As automobiles become more electrified, more and more Electronic Control Units (ECU) are installed in vehicles. ECUs communicate with each other through dedicated protocols such as a controller area network (CAN), but these protocols do not have their own security measures. Many cyberattacks have exploited this weakness, but an intrusion detection system (IDS) is emerging as an effective countermeasure. In this study, we introduce a new attack method that existing IDS cannot detect. CAN signal extinction-based DoS attack (CEDA) is a new attack method that uses a voltage drop to erase the CAN signal. When the target ECU transmits a signal, adding a resister that lowers the differential voltage to an undefined gray zone causes the other ECU to ignore the signal being sent from the target ECU. In cybersecurity, denial of service (DoS) is defined as restricting an authorized entity from accessing a resource or delaying a time-critical system. This attack is a kind of a DoS attack since the adversary can make the target ECU bus-off through a CEDA. CEDA could be a serious problem as it has not been detected by any known IDS to date. In this study, we use laboratory and vehicle tests to detail the attack methods and introduce appropriate security measures.
CITATION STYLE
Lee, Y., & Woo, S. (2022). CAN Signal Extinction-based DoS Attack on In-Vehicle Network. Security and Communication Networks, 2022. https://doi.org/10.1155/2022/9569703
Mendeley helps you to discover research relevant for your work.