Securing Automotive Networks with Vehicle-Agnostic Technologies

Abstract

Modern vehicles are incredibly complex and operate through an exchange of information between many Electronic Control Units (ECUs)—which are small embedded computers that can contain an array of sensors and inputs. These ECUs communicate through Controller Area Networks (CANs), a broadcast network with a lightweight protocol, which have been mandated for use in most vehicles since 2008. Previous research has shown that a vehicles CANs are critically vulnerable to exploitation: hackers can remotely execute code and collect potentially sensitive private information. Although numerous examples of intrusions and attacks have been demonstrated through research, the practical application of cybersecurity remains inconsistent across automotive manufacturers. Further, passenger vehicle manufacturers use propriety encodings for CAN messages, obfuscating the meaning of data. To help solve this critical issue, we present our research towards producing a vehicle-agnostic intrusion detection system. Our proposed solution is an after-market prototype which can plug in to an automotive on-board diagnostic port to monitor network traffic. The prototype uniquely configures itself per-vehicle and uses a suite of algorithms to determine the presence of a cyber-attack. Our research expands upon current CAN detection solutions by matching signals in the obfuscated network with known values generated from automotive diagnostic services.