Difference between revisions of "Projects:2019s1-105 Hacking CAN Bus"

From Projects
Jump to: navigation, search
Line 27: Line 27:
  
 
= Definitions and Abbreviations =
 
= Definitions and Abbreviations =
CAN Controller Area Network
+
* CAN Controller Area Network
 +
 +
* ECU  -  Electronic Control Unit
  
ECU Electronic Control Unit
+
* MITM -  Man-in-the-Middle
  
MITM Man-in-the-Middle
+
* MOTS -  Man-on-the-Side
  
MOTS Man-on-the-Side
+
* OBD - On Board Diagnostics
 
 
OBD On Board Diagnostics
 
 
 
 
 
<nowiki>CAN Controller Area Network
 
ECU Electronic Control Unit
 
MITM Man-in-the-Middle
 
MOTS Man-on-the-Side
 
OBD On Board Diagnostics</nowiki>
 
  
  
 
= Research Questions =
 
= Research Questions =
What are the benefits and limitations of a testbed environment for research in automotive security?
+
* What are the benefits and limitations of a testbed environment for research in automotive security?
  
How can the vulnerabilities of the CAN bus protocol be exploited in a testbed environment to perform targeted and deceptive attacks?
+
* How can the vulnerabilities of the CAN bus protocol be exploited in a testbed environment to perform targeted and deceptive attacks?
  
What are the advantages and disadvantages of MOTS compared to MITM attack architectures?
+
* What are the advantages and disadvantages of MOTS compared to MITM attack architectures?
  
  

Revision as of 22:07, 31 May 2019

Utilising a testbed environment to develop and demonstrate man-in-the-middle deception attacks on the internal communication networks of modern vehicles

Modern cars have multiple dedicated computers that control all of the car’s operations, such as the engine, braking, steering and entertainment. These computers are called electronic control units (ECUs) and communicate primarily by a highly vulnerable serial network, the CAN bus protocol.

Cyber security concerns surrounding these vehicles are increasing, particularly with the introduction of Wi-Fi and other wireless vehicle services. Using these wireless services, adversaries can find their way on the CAN bus and gain control of the vehicle. In a different scenario, infiltrating a vehicle and connecting a device to subtly alter a vehicle’s display information, without any overt consequences, may result in an unaware user who, at best, might have a slight suspicion.

The research presented in this paper discusses this type of security threat and the mistrust it can cause. The intent of the research is to assert the usefulness of a testbed environment in exploiting the vulnerabilities of the CAN bus protocol by developing and weaponizing a deceptive man-in-the-middle type attack.


Project Team

Student Researchers

Stefan Smiljanic

Charlie Tran


Project Supervisors

Dr. Matthew Sorell

Aaron Frishling (DSTG)

Bradley Cooney (DSTG)

Daniel Coscia (DSTG)


Definitions and Abbreviations

  • CAN - Controller Area Network
  • ECU - Electronic Control Unit
  • MITM - Man-in-the-Middle
  • MOTS - Man-on-the-Side
  • OBD - On Board Diagnostics


Research Questions

  • What are the benefits and limitations of a testbed environment for research in automotive security?
  • How can the vulnerabilities of the CAN bus protocol be exploited in a testbed environment to perform targeted and deceptive attacks?
  • What are the advantages and disadvantages of MOTS compared to MITM attack architectures?


Related Work and Motivation

To be filled...

Objectives

To be filled...

Method

To be filled...

Results

To be filled...

References

To be filled...