Skip to main content

Identifier randomization: An efficient protection against CAN-bus attacks

3Citations
Citations of this article
1Readers
Mendeley users who have this article in their library.
Get full text

Abstract

The Cyber-Physical Architecture of vehicles is composed of sensors, actuators, and electronic control units all communicating over shared communication buses. For historical reasons the internal communication buses, as the Controller Area Network (CAN), do not implement security mechanisms; the communications are assumed to be "trusted." Recently these trusted relations have been challenged and leveraged to launch cyber-physical attacks against modern vehicles. As a result, it becomes urgent to enhance the security features of vehicles and notably the robustness of the CAN bus which represents an important channel of attacks. In this work we develop identifier randomization procedures whose aim is to protect the CAN protocol from reverse-engineering, replay, and injection attacks. The idea behind this proposition is to constantly change the message identifiers in a random fashion in a way that both sender and receiver can recover the original message identifier but not the adversary. We present the main challenges of the CAN-ID randomization solution, we highlight the weaknesses of state-of-the-art solutions presented in other scientific papers, and we propose and study candidate solutions to overcome these weaknesses. To compare our solutions to state-of-the-art solution, we propose to use the entropy and the conditional entropy as a metrics of security. Results show that the randomization functions that we propose outperform the stateof- the-art solution in terms of both entropy and conditional entropy.

Cite

CITATION STYLE

APA

Karray, K., Danger, J. L., Guilley, S., & Abdelaziz Elaabid, M. (2018). Identifier randomization: An efficient protection against CAN-bus attacks. In Cyber-Physical Systems Security (pp. 219–254). Springer International Publishing. https://doi.org/10.1007/978-3-319-98935-8_11

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free