Studies of the possibility of external threats of the automotive ECU through simulation test environment (자동차용 ECU의 CAN 메시지를 통한 자동차 공격 방법 연구)

이혜련; 김경진; Kihyun Chung (정기현); Kyung-Hee Choi (최경희); 박승규; 권도근

Studies of the possibility of external threats of the automotive ECU through simulation test environment

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2013, 18(11), pp.39-49
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

이혜련 ¹, 김경진 ², Kihyun Chung ³, Kyung-Hee Choi ³, 박승규 ³, 권도근 ²

¹아주대학교 컴퓨터공학과
²아주대학교 전자공학과
³아주대학교

Accredited

ABSTRACT

In this paper, security mechanism of internal network(CAN) of vehicle is a very incomplete state and the possibility of external threats as a way to build a test environment that you can easily buy from the market by the vehicle's ECU(Electric Control Unit) to verify and obtain a CAN message. Then, by applying it to ECU of the real car to try to attack is proposed. A recent study,Anyone can see plain-text status of the CAN message in the vehicle. so that in order to verify the information is vulnerable to attack from outside, analyze the data in a vehicle has had a successful attack, but attack to reverse engineering in the stationary state and buying a car should attempt has disadvantages that spatial, financial, and time costs occurs. Found through the car's ECU CAN message is applied to a real car for Potential threats outside of the car to perform an experiment to verify and equipped with a wireless network environment, the experimental results,proposed method through in the car to make sure the attack is possible. As a result, reduce the costs incurred in previous studies and in the information absence state of the car, potential of vehicle's ECU attack looks.

KEYWORDS

ECU, security, vehicle attack, CAN message

Citation status

* References for papers published after 2023 are currently being built.

[confproc] D. K. Nilsson / 2008 / Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes / in Proceedings of the 68th IEEE Vehicular Technology Conference 2008(VTC 2008-Fall) : 1~5

[confproc] Marko Wolf / 2004 / security in automotive bus systems / In Proceedings of the Workshop on Embedded Security in Cars 2004 : 1~13

[confproc] Karl Koscher / 2010 / Experimental Security Analysis of a Modern Automobile / IEEE Symposium on Security and Privacy : 447~462

[web] / content of Car hacking / http://www.etnews.com/news/international/2510946_1496.html

[report] McAfee / Report on Automotive Systems Finds Prevelant Lack of Security in Today’s Vehicles, “Partners with Wind River and ESCRYPT to Provide Analysis of Emerging Risks in Automotive Embedded Systems”

[book] Gang-seok Kim / 2011 / Vehicle ECU through CAN communication from eavesdropping and manipulation of the analysis of the possibility of external threats / Korea University

[confproc] T. Hoppe / 2007 / Sniffing/Replay Attacks on CAN buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy / in Proceedings of the 2nd Workshop on Embedded Systems Security(WESS) : 1~6

[report] Tobias Hoppe / Exemplary Automotive Attack Scenarios - Trojan Horses for Electronic Throttle Control System (ETC) and Replay Attacks on the Power Window System, Automotive Security / VDI

[confproc] S. Checkoway / 2011 / Comprehensive experimental analyses of automotive attack surfaces / in Proceeding of SEC'11 Proceedings of the 20th USENIX conference on Security : 1~16

[confproc] I. Rouf / 2010 / Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study / In USENIX Security 2010 : 323~338

[confproc] S. Bono / 2005 / Security analysis of a cryptographically-enabled RFID device / in Proceeding of SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium : 1~15

[confproc] Thomas Eisenbarth / 2008 / On the power of power analysis in the real world: a complete break of the KEELOQ code hopping scheme / Proceeding of the 28th International Cryptology Conference-CRYPTO 2008

[confproc] Irshad Ahmed Sumra / 2011 / Classes of attacks in VANET / Proceedings of Electronics, Communications and Photonics Conference(SIECPC) : 1~5

[web] / Search for ECU pin numbers / http://www.globalserviceway.com/

[confproc] Xiao Ni / 2007 / AES Security Protocol Implementation for Automobile Remote Keyless System / in Proceedings of the 65th IEEE Vehicular Technology Conference 2007(VTC2007-Spring) : 2526~2529

[journal] 이혜련 / 2013 / Research of generate a test case to verify the possibility of external threat of the automotive ECU / 한국컴퓨터정보학회논문지 / 한국컴퓨터정보학회 18(9) : 21~31

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65