Paolo Cerracchio, Stefano Longari, Michele Carminati, Stefano Zanero (Politecnico di Milano)

The evolution of vehicles has led to the integration of numerous devices that communicate via the controller area network (CAN) protocol. This protocol lacks security measures, leaving interconnected critical components vulnerable. The expansion of local and remote connectivity has increased the attack surface, heightening the risk of unauthorized intrusions. Since recent studies have proven external attacks to constitute a realworld threat to vehicle availability, driving data confidentiality, and passenger safety, researchers and car manufacturers focused on implementing effective defenses. intrusion detection systems (IDSs), frequently employing machine learning models, are a prominent solution. However, IDS are not foolproof, and attackers with knowledge of these systems can orchestrate adversarial attacks to evade detection. In this paper, we evaluate the effectiveness of popular adversarial techniques in the automotive domain to ascertain the resilience, characteristics, and vulnerabilities of several ML-based IDSs. We propose three gradient-based evasion algorithms and evaluate them against six detection systems. We find that the algorithms’ performance heavily depends on the model’s complexity and the intended attack’s quality. Also, we study the transferability between different detection systems and different time instants in the communication.

View More Papers

CP-IoT: A Cross-Platform Monitoring System for Smart Home

Hai Lin (Tsinghua University), Chenglong Li (Tsinghua University), Jiahai Yang (Tsinghua University), Zhiliang Wang (Tsinghua University), Linna Fan (National University of Defense Technology), Chenxin Duan (Tsinghua University)

Read More

WIP: An Adaptive High Frequency Removal Attack to Bypass...

Yuki Hayakawa (Keio University), Takami Sato (University of California, Irvine), Ryo Suzuki, Kazuma Ikeda, Ozora Sako, Rokuto Nagata (Keio University), Qi Alfred Chen (University of California, Irvine), Kentaro Yoshioka (Keio University)

Read More

Automatic Adversarial Adaption for Stealthy Poisoning Attacks in Federated...

Torsten Krauß (University of Würzburg), Jan König (University of Würzburg), Alexandra Dmitrienko (University of Wuerzburg), Christian Kanzow (University of Würzburg)

Read More

Beyond the Bytes: Understanding the Limitations of Intrinsic Binary...

Peter Lafosse (Owner and Co-Founder of Vector 35 Inc.)

Read More