Browse Publications Technical Papers 2014-01-0340

CAN Security: Cost-Effective Intrusion Detection for Real-Time Control Systems 2014-01-0340

In-vehicle networks are generally used for computerized control and connecting information technology devices in cars. However, increasing connectivity also increases security risks. “Spoofing attacks”, in which an adversary infiltrates the controller area network (CAN) with malicious data and makes the car behave abnormally, have been reported. Therefore, countermeasures against this type of attack are needed.
Modifying legacy electronic control units (ECUs) will affect development costs and reliability because in-vehicle networks have already been developed for most vehicles. Current countermeasures, such as authentication, require modification of legacy ECUs. On the other hand, anomaly detection methods may result in misdetection due to the difficulty in setting an appropriate threshold. Evaluating a reception cycle of data can be used to simply detect spoofing attacks. However, this may result in false detection due to fluctuation in the data reception cycle in the CAN.
We propose the “delayed-decision cycle detection” method for improving a conventional cycle detection method, which does not require modification of legacy ECUs, detects intrusions with a low misdetection rate, and prevents intrusions. We evaluated this method in a simulated environment of an actual car. The processing load of the method was sufficiently low. In some specific cases, the method resulted in misdetection. Therefore, we further improved the proposed detection method.
Security architecture for in-vehicle networks should be constructed of multi-layer countermeasures to prevent single point of attacks. The proposed method can be easily applied as one layer of security architecture because it has several advantages, such as low processing load, and does not require the modification of legacy ECUs.


Subscribers can view annotate, and download all of SAE's content. Learn More »


Members save up to 18% off list price.
Login to see discount.
Special Offer: Download multiple Technical Papers each year? TechSelect is a cost-effective subscription option to select and download 12-100 full-text Technical Papers per year. Find more information here.
We also recommend:

Investigation of Vehicular Networks and its Main Security Issues


View Details


Adapted Development Process for Security in Networked Automotive Systems


View Details


Design of a High Efficiency In-Vehicle Network with a Single ECU for a Network (SEN)


View Details