TY - JOUR
T1 - Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks
AU - Choi, Wonsuk
AU - Jo, Hyo Jin
AU - Woo, Samuel
AU - Chun, Ji Young
AU - Park, Jooyoung
AU - Lee, Dong Hoon
N1 - Funding Information:
Manuscript received July 2, 2016; revised March 17, 2017 and October 30, 2017; accepted February 13, 2018. Date of publication February 27, 2018; date of current version June 18, 2018. This work was supported by Samsung Research Funding and Incubation Center for Future Technology under Project SRFC-TB1403-51. The review of this paper was coordinated by Prof. H. Wang. (Corresponding author: Dong Hoon Lee.) W. Choi, J. Y. Chun, and D. H. Lee are with the Graduate School of Information Security, Korea University, Seoul 02841, South Korea (e-mail: wonsuk85. choi@gmail.com; jychun@korea.ac.kr; donghlee@korea.ac.kr).
Publisher Copyright:
© 1967-2012 IEEE.
PY - 2018/6
Y1 - 2018/6
N2 - As the functions of vehicles are more computerized for the safety and convenience of drivers, attack surfaces of vehicle are accordingly increasing. Many attack results have shown that an attacker could intentionally control vehicles. Most of them exploit the vulnerability that controller area network (CAN) protocol, a de-facto standard for the in-vehicle networks, does not support message origin authentication. Although a number of methods to resolve this security vulnerability have been suggested, they have their each limitation to be applied into the current system. They have required either the modification of the CAN standard or dramatical communication load increase, which is infeasible in practice. In this paper, we propose a novel identification method, which works in the physical layer of the in-vehicle CAN network. Our method identifies electronic control units (ECUs) using inimitable characteristics of electrical CAN signals enabling detection of a malicious ECU. Unlike previous attempts to address the security problem in the in-vehicle CAN network, our method works by simply adding a monitoring unit to the existing network, making it deployable in current systems and compliant with required CAN standards. Our experimental results show that our method is able to correctly identify ECUs. In case of misclassfication rate for ECU idnetification, our method yields 0.36% in average which is approximate four times lower than the method proposed by P.-S. Murvay et al. This paper is also the first to identify potential attack models that systems should be able to detect.
AB - As the functions of vehicles are more computerized for the safety and convenience of drivers, attack surfaces of vehicle are accordingly increasing. Many attack results have shown that an attacker could intentionally control vehicles. Most of them exploit the vulnerability that controller area network (CAN) protocol, a de-facto standard for the in-vehicle networks, does not support message origin authentication. Although a number of methods to resolve this security vulnerability have been suggested, they have their each limitation to be applied into the current system. They have required either the modification of the CAN standard or dramatical communication load increase, which is infeasible in practice. In this paper, we propose a novel identification method, which works in the physical layer of the in-vehicle CAN network. Our method identifies electronic control units (ECUs) using inimitable characteristics of electrical CAN signals enabling detection of a malicious ECU. Unlike previous attempts to address the security problem in the in-vehicle CAN network, our method works by simply adding a monitoring unit to the existing network, making it deployable in current systems and compliant with required CAN standards. Our experimental results show that our method is able to correctly identify ECUs. In case of misclassfication rate for ECU idnetification, our method yields 0.36% in average which is approximate four times lower than the method proposed by P.-S. Murvay et al. This paper is also the first to identify potential attack models that systems should be able to detect.
KW - Automotive ID
KW - Controller Area Network
KW - Device Fingerprinting
KW - Electronic Control Unit
UR - http://www.scopus.com/inward/record.url?scp=85042853013&partnerID=8YFLogxK
U2 - 10.1109/TVT.2018.2810232
DO - 10.1109/TVT.2018.2810232
M3 - Article
AN - SCOPUS:85042853013
VL - 67
SP - 4757
EP - 4770
JO - IEEE Transactions on Vehicular Technology
JF - IEEE Transactions on Vehicular Technology
SN - 0018-9545
IS - 6
ER -