Paper Review: Error Handling of In-vehicle Networks Makes Them Vulnerable

This is a paper review for: Cho, Kyong-Tak, and Kang G. Shin. "Error handling of in-vehicle networks makes them vulnerable." Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. 2016.

Summary

Modern vehicles use lots of ECUs to improve the vehicle’s spec and safety. The authors in this paper were focused on what can happen after an ECU is compromised. They discovered a vulnerability in error handling of the standard vehicle network protocol (control area network). Error handling in the CAN protocol is used to detect issues in CAN frames and help ECUs take the right actions to have a fault tolerant system. They discovered a new DoS threat (bus off attack) can trick IDSs to think that the there is an internal error in the system. The attack can be performed without understanding messages transmitted (no need for reverse engineering). The authors experimented the attack on two real vehicles and demonstrated the practicality of this attack. Finally, they developed and evaluated measures to prevent the attack.

Things I liked

Things I did not like:

Further research

The authors mentioned that provided authentication for CAN is difficult due to the limited space for appending a message authentication code and due to performance. I think it might be useful to research how we can provide authentication for CAN in limited space and limited computer resources.

;