Abdullah Zubair Mohammed (Virginia Tech), Yanmao Man (University of Arizona), Ryan Gerdes (Virginia Tech), Ming Li (University of Arizona) and Z. Berkay Celik (Purdue University)

The Controller Area Network (CAN) bus standard is the most common in-vehicle network that provides communication between Electronic Control Units (ECUs). CAN messages lack authentication and data integrity protection mechanisms and hence are vulnerable to attacks, such as impersonation and data injection, at the digital level. The physical layer of the bus allows for a one-way change of a given bit to accommodate prioritization; viz. a recessive bit (1) may be changed to a dominant one (0). In this paper, we propose a physical-layer data manipulation attack wherein multiple compromised ECUs collude to cause 0→1 (i.e., dominant to recessive) bit-flips, allowing for arbitrary bit-flips in transmitted messages. The attack is carried out by inducing transient voltages in the CAN bus that are heightened due to the parasitic reactance of the bus and non-ideal properties of the line drivers. Simulation results indicate that, with more than eight compromised ECUs, an attacker can induce a sufficient voltage drop to cause dominant bits to be flipped to recessive ones.

View More Papers

Demo #9: Dynamic Time Warping as a Tool for...

Mars Rayno (Colorado State University) and Jeremy Daily (Colorado State University)

Read More

Demo #1: Security of Multi-Sensor Fusion based Perception in...

Yulong Cao (University of Michigan), Ningfei Wang (UC, Irvine), Chaowei Xiao (Arizona State University), Dawei Yang (University of Michigan), Jin Fang (Baidu Research), Ruigang Yang (University of Michigan), Qi Alfred Chen (UC, Irvine), Mingyan Liu (University of Michigan) and Bo Li (University of Illinois at Urbana-Champaign)

Read More

Privacy in Urban Sensing with Instrumented Fleets, Using Air...

Ismi Abidi (IIT Delhi), Ishan Nangia (MPI-SWS), Paarijaat Aditya (Nokia Bell Labs), Rijurekha Sen (IIT Delhi)

Read More