Practical DoS Attacks on Embedded Networks in Commercial Vehicles

Mukherjee, Subhojeet; Shirazi, Hossein; Ray, Indrakshi; Daily, Jeremy; Gamble, Rose F.

doi:10.1007/978-3-319-49806-5_2

Cited by 46 publications

(25 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In HAPCAN, denial of service can also be achieved by exploiting the fact that all nodes are interconnected in series, and therefore a failure of one module affects overall availability. Furthermore, as HAPCAN utilises the CAN protocol, the protocol itself is at risk to several additional CAN vulnerabilities, such as request overload and false request to send [16], or rogue node packet amplification exhausting [17]. Here, it is important to note that an attacker requires physical access to the communication bus, e.g., by implanting a rogue node through the supply chain.…”

Section: Cm-wd-h: Hapcanmentioning

confidence: 99%

A taxonomy of cyber-physical threats and impact in the smart home

Heartfield

Loukas

Budimir

et al. 2018

Computers & Security

View full text Add to dashboard Cite

In the past, home automation was a small market for technology enthusiasts. Interconnectivity between devices was down to the owner's technical skills and creativity, while security was non-existent or primitive, because cyber threats were also largely non-existent or primitive. This is not the case any more. The adoption of Internet of Things technologies, cloud computing, artificial intelligence and an increasingly wide range of sensing and actuation capabilities has led to smart homes that are more practical, but also genuinely attractive targets for cyber attacks. Here, we classify applicable cyber threats according to a novel taxonomy, focusing not only on the attack vectors that can be used, but also the potential impact on the systems and ultimately on the occupants and their domestic life. Utilising the taxonomy, we classify twenty five different smart home attacks, providing further examples of legitimate, yet vulnerable smart home configurations which can lead to second-order attack vectors. We then review existing smart home defence mechanisms and discuss open research problems. Reference Key security properties Vulnerabilities/challenges Security recommended Open problems identified Komninos et al. [1] Confidentiality Connected to Internet Auto-immunity to threats Resilience Physical tampering Reliability, availability Lin et al. [2] Confidentiality Phys./netw. accessibility Gateway architecture Auto-configuration Authentication Constrained resources Updates Access control Heterogeneity Nawir et al. [6] Smart meter integrity Remote connectivity Techn. countermeasures Standardisation Privacy Physical tampering Regulatory initiatives Impact evaluation, metrics Non-repudiation Malicious actuation Intrusion detection Authorisation Logging for audit/forensics Ziegeldorf et al.[5]

show abstract

Section: Cm-wd-h: Hapcanmentioning

confidence: 99%

A taxonomy of cyber-physical threats and impact in the smart home

Heartfield

Loukas

Budimir

et al. 2018

Computers & Security

View full text Add to dashboard Cite

show abstract

“…There are different types of the DoS attack implemented on CAN network. Mukherjee et al [9] implemented DoS attack on SAE J1939. SAE J1939 standard is used in commercial vehicles and it is implemented on top of the CAN physical layer.…”

Section: B Existent Attacksmentioning

confidence: 99%

A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions

Bozdal

Samie

Jennions

2018

2018 International Conference on Computing, Electronics &Amp; Communications Engineering (iCCECE)

View full text Add to dashboard Cite

The vehicles are equipped with electronic control units that control their functions. These units communicate with each other via in-vehicle communication protocols like CAN bus. Although CAN is the most common in-vehicle communication protocol, the lack of encryption and authentication causes series security shortcomings. There are many attacks reported and the number is estimated to increase with the rising connectivity of the cars. In this paper, we present CAN protocol and analyze its security vulnerabilities. Then we survey the implemented attacks and proposed solutions in the literature.

show abstract

“…Mukherjee et al [16] implemented DoS attacks on the SAE J1939 standard [29], which is used in heavy-duty commercial vehicles. They performed three separate DoS attacks: (i) sending too many request messages for a supported Parameter Group Number (PGN) to overload the recipient ECU, (ii) sending manipulated false request to send (RTS) and causing overflow at the recipient buffer, and (iii) keeping the connections open via Clear to Send (CTS) messages and occupying the whole network.…”

Section: Physical Access Attacksmentioning

confidence: 99%

“…Therefore, extensive studies have been carried out to find possible solutions [7,8] to the vulnerabilities of CAN. Some of these studies have performed successful experimental attacks on passenger cars [9][10][11][12][13][14] and heavy-duty vehicles [15,16]. At the same time, researchers have also proposed preventative methods for such known attacks.…”

Section: Introductionmentioning

confidence: 99%

Evaluation of CAN Bus Security Challenges

Bozdal

Samie

Aslam

et al. 2020

Sensors

127

View full text Add to dashboard Cite

The automobile industry no longer relies on pure mechanical systems; instead, it benefits from many smart features based on advanced embedded electronics. Although the rise in electronics and connectivity has improved comfort, functionality, and safe driving, it has also created new attack surfaces to penetrate the in-vehicle communication network, which was initially designed as a close loop system. For such applications, the Controller Area Network (CAN) is the most-widely used communication protocol, which still suffers from various security issues because of the lack of encryption and authentication. As a result, any malicious/hijacked node can cause catastrophic accidents and financial loss. This paper analyses the CAN bus comprehensively to provide an outlook on security concerns. It also presents the security vulnerabilities of the CAN and a state-of-the-art attack surface with cases of implemented attack scenarios and goes through different solutions that assist in attack prevention, mainly based on an intrusion detection system (IDS).

show abstract

Practical DoS Attacks on Embedded Networks in Commercial Vehicles

Cited by 46 publications

References 3 publications

A taxonomy of cyber-physical threats and impact in the smart home

A taxonomy of cyber-physical threats and impact in the smart home

A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions

Evaluation of CAN Bus Security Challenges

Contact Info

Product

Resources

About