EC-SVC: Secure CAN Bus In-Vehicle Communications With Fine-Grained Access Control Based on Edge Computing

Donghyun, Yu,; Hsu, Ruei-Hau; Lee, Jemin

doi:10.1109/tifs.2022.3152405

Cited by 15 publications

(6 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…2. The IVN fields and their subjects in the reviewed works Field Paper(s) Subjects Requirements of automotive TSN [6], [11], [12] List of requirements for future IVN processing platforms [13], [14] Integrate TSN with SDN with security [15] NDN [16] Graceful degradation for real-time autonomous vehicle applications [17] Improve the accuracy of the canvas [10] Reducing latency by porting it to Xronos [18] TSN-5G heterogeneous networks [19] HPVUs security [20] OTT Ethernet algorithm [21] Ethernet backbone with Zone based architecture [22] iDriving [45], [46] TSN PSFP, Protection of the TSN automotive Ethernet Security protocols for IVN [23], [24], [30], [35], [39] Review of blockchain and security attributes of IVN [34] IPSEC [36] Extensions to the SOME/IP protocol for securing SOME/IP service discovery [37] CANFD [25]- [29], [33], [38] Confidentiality, authentication, integrity [30]- [33] Blockchain in IVN [40] Structure-aware CAN Fuzzing procedure [41] Mitigations against an underactuated USV Intrusions detection systems for IVN [29], [42], [44], [47], [48], [53] Intrusion Detection Systems [49], …”

Section: Resultsmentioning

confidence: 99%

“…Vehicle messages with the world were not secure by design; furthermore, the cars' internal devices are resource constrained to manage security processes. Yu et al [38] proposed secure IVN that support data confidentiality, authentication, integrity, fine-grained access control, and certification. They used the concept of edge computing by introducing the security agent (SA), which manages cryptographical processes that require low resources.…”

Section: Cryptography: Other Cryptographymentioning

confidence: 99%

See 1 more Smart Citation

Automotive Ethernet architecture and security: challenges and technologies

Toghuj,

Turab

2023

IJECE

View full text Add to dashboard Cite

<span lang="EN-US">Vehicle infrastructure must address the challenges posed by today's advances toward connected and autonomous vehicles. To allow for more flexible architectures, high-bandwidth connections and scalability are needed to connect many sensors and electronic control units (ECUs). At the same time, deterministic and low latency is a critical and significant design requirement to support urgent real-time applications in autonomous vehicles. As a recent solution, the time-sensitive network (TSN) was introduced as Ethernet-based amendments in IEEE 802.1 TSN standards to meet those needs. However, it had hurdle to be overcome before it can be used effectively. This paper discusses the latest studies concerning the automotive Ethernet requirements, including transmission delay studies to improve worst-case end-to-end delay and end-to-end jitter. Also, the paper focuses on the securing Ethernet-based in-vehicle networks (IVNs) by reviewing new encryption and authentication methods and approaches.</span>

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Cryptography: Other Cryptographymentioning

confidence: 99%

Automotive Ethernet architecture and security: challenges and technologies

Toghuj,

Turab

2023

IJECE

View full text Add to dashboard Cite

show abstract

“…Furthermore, they demonstrated the attack on both low-end and high-end automotive embedded platforms and implemented an authentication mechanism on the CAN while maintaining backward compatibility. Yu et al addressed the excessive resource usage problem by transferring security operations to high-performance devices and adopted attribute-based access control to ensure message confidentiality from both the attackers and unauthorized users [20]. They reconstructed the existing access-control-based security protection technology to address new vulnerabilities arising from the use of edge computing and attribute-based access control.…”

Section: Encryption and Authentication Techniques For Ict Securitymentioning

confidence: 99%

“…In the past few years, numerous research studies have been conducted in the ICT security field, falling into three main categories: encryption and authentication [14][15][16][17][18][19][20][21], gateway isolation [22], and IDSs (intrusion detection systems) [23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38]. Specifically, the encryption and authentication approaches can accurately identify an attacker's intrusion and immediately distinguish the identity of the attacker.…”

Section: Introductionmentioning

confidence: 99%

A Novel Multi-Attack IDS Framework for Intelligent Connected Terminals Based on Over-the-Air Signature Updates

et al. 2023

Electronics

View full text Add to dashboard Cite

Modern terminals are developing toward intelligence and ubiquitous connection. Such ICTs (intelligent connected terminals) interact more frequently with the outside world and expose new attack surfaces. IDSs (intrusion detection systems) play a vital role in protecting ICT security. Multi-attack IDSs that can cover both intra-terminal and inter-terminal networks are a promising research direction for improving detection accuracy and the strength of security protection. However, a major challenge is the frequent dynamic signature updates across the network boundary, which cause significant computational overheads and result in losses in detection performance. In light of this, we propose a novel IDS framework based on OTA (over-the-air) signature updates to implement multi-attack detection. It updates the attack signatures of the target ICTs and adds the new attack signatures to the signature database in order to minimize the local memory storage and computing resources. It employs a CNN (convolutional neural network) based on an auto-encoder to achieve multi-attack detection, which can ensure the detection accuracy of multi-attacks with the multiple classification function. We evaluated our framework on four types of real-world ICT attack data, drawing comparisons with four widely used IDS schemes, and demonstrated the non-negligible superiority of our scheme over all benchmarks in terms of accuracy, recall, precision, and F1-score. Our work represents an important step toward an IDS that can detect multi-attacks in both intra-terminal and inter-terminal networks.

show abstract

“…Besides, it is worthy of mentioning that the additional expander algorithm (please see the algorithm Expand in Section IV-A) is efficient since it only needs operations on a cryptographic collision-resistant hash function (e.g., MD5, SHA256, etc). It is generally considered that hash operation is a kind of lightweight computation and it has many important applications, for examples, message authentication, digital signature, encryption, password protection [1], [2], [3], [4], [5].…”

Section: Introductionmentioning

confidence: 99%

A new digital signature primitive and its application in blockchain

Zou

Zeng

2023

IEEE Access

View full text Add to dashboard Cite

In this paper, we propose a new digital signature primitive, called expander signature, and discuss its application in blockchain. The most promising advantage of expander signature is that a signer can generate all signatures at once using a powerful computer, and stores expander keys personally. Each time the signer wants some of his signatures to be verified, he releases the related expander key. No matter when or where, the signer can do this via a resource-limited device, for example, a personal portable terminal. We formally define the syntax and security of expander signature. Under our precisely defined security model, we give generic constructions of expander signature from both public key infrastructure-based and identity-based signature schemes. The security of our constructed expander signature schemes rigorously depends on the underlying public key signature schemes. The expander keys do not leak any information about the signer's secret key and the size of the expander keys is constant no matter how many times the expander has been occurred. Finally, we give an application example of expander signature in blockchain. INDEX TERMSDigital signature, expander signature, forward security, blockchain, smart contract. XIANG ZOU received the Ph.D. degree in computer science and technology from the University of Science and Technology of China, Anhui, China, in 2004. He is currently a Research Professor with the Third Research Institute of the Ministry of Public Security. His current research interests include network information security, applied cryptography, and personal identity information protection. PENG ZENG (Member, IEEE) received the Ph.D. degree in computer science and technology from

show abstract

EC-SVC: Secure CAN Bus In-Vehicle Communications With Fine-Grained Access Control Based on Edge Computing

Cited by 15 publications

References 30 publications

Automotive Ethernet architecture and security: challenges and technologies

Automotive Ethernet architecture and security: challenges and technologies

A Novel Multi-Attack IDS Framework for Intelligent Connected Terminals Based on Over-the-Air Signature Updates

A new digital signature primitive and its application in blockchain

Contact Info

Product

Resources

About