Abstract
The chapter considers the problem of Electronic Control Unit (ECU) identification from signal characteristics at the physical layers of in-vehicle Controller Area Network (CAN) and in-vehicle CAN-FD (CAN with flexible data rate) network. IDSs from in-vehicle CAN data frames (in prior chapter) have been found useful in detecting anomaly, however, they cannot determine which ECU launches the particular attacks. This chapter describes the IDS approaches that can not only detect the presence of malicious frames but also identify their sender ECUs. This is very essential for fast forensic, isolation, security patch, etc. The strategy counts on CAN signals’ unique characteristics of CAN physical layer, e.g., the hardware and CAN topology information (delineated by the signals characteristics) so that even if two ECUs send identical CAN messages, corresponding signals are divergent.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kneib, M., Huth, C.: Scission: signal characteristic-based sender identification and intrusion detection in automotive networks. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp. 787–800 (2018)
ISO 11898-2. Road vehicles - Controller area network (CAN) - Part2: High-speed medium access unit. ISO Standard-11898, International Standards Organisation (ISO) (Dec. 2016).
Robert Bosch GmbH. CAN specification version 2.0, Robert Bosch GmbH, Stuttgart, Germany, 1991. Available: http://www.bosch.com (1991)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: IEEE symposium on security and privacy (2010)
Miller, C., Valasek, C.: Adventures in automotive networks and control units. Def Con 21, 15 (2013)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat U S A 2015, 91 (2015)
Tencent Keen Security Lab. Experimental security assessment of Mercedes-Benz cars. https://keenlab.tencent.com/en/whitepapers/Mercedes_Benz_Security_Research_Report_Final.pdf
Kang, M., Kang, J.: A novel intrusion detection method using deep neural network for in-vehicle network security. In: IEEE 83rd vehicular technology conference (VTC Spring), pp. 1–5 (2016)
Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: Intelligent vehicles symposium (IV). IEEE (2011)
Song, H.M., Kim, H.R., Kim, H.K.: Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network. In: 2016 International conference on information networking, pp. 63–68 (2016)
Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: DSAA 2016, pp. 130–139 (2016)
Guo, F., Wang, Z., Du, S., Li, H., Zhu, H., Pei, Q., Cao, Z., Zhao, J.: Detecting vehicle anomaly in the edge via sensor consistency and frequency characteristic. IEEE Trans. Veh. Technol. 68(6), 5618–5628 (2019)
Cho, K.-T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: Proc. of the 25th USENIX security symposium, Aug. (2016)
Cho, K., Shin, K.G.: Viden: attacker identification on in-vehicle networks. In: Proceedings of 2017 ACM CCS, pp. 1109–1123 (2017)
Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ECUs using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Technol. 67(6), 4757–4770 (2018)
Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: VoltageIDS: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forens. Secur. 13, 2114 (2018)
Foruhandeh, M., Man, Y., Gerdes, R., Li, M., Chantem, T.: Simple: single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks. In: 35th Annual computer security applications conference, pp. 229–244 (2019)
Murvay, P.S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)
Kim, G., Lim, H.: Ringing suppression in a controller area network with flexible data rate using impedance switching and a limiter. IEEE Trans. Veh. Technol. 68(11), 10679–10686 (2019)
Lim, H., Kim, G., Kim, S., Kim, D.: Quantitative analysis of ringing in a controller area network with flexible data rate for reliable physical layer designs. IEEE Trans. Veh. Technol. 68(9), 8906–8915 (2019)
Mori, H., Suzuki, Y., Maeda, N., Obata, H., Kishigami, T.: Novel ringing suppression circuit to increase the number of connectable ECUs in a linear passive star CAN. In: International symposium on electromagnetic compatibility - EMC EUROPE, Rome, pp. 1–6 (2012)
High-Speed CAN (HSC) for vehicle applications at 500 kbps, SAE J2284-3, SAE International, Warrendale, PA, USA (2002)
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaniche, M., Laarouchi, Y.: Survey on security threats and protection mechanisms in embedded automotive networks. In: 2013 43rd Annual IEEE/IFIP conference on dependable systems and networks workshop, pp. 1–12 (2013)
Checkoway, S., McCoy, D., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: 20th USENIX security symposium. USENIX Association (2011)
Kononenko, I.: Estimating attributes: analysis and extensions of RELIEF. In: Machine learning: ECML-94, pp. 171–182. Springer, Berlin Heidelberg (1994)
Microchip-Corporation: Stand-Alone CAN Controller with SPI Interface (2005). Microchip MCP2515. https://www.mouser.com/datasheet/2/268/MCP2515-Stand-Alone-CAN-Controller-with-SPI-200018-708845.pdf
Microchip-Corporation: MCP2551 High-Speed CAN Transceiver (2007). http://ww1.microchip.com/downloads/en/devicedoc/21667e.pdf
Muller, K.-R., Mika, S., Ratsch, G., Tsuda, K., Scholkopf, B.: An introduction to kernel-based learning algorithms. IEEE Trans. Neural Netw. 12(2), 181–201 (2001)
Kneib, M., Schell, O., Huth, C.: On the robustness of signal characteristic-based sender identification. CoRR, vol. abs/1911.09881 (2019)
Robert Bosch GmbH. CAN with flexible data-rate (2012). https://www.can-cia.org/fileadmin/resources/documents/proceedings/2012_hartwich.pdf
Yu, T., Wang, X.: Topology verification enabled intrusion detection for in-vehicle CAN-FD networks. IEEE Commun. Lett. 24(1), 227–230 (2019)
Woo, S., Jo, H.J., et al.: A practical security architecture for in-vehicle CAN-FD. IEEE Trans. Intell. Transp. Syst. 17(8), 2248–2261 (2016)
Agrawal, M., Huang, T., et al.: CAN-FD-Sec: improving security of CAN-FD protocol. In: ESORICS 2018, Lecture notes in computer science 11552, pp. 77–93 (2018)
Mori, H., Suzuki, Y., et al.: Novel ringing suppression circuit to increase the number of connectable ECUs in a linear passive star CAN. In: International symposium on electromagnetic compatibility - EMC EUROPE, pp. 1–6 (2012)
Lim, H., Kim, G., et al.: Quantitative analysis of ringing in a controller area network with flexible data rate for reliable physical layer designs. IEEE Trans. Veh. Technol. 68(9), 8906–8915 (2019)
Microchip-Corporation. External CAN FD Controller with SPI Interface MCP2517FD (2017). http://ww1.microchip.com/downloads/en/DeviceDoc/MCP2517FD-External-CAN-FD-Controller-with-SPI-Interface-20005688B.pdf
Islinger, T., Mori, Y.: Ringing suppression in CAN FD networks. CAN Newsl. Jan, pp. 12–16 (2016)
Acknowledgements
The author is supported by the National Natural Science Foundation of China (61971192), Shanghai Municipal Education Commission (2021-01-07-00-08-E00101), and Shanghai Trusted Industry Internet Software Collaborative Innovation Center.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Li, X., Bao, Y., Hou, X. (2023). In-Vehicle ECU Identification and Intrusion Detection from Electrical Signaling. In: Kukkala, V.K., Pasricha, S. (eds) Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-031-28016-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-28016-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28015-3
Online ISBN: 978-3-031-28016-0
eBook Packages: EngineeringEngineering (R0)