IIUM Repository

Simulation of in-vehicle network CAN (in)security

Rosdee, Nur Fadhilah Ajwa and Ali Azmi, Nur Nadiah and Mansor, Hafizah (2022) Simulation of in-vehicle network CAN (in)security. International Journal on Perceptive and Cognitive Computing, 8 (2). pp. 71-76. E-ISSN 2462-229X

[img]
Preview
PDF (Journal) - Published Version
Download (309kB) | Preview

Abstract

In-vehicle network security is becoming one of the leading research fields in the cybersecurity area. Modern automobiles consist of Electronic Control Units (ECUs), microcontrollers that control the operations of a vehicle. These ECUs are mainly interconnected through an in-vehicle Controller Area Network (CAN), a message-based protocol that allows communication between different ECUs. The vulnerabilities of CAN which have no encryptions, authentication and integrity checking attributes are widely known but continuous research is made on the security and exploitation of CAN. This is because, the safety and security of vehicles and passengers have become more concerning due to the increase of external and internal vehicle communications. Our paper aims to discuss related works of CAN bus vulnerabilities and security through literature review. This paper conducts simple cyberattacks against CAN bus by data collection, data analysis and attack experiment on the Instrument Cluster Simulator (ICSim) with the help of CAN network analysis tool, CANalyse. CAN packets were collected and analysed and the ID for a number of car functions in ICSim were determined. Attack experiments resulted in sniffing and replay attacks against CAN buses were valid. Finally, from these findings, the paper proposes recommended security measures of CAN bus which are network segmentation, cryptography-based method, and Intrusion Detection System (IDS).

Item Type: Article (Journal)
Uncontrolled Keywords: CAN bus, in-vehicle network, CAN bus security, cybersecurity
Subjects: T Technology > T Technology (General)
T Technology > T Technology (General) > T175 Industrial research. Research and development
Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): Kulliyyah of Information and Communication Technology
Kulliyyah of Information and Communication Technology

Kulliyyah of Information and Communication Technology > Department of Computer Science
Kulliyyah of Information and Communication Technology > Department of Computer Science
Depositing User: Hafizah Mansor
Date Deposited: 03 Aug 2022 09:08
Last Modified: 07 Aug 2024 16:53
URI: http://irep.iium.edu.my/id/eprint/99112

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year