Literature Database Entry

buscemi2022automation

Alessio Buscemi, "Automation of Controller Area Network Reverse Engineering: Approaches, Opportunities and Security Threats," PhD Thesis, The Faculty of Sciences, Technology and Communication, University of Luxembourg, March 2022. (Advisor: Thomas Engel; Referees: Kang G. Shin and Falko Dressler)

Abstract

Controller Area Network (CAN) is the de-facto in-vehicle communication system in the automotive industry today. CAN data represents a valuable source of information regarding the vehicle, which can be exploited for a multitude of purposes by aftermarket companies, from fleet management to infotainment. With the rise of Vehicular Ad Hoc Networks (VANETs) and autonomous driving, we can expect the amount of data transiting on the CAN bus to further augment in the near future. While not encrypted, the communication inside the CAN bus is typically encoded using proprietary formats of the Original Equipment Manufacturers (OEMs) in order to prevent easy access to the information exchanged on the network. However, given the unwillingness of the OEMs to disclose the formats of most of the CAN signals of commercial vehicles (cars in particular) to the general public, the most common way to obtain such information is through reverse engineering. Recently, researchers have started investigating the automation of this process to make it faster, scalable and standardised. Aside from the evident advantages that it would bring to the industry, the automation of CAN bus reverse engineering has also gained interest in the scientific community, where automotive cybersecurity is a prominent topic. While achieving convincing results, the automation of CAN reverse engineering is still invasive, often includes complex hardware configurations or requires the presence of a human operator in the vehicle. This dissertation aims to analyse the main advancements achieved in the field of CAN bus reverse engineering and shed light on open issues. In the first part of this dissertation, we explore opportunities and challenges of the automation of CAN bus reverse engineering and present three approaches that achieve different degrees of automation. The first, FastCAN, is based on the taxonomy of signals. Its goal is to provide a complete, standardised and modular pipeline for semi-automated reverse engineering and reduce the total time for data collection. The second, CSI, is a Machine Learning (ML)-based algorithm for the identification of critical signals working under limited assumptions. We use CSI as a case study to investigate whether CAN reverse engineering can be achieved with no other hardware than a dongle for the collection of raw data. The third, CANMatch, is a complete and fully automated approach based on frame matching. Through CANMatch we seek to demonstrate that the reuse of CAN frame IDs can be exploited to reverse engineer a high number of signals with minimal hardware requirements and human effort. In the second part of this dissertation, we discuss the implications that the full automation of the reverse engineering process has on the security of the bus. In this context, we investigate whether the anonymisation of the CAN frame IDs is sufficient to prevent frame-matching based reverse engineering. The results highlight that ML models can fingerprint CAN frames despite the anonymisation of their IDs. Finally, we propose a defence against frame fingerprinting based on traffic mutations, such as padding on the payload and morphing on the sending frequency. We conclude that traffic mutations are a promising study direction to prevent frame-matching based reverse engineering.

Quick access

BibTeX BibTeX

Contact

Alessio Buscemi

BibTeX reference

@phdthesis{buscemi2022automation,
    author = {Buscemi, Alessio},
    title = {{Automation of Controller Area Network Reverse Engineering: Approaches, Opportunities and Security Threats}},
    advisor = {Engel, Thomas},
    institution = {The Faculty of Sciences, Technology and Communication},
    location = {Luxembourg, Luxembourg},
    month = {3},
    referee = {Shin, Kang G. and Dressler, Falko},
    school = {University of Luxembourg},
    type = {PhD Thesis},
    year = {2022},
   }
   
   

Copyright notice

Links to final or draft versions of papers are presented here to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or distributed for commercial purposes without the explicit permission of the copyright holder.

The following applies to all papers listed above that have IEEE copyrights: Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

The following applies to all papers listed above that are in submission to IEEE conference/workshop proceedings or journals: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

The following applies to all papers listed above that have ACM copyrights: ACM COPYRIGHT NOTICE. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.

The following applies to all SpringerLink papers listed above that have Springer Science+Business Media copyrights: The original publication is available at www.springerlink.com.

This page was automatically generated using BibDB and bib2web.

Last modified: 2024-04-27