Abdullah Zubair Mohammed (Virginia Tech), Yanmao Man (University of Arizona), Ryan Gerdes (Virginia Tech), Ming Li (University of Arizona) and Z. Berkay Celik (Purdue University)

The Controller Area Network (CAN) bus standard is the most common in-vehicle network that provides communication between Electronic Control Units (ECUs). CAN messages lack authentication and data integrity protection mechanisms and hence are vulnerable to attacks, such as impersonation and data injection, at the digital level. The physical layer of the bus allows for a one-way change of a given bit to accommodate prioritization; viz. a recessive bit (1) may be changed to a dominant one (0). In this paper, we propose a physical-layer data manipulation attack wherein multiple compromised ECUs collude to cause 0→1 (i.e., dominant to recessive) bit-flips, allowing for arbitrary bit-flips in transmitted messages. The attack is carried out by inducing transient voltages in the CAN bus that are heightened due to the parasitic reactance of the bus and non-ideal properties of the line drivers. Simulation results indicate that, with more than eight compromised ECUs, an attacker can induce a sufficient voltage drop to cause dominant bits to be flipped to recessive ones.

View More Papers

Binary Search in Secure Computation

Marina Blanton (University at Buffalo (SUNY)), Chen Yuan (University at Buffalo (SUNY))

Read More

WIP: On Robustness of Lane Detection Models to Physical-World...

Takami Sato (UC Irvine) and Qi Alfred Chen (UC Irvine)

Read More

“Mind your own cryptocurrency!”

Abbas Acar, Ege Tekiner, Selcuk Uluagac (Florida International University)

Read More

“So I Sold My Soul“: Effects of Dark Patterns...

Oksana Kulyk (ITU Copenhagen), Willard Rafnsson (IT University of Copenhagen), Ida Marie Borberg, Rene Hougard Pedersen

Read More