VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System

Wonsuk Choi, Kyungho Joo, Hyo Jin Jo, Moon Chan Park, Dong Hoon Lee

Research output: Contribution to journalArticle

26 Citations (Scopus)

Abstract

The proliferation of computerized functions aimed at enhancing drivers’ safety and convenience has increased the number of vehicular attack surfaces accordingly. The fundamental vulnerability is caused by the fact that the controller area network protocol, a de facto standard for in-vehicle networks, does not support message origin authentication. Several methods to resolve this problem have been suggested. However, most of them require modification of the CAN protocol and have their own vulnerabilities. In this paper, we focus on securing in-vehicle CAN networks, proposing a novel automotive intrusion detection system (so-called VoltageIDS). The system leverages the inimitable characteristics of an electrical CAN signal as a fingerprint of the electronic control units. The noteworthy contributions are that VoltageIDS does not require any modification of the current system and has been validated on actual vehicles while driving on the road. VoltageIDS is also the first automotive IDS capable of distinguishing between errors and the bus-off attack. Our experimental results on a CAN bus prototype and on real vehicles show that VoltageIDS detects intrusions in the in-vehicle CAN network. Moreover, we evaluate VoltageIDS while a vehicle is moving.

Original languageEnglish
JournalIEEE Transactions on Information Forensics and Security
DOIs
Publication statusAccepted/In press - 2018 Mar 3

Fingerprint

Intrusion detection
Communication
Network protocols
Authentication
Controllers

Keywords

  • Automotive IDS
  • Controller Area Network
  • Electronic Control Unit
  • Fingerprinting

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

VoltageIDS : Low-Level Communication Characteristics for Automotive Intrusion Detection System. / Choi, Wonsuk; Joo, Kyungho; Jo, Hyo Jin; Park, Moon Chan; Lee, Dong Hoon.

In: IEEE Transactions on Information Forensics and Security, 03.03.2018.

Research output: Contribution to journalArticle

@article{1bbf5e997eaa4aa79c15bdc38e5c6d14,
title = "VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System",
abstract = "The proliferation of computerized functions aimed at enhancing drivers’ safety and convenience has increased the number of vehicular attack surfaces accordingly. The fundamental vulnerability is caused by the fact that the controller area network protocol, a de facto standard for in-vehicle networks, does not support message origin authentication. Several methods to resolve this problem have been suggested. However, most of them require modification of the CAN protocol and have their own vulnerabilities. In this paper, we focus on securing in-vehicle CAN networks, proposing a novel automotive intrusion detection system (so-called VoltageIDS). The system leverages the inimitable characteristics of an electrical CAN signal as a fingerprint of the electronic control units. The noteworthy contributions are that VoltageIDS does not require any modification of the current system and has been validated on actual vehicles while driving on the road. VoltageIDS is also the first automotive IDS capable of distinguishing between errors and the bus-off attack. Our experimental results on a CAN bus prototype and on real vehicles show that VoltageIDS detects intrusions in the in-vehicle CAN network. Moreover, we evaluate VoltageIDS while a vehicle is moving.",
keywords = "Automotive IDS, Controller Area Network, Electronic Control Unit, Fingerprinting",
author = "Wonsuk Choi and Kyungho Joo and Jo, {Hyo Jin} and Park, {Moon Chan} and Lee, {Dong Hoon}",
year = "2018",
month = "3",
day = "3",
doi = "10.1109/TIFS.2018.2812149",
language = "English",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - VoltageIDS

T2 - Low-Level Communication Characteristics for Automotive Intrusion Detection System

AU - Choi, Wonsuk

AU - Joo, Kyungho

AU - Jo, Hyo Jin

AU - Park, Moon Chan

AU - Lee, Dong Hoon

PY - 2018/3/3

Y1 - 2018/3/3

N2 - The proliferation of computerized functions aimed at enhancing drivers’ safety and convenience has increased the number of vehicular attack surfaces accordingly. The fundamental vulnerability is caused by the fact that the controller area network protocol, a de facto standard for in-vehicle networks, does not support message origin authentication. Several methods to resolve this problem have been suggested. However, most of them require modification of the CAN protocol and have their own vulnerabilities. In this paper, we focus on securing in-vehicle CAN networks, proposing a novel automotive intrusion detection system (so-called VoltageIDS). The system leverages the inimitable characteristics of an electrical CAN signal as a fingerprint of the electronic control units. The noteworthy contributions are that VoltageIDS does not require any modification of the current system and has been validated on actual vehicles while driving on the road. VoltageIDS is also the first automotive IDS capable of distinguishing between errors and the bus-off attack. Our experimental results on a CAN bus prototype and on real vehicles show that VoltageIDS detects intrusions in the in-vehicle CAN network. Moreover, we evaluate VoltageIDS while a vehicle is moving.

AB - The proliferation of computerized functions aimed at enhancing drivers’ safety and convenience has increased the number of vehicular attack surfaces accordingly. The fundamental vulnerability is caused by the fact that the controller area network protocol, a de facto standard for in-vehicle networks, does not support message origin authentication. Several methods to resolve this problem have been suggested. However, most of them require modification of the CAN protocol and have their own vulnerabilities. In this paper, we focus on securing in-vehicle CAN networks, proposing a novel automotive intrusion detection system (so-called VoltageIDS). The system leverages the inimitable characteristics of an electrical CAN signal as a fingerprint of the electronic control units. The noteworthy contributions are that VoltageIDS does not require any modification of the current system and has been validated on actual vehicles while driving on the road. VoltageIDS is also the first automotive IDS capable of distinguishing between errors and the bus-off attack. Our experimental results on a CAN bus prototype and on real vehicles show that VoltageIDS detects intrusions in the in-vehicle CAN network. Moreover, we evaluate VoltageIDS while a vehicle is moving.

KW - Automotive IDS

KW - Controller Area Network

KW - Electronic Control Unit

KW - Fingerprinting

UR - http://www.scopus.com/inward/record.url?scp=85042874244&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85042874244&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2018.2812149

DO - 10.1109/TIFS.2018.2812149

M3 - Article

AN - SCOPUS:85042874244

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

ER -