Evan Allen (Virginia Tech), Zeb Bowden (Virginia Tech Transportation Institute), J. Scot Ransbottom (Virginia Tech)

Attackers have found numerous vulnerabilities in the Electronic Control Units (ECUs) of modern vehicles, enabling them to stop the car, control its brakes, and take other potentially disruptive actions. Many of these attacks were possible because the vehicles had insecure In-Vehicle Networks (IVNs), where ECUs could send any message to each other. For example, an attacker who compromised an infotainment ECU might be able to send a braking message to a wheel. In this work, we introduce a scheme based on distributed firewalls to block these unauthorized messages according to a set “security policy” defining what transmissions each ECU should be able to send and receive. We leverage the topology of new switched, zonal networks to authenticate messages without cryptography, using Ternary Content Addressable Memory (TCAMs) to enforce the policy at wire-speed. Crucially, our approach minimizes the security burden on edge ECUs and places control in a set of hardened zonal gateways. Through an OMNeT++ simulation of a zonal IVN, we demonstrate that our scheme has much lower overhead than modern cryptography-based approaches and allows for realtime, low-latency (​<0.1 ms) traffic.

View More Papers

5G-Spector: An O-RAN Compliant Layer-3 Cellular Attack Detection Service

Haohuang Wen (The Ohio State University), Phillip Porras (SRI International), Vinod Yegneswaran (SRI International), Ashish Gehani (SRI International), Zhiqiang Lin (The Ohio State University)

Read More

Securing EV charging system against Physical-layer Signal Injection Attack...

Soyeon Son (Korea University) Kyungho Joo (Korea University) Wonsuk Choi (Korea University) Dong Hoon Lee (Korea University)

Read More

Decentralized Information-Flow Control for ROS2

Nishit V. Pandya (Indian Institute of Science Bangalore), Himanshu Kumar (Indian Institute of Science Bangalore), Gokulnath M. Pillai (Indian Institute of Science Bangalore), Vinod Ganapathy (Indian Institute of Science Bangalore)

Read More

Transpose Attack: Stealing Datasets with Bidirectional Training

Guy Amit (Ben-Gurion University), Moshe Levy (Ben-Gurion University), Yisroel Mirsky (Ben-Gurion University)

Read More