Cyber security of vehicle CAN bus
Pöyhönen, J., Kotilainen, P., Poikolainen, J., Kalmari, J., & Neittaanmäki, P. (2019). Cyber security of vehicle CAN bus. In T. Cruz, & P. Simoes (Eds.), ECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security (pp. 354-363). Academic Conferences International. Proceedings of the European conference on information warfare and security.
© The Author(s) 2019
There are currently many research projects underway concerning the intelligent transport system (ITS), with the intent to develop a variety of communication solutions between vehicles, roadside stations and services. In the near future, the roll-out of 5G networks will improve short-range vehicle-to-vehicle traffic and vehicle-to-infrastructure communications. More extensive services can be introduced due to almost non-delayed response time. Cyber security is central for the usability of the services and, most importantly, for car safety. The Controller Area Network (CAN) is an automation bus that was originally designed for real-time data transfer of distributed control systems to cars. Later, the CAN bus was developed as a universal automation system for many automation solutions. One of its characteristics is that bus traffic is not supervised in any way due to the lack of timing of control. In other words there are no authentication mechanism. This article highlights different approaches and their usability to reveal the car’s CAN bus malfunctions. The study complements earlier studies on the safety of vehicles in the CAN bus. Based on the test results, practical methods can be evaluated to detect changes in CAN bus traffic, such as targeted cyber-attacks. The article is based on the results of a study on the cybersecurity of cars conducted at the University of Jyväskylä (AaTi study). Initially, the AaTi study attempted to identify the message content of the bus and to detect interferences via the Neural network solution. However, the problem with the neural network was the computational performance required and the lack of prediction accuracy. After that the study was focused on experiments that were based on the arrival times of control messages, that is, their timing-based intrusion detection. In this sense the research did concentrate on kernel density estimation, one-class support vector machine solution, absolute deviation method and categorization. Due to methodological challenges, a method for detecting intrusions based on statistical processing of message traffic was ultimately developed as an outcome of the study. ...
PublisherAcademic Conferences International
Parent publication ISBN978-1-912764-28-0
ConferenceEuropean Conference on Cyber Warfare and Security
Is part of publicationECCWS 2019 : Proceedings of the 18th European Conference on Cyber Warfare and Security
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Juvonen, Antti (University of Jyväskylä, 2014)
Puuska, Samir (2021)For securing critical infrastructure, this thesis aims to develop a common operating picture system, establish methods for detecting targeted cyberattacks, and investigate exploits against machine learning -based decision ...
Peronius, Elina (2020)Koneoppimisen ominaisuudet ovat tehneet monista sen menetelmistä käytettyjä hyökkäysten havaitsemisessa. Nykyinen kirjallisuus, joka käsittelee koneoppimista hyökkäysten havaitsemissa, on vailla hyvää yleiskatsausta koko ...
Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets Vahdani Amoli, Payam (University of Jyväskylä, 2015)Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ...
Myllylä, Juuso (2021)Kyberhyökkäysten havaitsemisesta on tullut entistä vaikeampaa, nostaen onnistuneen tietomurron havaitsemisajan tyypillisesti yli puoleen vuoteen, jolloin keskimäärin hyökkäys maksaa lähes neljä miljoonaa dollaria kohteelle. ...