Vehicles made within the past years have gradually become more and more complex. As a result, the embedded computer systems that monitor and control these systems have also grown in size and complexity. Unfortunately, the technology that protects them from external attackers has not improved at a similar rate. In this paper we discuss the vulnerabilities of modern in-vehicle networks, focusing on the Controller Area Network (CAN) communications protocol as a primary attack vector. We discuss the vulnerabilities of CAN, the types of attacks that can be used against it, and some of the solutions that have been proposed to overcome these attacks.
The existing automotive Controller Area Network (CAN) is vulnerable. The absence of sender verification in its communication means that an attacker acting as a node on its network will be treated like a legitimate node that has always been present, allowing attackers to transmit and receive messages freely. This paper proposes a system that will allow nodes using CAN to identify legitimate messages and reject those that come from illegitimate nodes. In addition, the system provides resistance against replay attacks that can clog up the safety-critical real time networks.
As computer attacks become more sophisticated and the rise of advanced persistent threats, moving target defense (MTD) is a new strategy being developed to reduce attacker success and provide for system resiliency. This work has been focused on standard IT infrastructures. In this paper we put forward how current MTD techniques may be applicable to the SCADA environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.