Abstract
Recent automotive systems are increasingly complex and networked. The situation has given rise to various cyber-attack methods. Cho and Shin introduced a new type of Denial of Service (DoS) attacks called bus-off attacks [2], which abuses certain properties of Control Area Network (CAN) used for vehicle control. They not only introduced a novel software based attack method but also proposed a countermeasure which resets the victim node to keep it from going into the disabled state. However, their countermeasure could not avoid unintended effects caused by the attack. In this paper, we propose a novel countermeasure for the bus-off attacks introduced by Cho and Shin. The method forces the node that started the bus-off attack into the disabled state in a way similar to the original bus-off attack. We have implemented the countermeasure and evaluated it in a real car environment to show the effectiveness of the method.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
We omit the technical details here.
- 2.
This is specified in the CAN specification [7].
References
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: 20th USENIX Conference on Security (2011)
Cho, K., Shin, K.G.: Error handling of in-vehicle networks makes them vulnerable. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM (2016)
Dagan, T., Wool, A.: Parrot, a software-only anti-spoofing defense system for the CAN bus. In: 5th Embedded Security in Cars (ESCAR Europe) (2016)
Dagan, T., Wool, A.: Testing the boundaries of the Parrot anti-spoofing defense system. In: 5th Embedded Security in Cars (ESCAR USA) (2017)
Hamada, Y., Inoue, M., Horihata, S., Kamemura, A.: Intrusion detection by density estimation of reception cycle periods for in-vehicle networks: a proposal. In: Presented at the 14th ESCAR Europe Conference, 16–17 November 2016
Hartkopp, O., Reuber, C., Schilling, R.: MaCAN - message authenticated CAN. In: Embedded Security in Cars (ESCAR) 2012, Berlin, Germany, November 2012
ISO 11898:2015 Road vehicles - Controller area network (CAN) (2015)
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462. IEEE (2010)
Kameoka, R., Kubota, T., Shiozaki, M., Shirahata, M., Kurachi, R., Fujino, T.: Bus-off attack against CAN ECU using stuff error injection from Raspberry Pi. In: Proceedings of Symposium on Cryptography and Information Security (SCIS), Japan (2017). (in Japaneses)
Lin, C.W., Sangiovanni-Vincentelli, A.: Cyber-security for the controller area network (CAN) communication protocol. ASE Sci. J. 1(2), 80–92 (2012)
Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE Intelligent Vehicle Symposium, pp. 1110–1115 (2011)
Matsumoto, T., Hata, M., Tanabe, M., Yoshioka, K., Oishi, K.: A method of preventing unauthorized data transmission in controller area network. In: IEEE Vehicular Technology Conference (VTC Spring), pp. 1–5. IEEE (2012)
Miller, C., Valasek, C.: Adventures in automotive networks and control units. DEFCON 21, 260–264 (2013)
Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. Black Hat USA (2014)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA (2015)
Markovitz, M., Wool, A.: Field classification, modeling and anomaly detection in unknown CAN bus networks. In: Presented at the 13th ESCAR Europe Conference, 11–12 November 2015
Nie, S., Liu, L., Du, Y.: Free-fall: hacking TESLA from wireless to CAN bus. Black Hat USA (2016)
Nilsson, D.K., Larson, U.E., Jonsson, E.: Efficient in-vehicle delayed data authentication based on compound message authentication codes. In: Vehicular Technology Conference VTC (2008)
Palanca, A., Evenchick, E., Maggi, F., Zanero, S.: A stealth, selective, link-layer denial-of-service attack against automotive networks. In: Polychronakis, M., Meier, M. (eds.) DIMVA 2017. LNCS, vol. 10327, pp. 185–206. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60876-1_9
Song, H.M., Kim, H.R., Kim, H.K.: Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network. In: ICOIN (2016)
Taylor, A., Japkowicz, N.: Frequency-based anomaly detection for the automotive CAN bus. In: WCICSS (2015)
Wasicek, A., Pese, M., Weimerskirch, A., Burakova, Y., Singh, K.: Context-aware intrusion detection in automotive control system. In: Presented at the 5th ESCAR USA Conference, USA, 21–22 June 2017
Wolf, M., Weimerskirch, A., Paar, C.: Secure in-vehicle communication. In: Lemke, K., Paar, C., Wolf, M. (eds.) Embedded Security in Cars, pp. 95–109. Springer, Heidelberg (2006). https://doi.org/10.1007/3-540-28428-1_6
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Souma, D., Mori, A., Yamamoto, H., Hata, Y. (2018). Counter Attacks for Bus-off Attacks. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2018. Lecture Notes in Computer Science(), vol 11094. Springer, Cham. https://doi.org/10.1007/978-3-319-99229-7_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-99229-7_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99228-0
Online ISBN: 978-3-319-99229-7
eBook Packages: Computer ScienceComputer Science (R0)