communication Devices in ITU-T Standardization
Secure Software Update for ITS Communication Devices in ITU-T Standardization Masashi, Eto Senior Researcher, Cybersecurity Laboratory, Network Security Research Institute, NICT, Japan 1 Background Outline
More informationAdversary Models. CPEN 442 Introduction to Computer Security. Konstantin Beznosov
Adversary Models CPEN 442 Introduction to Computer Security Konstantin Beznosov why we need adversary models? attacks and countermeasures are meaningless without 2 elements of an adversary model objectives
More informationIt is advisable to refer to the publisher s version if you intend to cite from the work.
Article Driving with Sharks: Rethinking Connected Vehicles with Vehicle Cyber Security Hashem Eiza, Mahmoud and Ni, Qiang Available at http://clok.uclan.ac.uk/17061/ Hashem Eiza, Mahmoud ORCID: 0000 0001
More informationSecuring the Connected Car. Eystein Stenberg Product Manager Mender.io
Securing the Connected Car Eystein Stenberg Product Manager Mender.io The software defined car Electronics Telematics Infotainment Connected Assisted driving Autonomous Hardware enabled Software enabled
More informationSecuring the Connected Car. Eystein Stenberg CTO Mender.io
Securing the Connected Car Eystein Stenberg CTO Mender.io The software defined car Electronics Telematics Infotainment Connected Assisted driving Autonomous Hardware enabled Software enabled Software defined
More informationAn Experimental Analysis of the SAE J1939 Standard
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard 10th USENIX Workshop On Offensive Technologies (WOOT 16) Liza Burakova, Bill Hass, Leif Millar & Andre Weimerskirch Are trucks more secure
More informationCountermeasures against Cyber-attacks
Countermeasures against Cyber-attacks Case of the Automotive Industry Agenda Automotive Basics ECU, domains, CAN Automotive Security Motivation, trends Hardware and Software Security EVITA, SHE, HSM Secure
More informationAutomotive Anomaly Monitors and Threat Analysis in the Cloud
Automotive Anomaly Monitors and Threat Analysis in the Cloud Dr. André Weimerskirch Vector Automotive Cyber Security Symposium October 12, 2017 Cybersecurity Components Secure Internal & External Communications
More informationCross-Domain Security Issues for Connected Autonomous Vehicles
Cross-Domain Security Issues for Connected Autonomous Vehicles Anthony Lopez, Mohammad Al Faruque Advanced Integrated Cyber -Physical Systems Lab 1 Outline Overview on Connected Vehicle Security Ongoing
More informationCAN Bus Risk Analysis Revisit
CAN Bus Risk Analysis Revisit Hafizah Mansor, Konstantinos Markantonakis, Keith Mayes To cite this version: Hafizah Mansor, Konstantinos Markantonakis, Keith Mayes. CAN Bus Risk Analysis Revisit. David
More informationContext-aware Automotive Intrusion Detection
Context-aware Automotive Intrusion Detection Armin Wasicek 1 Mert D.Pesé 2, André Weimerskirch 2, Yelizaveta Burakova 2, Karan Singh 2 1 Technical University Vienna, Austria 2 University of Michigan ESCAR
More informationSpoofing Attack on Clock Based Intrusion Detection System in Controller Area Networks
2018 NDIA GROUND VEHICLE SYSTEMS ENGINEERING AND TECHNOLOGY SYMPOSIUM MODELING & SIMULATION, TESTING AND VALIDATION (MSTV) TECHNICAL SESSION AUGUST 7-9, 2018 - NOVI, MICHIGAN Spoofing Attack on Clock Based
More informationAutomotive Cyber Security
Automotive Cyber Security Rajeev Shorey (Ph.D.) Principal Scientist TCS Innovation Labs Cincinnati, USA & Bangalore, India Copyright 2013 Tata Consultancy Services Limited Connected Vehicles Chennai, 18
More informationChristoph Schmittner, Zhendong Ma, Paul Smith
FMVEA for Safety and Security Analysis of Intelligent and Cooperative Vehicles 1st International workshop on the Integration of Safety and Security Engineering (ISSE 14) Christoph Schmittner, Zhendong
More informationCyber-physical intrusion detection on a robotic vehicle
WIFS 2015 The 7th IEEE International Workshop on Information Forensics and Security Rome, Italy, 16-19 November, 2015 Cyber-physical intrusion detection on a robotic vehicle Tuan Vuong, George Loukas and
More informationFast and Vulnerable A Story of Telematic Failures
Fast and Vulnerable A Story of Telematic Failures Center for Automotive Embedded Systems Security Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage Telematic Control Units Connects to car s
More informationAutomobile Intrusion Detection. Jun Li UnicornTeam Qihoo360
Automobile Intrusion Detection Jun Li Twitter @bravo_fighter UnicornTeam Qihoo360 2 What this talk is about? Automotive intrusion detection Automotive cyber-security architecture From the highest viewpointj
More informationMATLAB Expo Simulation Based Automotive Communication Design using MATLAB- SimEvent. Sudhakaran M Anand H General Motors
MATLAB Expo 2013 Simulation Based Automotive Communication Design using MATLAB- SimEvent Sudhakaran M Anand H General Motors 1 Agenda Introduction Different Analysis Methods Analytical vs. Simulation Approach
More informationOTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame
OTIDS: A Novel Intrusion Detection System for In-vehicle Network by using Remote Frame Hyunsung Lee Korea University Seoul, Korea Email: line@korea.ac.kr Seong Hoon Jeong Korea University Seoul, Korea
More information13W-AutoSPIN Automotive Cybersecurity
13W-AutoSPIN Automotive Cybersecurity Challenges and opportunities Alessandro Farsaci (CNH industrial) Cosimo Senni (Magneti Marelli) Milan, Italy November 12th, 2015 Agenda Automotive Cybersecurity Overview
More informationSecure Ethernet Communication for Autonomous Driving. Jared Combs June 2016
Secure Ethernet Communication for Autonomous Driving Jared Combs June 2016 Agenda Motivation for Security The Multi-Level Security Architecture Proposal Level 1: Restrict access to the network Level 2:
More informationITU activities on secure vehicle software updates
Submitted by the expert form ITU Document No. ITS/AD-08-08 (8 th ITS/AD, 9 March 2016, agenda item 4) ITU activities on secure vehicle software updates 8 th meeting of IWG ITS/AD 9 March 2016 T.Russell
More informationSystems and Network Security (NETW-1002)
Systems and Network Security (NETW-1002) Dr. Mohamed Abdelwahab Saleh IET-Networks, GUC Spring 2017 Course Outline Basic concepts of security: Attacks, security properties, protection mechanisms. Basic
More informationConvergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations
Convergence of Safety, Systems & Cybersecurity Bill StClair, Director, LDRA, US Operations Agenda Nexus of Safety and Cybersecurity Separation and Connectivity Trends in Aerospace Cybersecurity Isn t Security
More informationUSBCAN-OBD. USB to CAN adapter. User Manual. Document version 3.01 (2015/04/22)
USB to CAN adapter User Manual Document version 3.01 (2015/04/22) Contents 1. Introduction... 3 1.1 Functional Overview... 3 1.2 Properties at a Glance...3 1.3 Typical application... 3 2. Installation...
More informationHandling Top Security Threats for Connected Embedded Devices. OpenIoT Summit, San Diego, 2016
Handling Top Security Threats for Connected Embedded Devices OpenIoT Summit, San Diego, 2016 Jeep Cherokee hacked in July 2015 Presented at Black Hat USA 2015 Charlie Miller Chris Valasek Remote exploit
More informationIS CAR HACKING OVER? AUTOSAR SECURE ONBOARD COMMUNICATION
SESSION ID: SBX3-W1 IS CAR HACKING OVER? AUTOSAR SECURE ONBOARD COMMUNICATION Jeffrey Quesnelle Director of Software Development Intrepid Control Systems @IntrepidControl Introduction Spent 15 years working
More informationGateway Architecture for Secured Connectivity and in Vehicle Communication
Gateway Architecture for Secured Connectivity and in Vehicle Communication A Tata Elxsi Perspective James Joy Silvy Samuel Vinu V S Abstract Keywords Architecture, security, gateway, cryptography, Keys
More informationUptane: Securely Updating Automobiles. Sam Weber NYU 14 June 2017
Uptane: Securely Updating Automobiles Sam Weber NYU samweber@nyu.edu 14 June 2017 Credits Funded by DHS S&T CSD Work done by New York University University of Michigan Transportation Research Institute
More informationCAN Obfuscation by Randomization (CANORa)
CAN Obfuscation by Randomization (CANORa) A technology to prevent large-scale malware attacks on driverless autonomous vehicles Tobias Madl MuSe Munich IT Security Research Group Munich University of Applied
More informationPreventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security
Preventing Cyber Attacks on Aftermarket Connectivity Solutions Zach Blumenstein, BD Director Argus Cyber Security In less than a year, 100s of millions connected cars Aftermarket connectivity most prevalent
More informationConnect Vehicles: A Security Throwback
Connect Vehicles: A Security Throwback Chris Valasek (@nudehaberdasher) Director of Vehicle Security Research Introduction Hello Chris Valasek Director of Vehicle Security Research IPS Dev -> Windows RE
More informationPENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017
PENETRATION TESTING OF AUTOMOTIVE DEVICES Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017 Imagine your dream car 2 Image: 2017 ESCRYPT. Exemplary attack demonstration only. This is NOT
More informationA practical solution to achieve real-time performance in the automotive network by randomizing frame identifier
A practical solution to achieve real-time performance in the automotive network by randomizing frame identifier Kyusuk Han, André Weimerskirch, and Kang G. Shin October 26, 2015 Keywords Security, Authentication,
More informationDiagnostic Trends 2017 An Overview
Diagnostic Trends 2017 An Overview Vector India Conference, 2017-07-18+19 V1.0 2017-07-14 Agenda 1. DoIP 2. Remote Diagnostics 3. Cyber Security 4. Summary 2/29 DoIP Why DoIP? Why another diagnostic network?
More informationCHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM
109 CHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM Security is considered to be the most critical factor in many applications. The main issues of such
More informationThe modern car has 100 million lines of code and over half of new vehicles will be connected by 2020.
Automotive The modern car has 100 million lines of code and over half of new vehicles will be connected by 2020. Cars are becoming increasingly connected through a range of wireless networks The increased
More informationA Survey of Security Threats and Protection Mechanisms in Embedded Automotive Networks
A Survey of Security Threats and Protection Mechanisms in Embedded Automotive Networks Ivan Studnia, Vincent Nicomette, Eric Alata, Yves Deswarte, Mohamed Kaâniche, Youssef Laarouchi To cite this version:
More informationSecurity enhancing CAN transceivers. Bernd Elend Principal Engineer March 8 th, 2017
Bernd Elend Principal Engineer March 8 th, 2017 Introduction: SECURITY REQUIRES A LAYERED APPROACH NXP s 4 + 1 Layer approach for vehicle cyber security: Multiple security techniques, at different levels
More informationCyber Security and Vehicle Diagnostics. Mark Zachos DG Technologies
Cyber Security and Vehicle Diagnostics Mark Zachos DG Technologies SAE INTERNATIONAL SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems Published January 2016; drive to a risk-based,
More informationExperimental Security Analysis of a Modern Automobile
hyväksymispäivä arvosana arvostelija Experimental Security Analysis of a Modern Automobile Matti Valovirta Helsinki HELSINGIN YLIOPISTO Tietojenkäsittelytieteen laitos HELSINGIN YLIOPISTO HELSINGFORS UNIVERSITET
More informationCIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec
CIS 6930/4930 Computer and Network Security Topic 8.1 IPsec 1 IPsec Objectives Why do we need IPsec? IP V4 has no authentication IP spoofing Payload could be changed without detection. IP V4 has no confidentiality
More informationSicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017
Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen Axel Freiwald 1/2017 All OEMs Will Implement Software OTA As Soon As Possible IHS Study Motivation: Save on recalls caused by software bugs Evolution
More informationAdvanced Analytics for Connected Cars Cyber Security
Advanced Analytics for Connected Cars Cyber Security Matan Levi, Ben-Gurion University, Yair Allouche, IBM Security Division, and Aryeh Kontorovich, Ben-Gurion University arxiv:1711.01939v2 [cs.cr] 8 Nov
More informationAutomotive Security: Challenges, Standards and Solutions. Alexander Much 12 October 2017
Automotive Security: Challenges, Standards and Solutions Alexander Much 12 October 2017 Driver s fears are being fueled by recent news Connected Cars, new opportunities for hackers Autonomous Driving Concepts
More informationBuilding Trust in the Internet of Things
AN INTEL COMPANY Building Trust in the Internet of Things Developing an End-to-End Security Strategy for IoT Applications WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Recent security breaches
More informationConquering Complexity: Addressing Security Challenges of the Connected Vehicle
Conquering Complexity: Addressing Security Challenges of the Connected Vehicle October 3, 2018 Securely Connecting People, Applications, and Devices Ted Shorter Chief Technology Officer CSS Ted.Shorter@css-security.com
More informationA Formal Model to Facilitate Security Testing in Modern Automotive Systems
A Formal Model to Facilitate Security Testing in Modern Automotive Systems Eduardo dos Santos Andrew Simpson Cyber Security Centre for Doctoral Training Department of Computer Science University of Oxford
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Intrusion Detection Systems Intrusion Actions aimed at compromising the security of the target (confidentiality, integrity, availability of computing/networking
More informationDon t Fuss about Fuzzing: Fuzzing Controllers in Vehicular Networks
Don t Fuss about Fuzzing: Fuzzing Controllers in Vehicular Networks Stephanie Bayer, Alexander Ptok *) ESCRYPT GmbH *) ESCRYPT GmbH Leopoldstraße 244 Lise-Meitner-Allee 4 80807 München 44801 Bochum Germany
More informationPhysical-Fingerprinting of Electronic Control Unit (ECU) Based on Machine Learning Algorithm for In-Vehicle Network Communication Protocol CAN-BUS
Physical-Fingerprinting of Electronic Control Unit (ECU) Based on Machine Learning Algorithm for In-Vehicle Network Communication Protocol CAN-BUS by Omid Avatefipour A thesis submitted in partial fulfillment
More informationVehicle Safe-Mode Limp-Mode in the Service of Cyber Security
Vehicle Safe-Mode Limp-Mode in the Service of Cyber Security Tsvika Dagan, Mirco Marchetti, Dario Stabili, Michele Colajanni, Avishai Wool Tel-Aviv University, Israel University of Modena and Reggio Emilia,
More informationEncrypted Traffic Security (ETS) White Paper
Encrypted Traffic Security (ETS) White Paper The rapid rise in encrypted traffic is changing the security landscape. As more organizations become digital, an increasing number of services and applications
More informationCybersecurity Solutions for Connected Vehicles
Cybersecurity Solutions for Connected Vehicles Contents TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and should
More informationThe Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA
The Remote Exploitation of Unaltered Passenger Vehicles Revisited 20 th October 2016 Mark Pitchford, Technical Manager, EMEA Today s hot topic A few years ago, Lynx presentations at events such as this
More informationAutomotive Security. Whitepaper 1
Whitepaper 1 Introduction Until quite recently, automotive security was synonymous with theft prevention. But with the software pie in the automobile growing exponentially to realize visions of the connected
More informationCybersecurity Challenges for Connected and Automated Vehicles. Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute
Cybersecurity Challenges for Connected and Automated Vehicles Robert W. Heller, Ph.D. Program Director R&D, Southwest Research Institute Cars are becoming complex (and CAV is only part of it) 1965: No
More informationIntroduction to VANET
VANET Introduction to VANET -Vehicles connected to each others through an ad hoc formation form a wireless network called Vehicular Ad Hoc Network. -Vehicular ad hoc networks (VANETs) are a subgroup of
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationCONTROLLER AREA NETWORK AS THE SECURITY OF THE VEHICLES
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) Proceedings of the International Conference on Emerging Trends in Engineering and Management (ICETEM14) ISSN 0976 6367(Print) ISSN 0976
More informationSW-Update. Thomas Fleischmann June 5 th 2015
Thomas Fleischmann June 5 th 2015 2 3 Agenda The big picture SW-Update today Diagnostics vs SW-Update Our solution for SW-Update The real challenges beyond getting a file into the car Elektrobit (EB),
More informationAutomotive Attack Surfaces. UCSD and University of Washington
Automotive Attack Surfaces UCSD and University of Washington Current Automotive Environment Modern cars are run by tens of ECUs comprising millions of lines of code ECUs are well connected over internal
More informationSECURITY OF VEHICLE TELEMATICS SYSTEMS. Daniel Xiapu Luo Department of Computing The Hong Kong Polytechnic University
SECURITY OF VEHICLE TELEMATICS SYSTEMS Daniel Xiapu Luo Department of Computing The Hong Kong Polytechnic University 1 2 3 TELEMATICS 4 TELEMATICS 5 OBD-II On-Board Diagnostic Perform emissions related
More informationChalmers Publication Library
Chalmers Publication Library Adapting Threat Modeling Methods for the Automotive Industry This document has been downloaded from Chalmers Publication Library (CPL). It is the author s version of a work
More informationThe Controller Area Network (CAN) Interface
The Controller Area Network (CAN) Interface ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Università di Catania, Italy santoro@dmi.unict.it L.S.M. Course
More informationGPRS security. Helsinki University of Technology S Security of Communication Protocols
GPRS security Helsinki University of Technology S-38.153 Security of Communication Protocols vrantala@cc.hut.fi 15.4.2003 Structure of the GPRS Network BSS GTP PLMN BSS-Base Station sub-system VLR - Visiting
More informationSecuring the future of mobility
Kaspersky Transportation System Security AVL Software and Functions Securing the future of mobility www.kaspersky.com #truecybersecurity Securing the future of mobility Connected car benefits The need
More informationAdversary Models. EECE 571B Computer Security. Konstantin Beznosov
Adversary Models EECE 571B Computer Security Konstantin Beznosov 1 why we need adversary models?! attacks and countermeasures are meaningless without 2 2 elements of an adversary model! objectives! obtain
More informationAnomaly Detection. You Chen
Anomaly Detection You Chen 1 Two questions: (1) What is Anomaly Detection? (2) What are Anomalies? Anomaly detection refers to the problem of finding patterns in data that do not conform to expected behavior
More informationAutomotive Security: Challenges and Solutions
Automotive Security: Challenges and Solutions 8 th Vector Congress 30 th November 2016 V2.01.00 2016-11-22 Agenda Introduction Services Embedded Security Mechanisms Tools Summary 2 Introduction Vehicle
More informationEmbedded Hybrid Anomaly Detection for Automotive CAN Communication
Embedded Hybrid Anomaly Detection for Automotive CAN Communication Marc Weber, Simon Klug, Eric Sax, Bastian Zimmer To cite this version: Marc Weber, Simon Klug, Eric Sax, Bastian Zimmer. Embedded Hybrid
More informationStepping Stone to Car Hacking
Stepping Stone to ar Hacking The Realistic Threat Model Movie Liran Zwickel - Security researcher Who We Are nigmatos - Automotive yber Security Yannay Livneh - Security researcher Alex Fok TO Agenda History
More informationAutomobile Design and Implementation of CAN bus Protocol- A Review S. N. Chikhale Abstract- Controller area network (CAN) most researched
Automobile Design and Implementation of CAN bus Protocol- A Review S. N. Chikhale Abstract- Controller area network (CAN) most researched communication protocol used for automotive industries. Now we are
More informationDefine information security Define security as process, not point product.
CSA 223 Network and Web Security Chapter One What is information security. Look at: Define information security Define security as process, not point product. Define information security Information is
More informationFailure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data
Failure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data Anurag Srivastava, Bo Cui, P. Banerjee Washington State University NASPI March 2017 Outline
More informationUNSUPERVISED LEARNING FOR ANOMALY INTRUSION DETECTION Presented by: Mohamed EL Fadly
UNSUPERVISED LEARNING FOR ANOMALY INTRUSION DETECTION Presented by: Mohamed EL Fadly Outline Introduction Motivation Problem Definition Objective Challenges Approach Related Work Introduction Anomaly detection
More informationDetecting Specific Threats
The following topics explain how to use preprocessors in a network analysis policy to detect specific threats: Introduction to Specific Threat Detection, page 1 Back Orifice Detection, page 1 Portscan
More informationProtection against attack D.o.S. in CAN and CAN-FD vehicle networks
Protection against attack D.o.S. in CAN and CAN-FD vehicle networks Luiz Quintino, Alexei Machado Electrical Engineering Pontifícia Universidade Católica de Minas Gerais (PUC-MG) Campus Coração Eucarístico
More informationCSC 578 Neural Networks and Deep Learning
CSC 578 Neural Networks and Deep Learning Fall 2018/19 7. Recurrent Neural Networks (Some figures adapted from NNDL book) 1 Recurrent Neural Networks 1. Recurrent Neural Networks (RNNs) 2. RNN Training
More information1.1 SYMPTOMS OF DDoS ATTACK:
2018 IJSRSET Volume 4 Issue 4 Print ISSN: 2395-1990 Online ISSN : 2394-4099 Themed Section : Engineering and Technology An Efficient Entropy Based Approach for the Detection of DDOS Attack Abhilash Singh,
More informationUnderstanding TETRA Security
Understanding TETRA Security Brian Murgatroyd Tetra Association former chairman Security and Fraud Prevention Group (SFPG) Warren Systems Independent Security Consultant brian@warrensystems.co.uk Agenda
More informationBasic Concepts in Intrusion Detection
Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification
More informationPrevention of Information Mis-translation by a Malicious Gateway in Connected Vehicles
Prevention of Information Mis-translation by a Malicious Gateway in Connected Vehicles Kyusuk Han and Kang G. Shin Real-Time Computing Laboratory EECS/CSE, The University of Michigan Ann Arbor, MI 48109-2121,
More information