Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
156 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

HackCar: a test platform for attacks and defenses on a cost-contained automotive architecture (2405.05023v1)

Published 8 May 2024 in cs.CR

Abstract: In this paper, we introduce the design of HackCar, a testing platform for replicating attacks and defenses on a generic automotive system without requiring access to a complete vehicle. This platform empowers security researchers to illustrate the consequences of attacks targeting an automotive system on a realistic platform, facilitating the development and testing of security countermeasures against both existing and novel attacks. The HackCar platform is built upon an F1-10th model, to which various automotive-grade microcontrollers are connected through automotive communication protocols. This solution is crafted to be entirely modular, allowing for the creation of diverse test scenarios. Researchers and practitioners can thus develop innovative security solutions while adhering to the constraints of automotive-grade microcontrollers. We showcase our design by comparing it with a real, licensed, and unmodified vehicle. Additionally, we analyze the behavior of the HackCar in both an attack-free scenario and a scenario where an attack on in-vehicle communication is deployed.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (42)
  1. Bosch. (1991) Can specification version 2.0.
  2. C. Miller and C. Valasek. (2014) Adventures in automotive networks and control units.
  3. Keen Security Lab of Tencent. (2016) Car hacking research: Remote attack tesla motors. [Online]. Available: http://keenlab.tencent.com/en/2016/09/19/Keen-Security-Lab-of-Tencent-Car-Hacking-Research-Remote-Attack-to-Tesla-Cars/
  4. M. Kneib and C. Huth, “Scission: Signal characteristic-based sender identification and intrusion detection in automotive networks,” in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’18.   New York, NY, USA: ACM, 2018, pp. 787–800. [Online]. Available: http://doi.acm.org/10.1145/3243734.3243751
  5. D. Stabili, L. Ferretti, M. Andreolini, and M. Marchetti, “Daga: Detecting attacks to in-vehicle networks via n-gram analysis,” IEEE Transactions on Vehicular Technology, vol. 10, p. 15, 2022.
  6. B. Groza, S. Murvay, A. van Herrewege, and I. Verbauwhede, “Libra-can: A lightweight broadcast authentication protocol for controller area networks,” in Cryptology and Network Security, J. Pieprzyk, A.-R. Sadeghi, and M. Manulis, Eds.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2012, pp. 185–200.
  7. R. Kurachi, Y. Matsubara, H. Takada, H. Ueda, and S. Horihata, “Cacan: Centralized authentication system in can (controller area network),” 2016.
  8. C. Miller and C. Valasek. (2015) Remote exploitation of an unaltered passenger vehicle. White paper of Blackhat US conference. [Online]. Available: http://illmatics.com/Remote%20Car%20Hacking.pdf
  9. S. Longari, C. A. Pozzoli, A. Nichelini, M. Carminati, and S. Zanero, “Candito: Improving payload-based detection of attacks on controller area networks,” in Cyber Security, Cryptology, and Machine Learning, S. Dolev, E. Gudes, and P. Paillier, Eds.   Cham: Springer Nature Switzerland, 2023, pp. 135–150.
  10. S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, “Comprehensive experimental analyses of automotive attack surfaces,” in Proceedings of the 20th USENIX Conference on Security, ser. SEC’11.   Berkeley, CA, USA: USENIX Association, 2011, pp. 6–6. [Online]. Available: http://dl.acm.org/citation.cfm?id=2028067.2028073
  11. H. Lee, K. Choi, K. Chung, J. Kim, and K. Yim, “Fuzzing CAN packets into automobiles,” in 2015 IEEE 29th Int’l Conf. on Advanced Information Networking and Applications, March 2015.
  12. K.-T. Cho and K. G. Shin, “Error handling of in-vehicle networks makes them vulnerable,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16.   New York, NY, USA: ACM, 2016, pp. 1044–1055. [Online]. Available: http://doi.acm.org/10.1145/2976749.2978302
  13. A. Palanca, E. Evenchick, F. Maggi, and S. Zanero, “A stealth, selective, link-layer denial-of-service attack against automotive networks,” in Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017, Bonn, Germany, July 6-7, 2017, Proceedings, 2017, pp. 185–206. [Online]. Available: https://doi.org/10.1007/978-3-319-60876-1_9
  14. K. Cho and K. G. Shin, “Viden: Attacker identification on in-vehicle networks,” CoRR, vol. abs/1708.08414, 2017. [Online]. Available: http://arxiv.org/abs/1708.08414
  15. M. Gmiden, M. H. Gmiden, and H. Trabelsi, “An intrusion detection method for securing in-vehicle CAN bus,” in Int’l Conf. Sciences and Techniques of Automatic Control and Computer Engineering, 2016.
  16. D. Stabili and M. Marchetti, “Detection of missing CAN messages through inter-arrival time analysis,” in 2019 IEEE 90th Vehicular Technology Conf., Sep. 2019.
  17. N. Nowdehi, W. Aoudi, M. Almgren, and T. Olovsson, “CASAD: CAN-aware stealthy-attack detection for in-vehicle networks,” 2019.
  18. S. Kramer, D. Ziegenbein, and A. Hamann, “Real world automotive benchmarks for free,” in 6th International Workshop on Analysis Tools and Methodologies for Embedded and Real-time Systems (WATERS), vol. 130, 2015.
  19. H. Elmqvist, S. E. Mattsson, H. Olsson, J. Andreasson, M. Otter, C. Schweiger, and D. Brück, “Real-time simulation of detailed automotive models,” in Proceedings, 2003, pp. 29–38.
  20. T. Buranathiti and J. Cao, “Benchmark simulation results: automotive underbody cross member (benchmark 2),” in AIP Conference Proceedings, vol. 778, no. 1.   American Institute of Physics, 2005, pp. 1004–1112.
  21. K. Gangel, Z. Hamar, A. Háry, Á. Horváth, G. Jandó, B. Könyves, D. Panker, K. Pintér, M. Pataki, M. Szalai et al., “Modelling the zalazone proving ground: a benchmark of state-of-the-art automotive simulators prescan, ipg carmaker, and vtd vires,” Acta Technica Jaurinensis, vol. 14, no. 4, pp. 488–507, 2021.
  22. I. Paranjape, A. Jawad, Y. Xu, A. Song, and J. Whitehead, “A modular architecture for procedural generation of towns, intersections and scenarios for testing autonomous vehicles,” in 2020 IEEE Intelligent Vehicles Symposium (IV), 2020, pp. 162–168.
  23. A. Wallace, S. Khastgir, X. Zhang, S. Brewerton, B. Anctil, P. Burns, D. Charlebois, and P. Jennings, “Validating simulation environments for automated driving systems using 3d object comparison metric,” in 2022 IEEE Intelligent Vehicles Symposium (IV), 2022, pp. 860–866.
  24. Z. Qiao, X. Sun, H. Loeb, and R. Mangharam, “Drive right: Shaping public’s trust, understanding, and preference towards autonomous vehicles using a virtual reality driving simulator,” in 2023 IEEE Intelligent Vehicles Symposium (IV), 2023, pp. 1–8.
  25. B. Ellies, C. Schenk, and P. Dekraker, “Benchmarking and hardware-in-the-loop operation of a 2014 mazda skyactiv 2.0 l 13: 1 compression ratio engine,” SAE Technical Paper, Tech. Rep., 2016.
  26. Y. Shao, M. A. M. Zulkefli, Z. Sun, and P. Huang, “Evaluating connected and autonomous vehicles using a hardware-in-the-loop testbed and a living lab,” Transportation Research Part C: Emerging Technologies, vol. 102, pp. 121–135, 2019.
  27. M. Abboush, D. Bamal, C. Knieke, and A. Rausch, “Hardware-in-the-loop-based real-time fault injection framework for dynamic behavior analysis of automotive software systems,” Sensors, vol. 22, no. 4, p. 1360, 2022.
  28. M. Pechinger, G. Schröer, K. Bogenberger, and C. Markgraf, “Hardware in the loop test using infrastructure based emergency trajectories for connected automated driving,” in 2020 IEEE Intelligent Vehicles Symposium (IV), 2020, pp. 357–362.
  29. P. Scheffe and B. Alrifaee, “A scaled experiment platform to study interactions between humans and cavs,” in 2023 IEEE Intelligent Vehicles Symposium (IV), 2023, pp. 1–6.
  30. D. Stabili, F. Pollicino, and A. Rota, “A benchmark framework for can ids,” in Italian Conference on Cybersecurity 2021 (ITASEC), April 2021, pp. 233–245.
  31. F. Pollicino, D. Stabili, and M. Marchetti, “Performance comparison of timing-based anomaly detectors for controller area network: A reproducible study,” ACM Trans. Cyber-Phys. Syst., jun 2023, just Accepted. [Online]. Available: https://doi.org/10.1145/3604913
  32. D. Stabili, R. Romagnoli, M. Marchetti, B. Sinopoli, and M. Colajanni, “A multidisciplinary detection system for cyber attacks on powertrain cyber physical systems,” Future Generation Computer Systems, vol. 144, pp. 151–164, 2023. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X23000602
  33. Traxxas. (2024) Ford Fiesta ST Rally 1:10 model. [Online]. Available: https://traxxas.com/products/models/electric/ford-fiesta-st-rally
  34. Hokuyo Automatic USA Corporation. (2024) UST-10LX. [Online]. Available: https://hokuyo-usa.com/products/lidar-obstacle-detection/ust-10lx
  35. NVIDIA. (2024) Jetson Nano Developer Kit. [Online]. Available: https://developer.nvidia.com/embedded/jetson-nano-developer-kit
  36. Open Robotics. (2024) Robot Operating System v2. [Online]. Available: https://github.com/ros2
  37. Infineon. (2024) AURIX Family - TC297TA. [Online]. Available: https://www.infineon.com/cms/en/product/microcontroller/32-bit-tricore-microcontroller/32-bit-tricore-aurix-tc2xx/aurix-family-tc297ta-adas/
  38. TRAMPA Boards. (2024) VESC 6 MkVI. [Online]. Available: https://trampaboards.com/vesc-6-mkvi--the-amazing-trampa-vesc-6-mkvi--gives-maximum-power-original-p-27536.html
  39. CANIS Automotive Labs. (2024) CANPico. [Online]. Available: https://canislabs.com/canpico/
  40. ——. (2024) CANHack. [Online]. Available: https://github.com/kentindell/canhack
  41. M. Marchetti and D. Stabili, “Anomaly detection of CAN bus messages through analysis of ID sequences,” in IEEE Proc. Intelligent Vehicles Symp., June 2017.
  42. D. Stabili, R. Romagnoli, M. Marchetti, B. Sinopoli, and M. Colajanni, “Exploring the consequences of cyber attacks on powertrain cyber physical systems,” 2022.
Citations (1)

Summary

We haven't generated a summary for this paper yet.

X Twitter Logo Streamline Icon: https://streamlinehq.com