Evaluation of DoS Attacks on Vehicle CAN Bus System
The controller area network (CAN) has been widely used in the modern automotives for interconnecting electrical components such as air bag system, anti-lock braking system (ABS), electronic dashboard, fuel injection system, and etc. In order to make sure the urgent message, e.g., ABS, could be processed in the shortest time, CAN bus protocol establishes the priority of the message, and allows certain messages can take priority over others. It goes without saying that this design is quite desirable for vehicular applications; however, it also provides vulnerability for Denial-of-Service (DoS) attacks. It is possible for malicious adversaries to cause major damage by exploiting flaws in the CAN protocol design or implementation. Some of these attacks can lead to catastrophic consequences for both the vehicle and the driver. This paper proposed a study on the impact of such priority based DoS attacks. Experimental results shown that a significant impact on the CAN bus efficiency of priority- based DoS attacks. In addition, a single attacker could block an entire CAN network just using fake CAN message with continuous injection.
KeywordsVehicle network CAN bus DoS attack Security
This study is supported in part by the Ministry of Science and Technology, Taiwan, under Grant MOST 105-2221-E-366-003-MY3.
- 1.CAN specification Version 2.0. Robert Bosch GmbH (1991)Google Scholar
- 2.Kvaser: A tour on the CAN Protocol. http://www.kvaser.com
- 3.Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks–practical examples and selected short-term countermeasures. In: Computer Safety, Reliability, and Security, pp. 235–248 (2008)Google Scholar
- 4.Corrigan, S.: Introduction to the Controller Area Network (CAN), Texas Instruments Application Report (2008)Google Scholar
- 5.Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy, pp. 447–462, May 2010Google Scholar
- 6.Mukherjee, S., Shirazi, H., Ray, I., Daily, J., Gamble, R.: Practical DoS attacks on embedded networks in commercial vehicles. In: 2016 International Conference on Information Systems Security (ICISS 2016), pp. 23–42 (2016)Google Scholar
- 7.Si, W., Starobinski, D., Laifenfeld, M.: Protocol-compliant DoS attacks on CAN: demonstration and mitigation. In: 2016 IEEE 84th Vehicular Technology Conference (VTC-Fall) (2016)Google Scholar