LWSS: 抵禦對控制器區域網路攻擊的輕量級系統

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：30

、訪客IP：18.220.136.165

姓名

張凱威(Chang) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

LWSS: 抵禦對控制器區域網路攻擊的輕量級系統
(LWSS: A Lightweight System to Defeat Attacks on Controller Area Network)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 ( 永不開放)

摘要(中)

車聯網及自動駕駛車是未來的趨勢，相關的技術也在蓬勃發展，
目的是幫助免於交通意外事故及方便通訊。然而，技術的發展可以解
決問題，但也產生一些安全性問題。其中之一的問題是惡意的電子控
制單元(ECU)可能讓車子發生不可預期的災難，導致關鍵設備無法正
常使用，稱為阻斷服務攻擊；或是惡意的ECU監聽車上訊息，透過車
聯網外洩，導致駭客攻擊；或是惡意的ECU假意送出惡意訊息，讓行
車缺乏安全。
本研究提出一個輕量級的監測系統-LWSS，在不需修改通訊協
定，或影響原有運作下，透過車用控制器網路(Controller Area Network, CAN Bus)訊息傳送過程中，建立監測系統來偵測可能惡意
的ECU攻擊，並即時通知自動駕駛機制，轉成手動駕駛模式，確保行
車安全，期能達到防止惡意攻擊、控制汽車的目的。

摘要(英)

Telematics and self-driving vehicles are the future, and related technologies are flourishing to help prevent traffic accidents and facilitate
communication. However, the development of technology can solve the
problem, but also produce some safety issues. One of these problems
is that a malicious electronic control unit (ECU) can cause an unpredictable disaster in a vehicle, resulting in the failure of critical equipment, called a Denial of Service (DoS) attack; or a malicious ECU can
listen to messages in the vehicle and leak them through the vehicle network, leading to a hacking attack; or a malicious ECU can send malicious
messages under false pretenses, making the vehicle unsafe to drive.
Our research proposes a lightweight monitoring system - LWSS,
which does not need to modify the communication protocol or affect the
original operation, and establish a monitoring system to detect possible malicious ECU attacks during the transmission of messages through
the Controller Area Network (CAN Bus), and immediately notify the
automatic driving mechanism to switch to manual driving mode to ensure the safety of driving, which can achieve the purpose of preventing
malicious attacks and controlling the vehicle.

關鍵字(中)

★ 控制器區域網路
★ 電子控制單元
★ 入侵偵測系統
★ 阻斷服務攻擊

關鍵字(英)

★ Controller Area Network(CAN)
★ Electronic Control Unit(ECU)
★ Intrusion Detection Systems(IDS)
★ Denial of Service(DoS)

論文目次

Contents
摘要 .................................................................................................... i
Abstract.............................................................................................. ii
謝誌 .................................................................................................... iii
Contents ............................................................................................. iv
List of Figures..................................................................................... vi
List of Tables......................................................................................viii
1 Introduction ......................................................................... 1
2 Background .......................................................................... 7
2.1 ECU . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.2 CAN Bus . . . . . . . . . . . . . . . . . . . . . . . . 8
2.2.1 CAN Frames . . . . . . . . . . . . . . . . . . . . . . 8
2.2.2 Frame types . . . . . . . . . . . . . . . . . . . . . . 12
2.2.3 Error Detection . . . . . . . . . . . . . . . . . . . . 13
2.2.4 Error handling . . . . . . . . . . . . . . . . . . . . . 14
2.3 OBD-II . . . . . . . . . . . . . . . . . . . . . . . . . 14
2.4 PCAN . . . . . . . . . . . . . . . . . . . . . . . . . 16
2.5 SocketCAN . . . . . . . . . . . . . . . . . . . . . . . 16
3 Related Work ....................................................................... 18
4 Research Content and Methodology..................................... 21
4.1 Research Design . . . . . . . . . . . . . . . . . . . . 21
4.1.1 Intrusion alarm principle . . . . . . . . . . . . . . . 21
4.1.2 CAN Bus Wiring Diagram . . . . . . . . . . . . . . 22
4.2 Proposed Solution-LWSS . . . . . . . . . . . . . . . 22
5 Evaluation ............................................................................ 33
5.1 Experimental Environment . . . . . . . . . . . . . . 33
5.2 Detection Status . . . . . . . . . . . . . . . . . . . . 33
5.2.1 Detect Malicious ECU content attack . . . . . . . . . 35
iv
5.2.2 Detect Malicious ECU ID attack . . . . . . . . . . . 37
5.2.3 Detect DoS attack . . . . . . . . . . . . . . . . . . . 37
5.2.4 Detection ability of LWSS . . . . . . . . . . . . . . . 38
6 Discussions ........................................................................... 40
6.1 Evaluation Shortcomings . . . . . . . . . . . . . . . 40
6.2 Limitations . . . . . . . . . . . . . . . . . . . . . . . 41
6.3 Protection mechanism . . . . . . . . . . . . . . . . . 41
7 Conclusion............................................................................ 45
7.1 Conclusion . . . . . . . . . . . . . . . . . . . . . . . 45
7.2 Future Work . . . . . . . . . . . . . . . . . . . . . . 45
References........................................................................................... 55

參考文獻

References
[1] Tesla. Software updates. https://www.tesla.com/support/
software-updates, 2022. Online; accessed December 15, 2022.
[2] AUTOCRYPT. What are over-the-air (ota) car updates and why
are they important to security? https://autocrypt.io/whatis-over-the-air-car-update/, 2021. Online; accessed December 15, 2022.
[3] Christoph Hammerschmidt. Number of automotive ECUs continues to rise. https://www.eenewseurope.com/en/number-ofautomotive-ecus-continues-to-rise, May 15, 2019. Online; accessed October 02, 2022.
[4] Qualcomm. Improved v2x capabilities for safety and autonomous
driving. https://www.qualcomm.com/products/application/
automotive/c-v2x, 2022. Online; accessed December 15, 2022.
[5] ISO. ISO 11898-1. https://www.iso.org/standard/63648.html,
2015. Online; accessed October 02, 2022.
[6] Pasi Pyykönen, Aki Lumiaho, Matti Kutila, Johan Scholliers, and
Geerd Kakes. V2x-supported automated driving in modern 4g networks. In 2020 IEEE 16th International Conference on Intelligent
Computer Communication and Processing (ICCP), 2020.
[7] GAO. United states government accountability office: Vehicle cybersecurity - dot and industry have efforts under way, but dot
needs to define its role in responding to a realworld attack. https:
//www.gao.gov/assets/gao-16-350.pdf, 2016. Online; accessed
December 15, 2022.
47
[8] Van Huynh Le, Jerry den Hartog, and Nicola Zannone. Security and
privacy for innovative automotive applications: A survey. Computer
Communications, 132:17–41, November 2018.
[9] FAWAD ALI. 4 Ways Your Car Can Be Hacked and How to Prevent It. https://www.makeuseof.com/ways-your-car-can-behacked-prevent-it/, 2021. Online; accessed December 15, 2022.
[10] KIA UK. Vehicle to device. https://www.kia.com/uk/electrichybrid-cars/technology/vehicle-to-device/, 2022. Online;
accessed January 1, 2023.
[11] Ala Al-Fuqaha, Jun Oh, and Valerian Kwigizile. Vehicle-to-Device
(V2D) Communications: Readiness of the Technology and Potential
Applications for People with Disability. TRCLC 16-06, September
2018.
[12] VicOne. 智慧鑰匙、充電設施都可能會被駭客攻擊，vicone
公布 2022 車用資安報告. https://autos.chinatimes.com/
20221130003604-264301, 2022. Online; accessed January 1, 2023.
[13] BLUEBIRD. Rental Cars Not Entirely Immune From Cybercrime. https://www.barsnet.com/rental-cars-not-entirelyimmune-from-cybercrime/, 2020. Online; accessed December 15,
2022.
[14] N. Lu, N. Cheng, N. Zhang, X. Shen, and J. W. Mark. Connected
Vehicles: Solutions and Challenges. IEEE Internet of Things Journal, 1(4):289–299, August 2014.
[15] Trend Micro. 趨勢科技預警：汽車駭客鎖定車用公版系統伺機埋
入惡意程式，臺灣汽車供應鏈業者需留心. https://www.ithome.
com.tw/news/147955, 2021. Online; accessed October 02, 2022.
[16] PYMNTS. 5G, eSIM Turn Cars Into Cellphones, WiFi
Hotspots. https://www.pymnts.com/connectedeconomy/2022/
5g-esim-cars-cellphones-wifi-hotspots/, 2022. Online; accessed December 15, 2022.
48
[17] Numaan Huq, Craig Gibson, and Rainer Vosseler. Driving security into connected cars:threat model and recommendations.
https://documents.trendmicro.com/assets/white_papers/
wp-driving-security-into-connected-cars.pdf, 2020. Online; accessed December 15, 2022.
[18] CVEL. Automotive electronic systems. https://cecas.clemson.
edu/cvel/auto/systems/auto-systems.html, 2022. Online; accessed December 15, 2022.
[19] Vendor Press Releases. https://www.ithome.com.tw/pr/152659,
Aug, 2022. Online; accessed October 02, 2022.
[20] CISA. CAN BUS Standard Vulnerability. https://www.cisa.gov/
uscert/ics/alerts/ICS-ALERT-17-209-01, August 03, 2017.
Online; accessed October 02, 2022.
[21] Andy Greenberg. Hackers remotely kill a jeep on the highway—with
me in it. https://www.wired.com/2015/07/hackers-remotelykill-jeep-highway/, 2015. Online; accessed December 15, 2022.
[22] 黃彥棻. 【資安大會焦點直擊】智慧汽車漏洞現形記. https:
//www.ithome.com.tw/news/98538, 2015. Online; accessed December 15, 2022.
[23] TESLA MOTORS. Security experts reveal how a tesla model s was
hacked. https://www.hollywoodreporter.com/news/generalnews/security-experts-reveal-how-a-814062/, 2015. Online;
accessed December 15, 2022.
[24] ISO/SAE 21434. Security experts reveal how a tesla model s was
hacked. https://www.iso.org/standard/70918.html, 2021. Online; accessed December 15, 2022.
[25] MAJEED AHMAD. ISO/SAE 21434 auto cybersecurity standard:
Dawn of a new era? https://www.edn.com/iso-sae-21434-
auto-cybersecurity-standard-dawn-of-a-new-era/?_ga=2.
205244240.1365448253.1672389955-252578853.1671791950&
_gl=1*x5un5z*_ga*MjUyNTc4ODUzLjE2NzE3OTE5NTA.*_ga_
49
ZLV02RYCZ8*MTY3MjM4OTk1Ni4zLjAuMTY3MjM4OTk1Ni4wLjAuMA.,
2021. Online; accessed December 15, 2022.
[26] 羅正漢. 車輛網路安全ISO/SAE 21434標準出爐. https://www.
ithome.com.tw/news/147146, 2021. Online; accessed December
15, 2022.
[27] T. Hoppe, S. Kiltz, and J. Dittmann. Adaptive Dynamic Reaction to Automotive IT Security Incidents Using Multimedia Car
Environment. In 2008 The Fourth International Conference on Information Assurance and Security, pages 295–298, September 2008.
[28] ECU. https://zh.wikipedia.org/zh-tw/%E7%94%B5%E5%AD%
90%E6%8E%A7%E5%88%B6%E5%99%A8. Online; accessed November 20,
2022.
[29] CiA. History of can technology. https://www.can-cia.org/canknowledge/can/can-history/, 2022. Online; accessed December
15, 2022.
[30] Robert Bosch GmbH. CAN Specification. https:
//documents.trendmicro.com/assets/white_papers/wpdriving-security-into-connected-cars.pdf, 1991. Online;
accessed December 15, 2022.
[31] ISO. ISO 11898-1. https://www.iso.org/standard/63648.html,
2015. Online; accessed December 15, 2022.
[32] ISO. ISO 11898-2. https://www.iso.org/standard/67244.html,
2016. Online; accessed December 15, 2022.
[33] ISO. ISO 11898-3. https://www.iso.org/standard/36055.html,
2006. Online; accessed December 15, 2022.
[34] CAN protocol enhancement. https://can-newsletter.org/
uploads/media/raw/a97cf05a50e5acab5976710d0c5bf7ee.pdf.
Online; accessed December 20, 2022.
[35] Matej Kubis and Patrik Beno. Realization of communication via
the CAN bus. Transportation Research Procedia, 40:332–337, 01
2019.
50
[36] KVASER. The can bus protocol tutorial. https://www.kvaser.
com/can-protocol-tutorial/, 2022. Online; accessed December
15, 2022.
[37] TsaiiiY. CANBus Intro. https://ithelp.ithome.com.tw/
articles/10284348, 2022. Online; accessed December 15, 2022.
[38] Controller Area Network (CAN Bus) - Error Detection And Fault
Confinement. https://copperhilltech.com/blog/controllerarea-network-can-bus-error-detection-and-faultconfinement/. Online; accessed December 20, 2022.
[39] The importance of OBD-II. https://web.archive.org/
web/20160304193920/http://www.artc.org.tw/chinese/
03_service/03_02detail.aspx?pid=1595. Online; accessed
November 20, 2022.
[40] CSS Electronics. OBD2 Explained - A Simple Intro.
https://www.csselectronics.com/pages/obd2-explainedsimple-intro, 2015. Online; accessed January 1, 2023.
[41] PCAN-USB. https://www.peak-system.com/PCAN-USB.199.0.
html?&L=1. Online; accessed November 20, 2022.
[42] PCAN-USB Pro FD. https://www.peak-system.com/PCAN-USBPro-FD.366.0.html?&L=1. Online; accessed November 20, 2022.
[43] SocketCAN. https://en.wikipedia.org/wiki/SocketCAN. Online; accessed November 20, 2022.
[44] SocketCAN - Controller Area Network. https://docs.kernel.
org/networking/can.html. Online; accessed November 20, 2022.
[45] Marko Wolf, André Weimerskirch, and Christof Paar. Security in
automotive bus systems. In Workshop on Embedded IT-Security in
Cars, November 2004.
[46] Guzman. Hackers remotely kill Jeep’s engine on highway. https://www.cnbc.com/2015/07/21/hackers-remotelykill-jeep-engine-on-highway.html, 2015. Online; accessed August 29, 2022.
51
[47] C. Miller and C. Valase. Remote Exploitation of an Unaltered Passenger Vehicle. https://illmatics.com/Remote%
20Car%20Hacking.pdf, 2015. Online; accessed August 29, 2022.
[48] Xavier Aaronson. We Drove a Car While It Was Being Hacked. https://www.vice.com/en/article/ae33jk/wedrove-a-car-while-it-was-being-hacked, 2014. Online; accessed December 15, 2022.
[49] Kyong-Tak Cho and Kang G. Shin. Error Handling of In-vehicle
Networks Makes Them Vulnerable. In ACM CCS 2016, page
1044–1055, October 2016.
[50] Gedare Bloom. WeepingCAN: A Stealthy CAN Bus-off Attack.
In Third International Workshop on Automotive and Autonomous
Vehicle Security (AutoSec), February 2021.
[51] A. Palanca, E. Evenchick, F. Maggi, and S. Zanero. A Stealth,
Selective, Link-Layer Denial-of-Service Attack Against Automotive
Networks. In 14th International Conference, DIMVA 2017, 2017.
[52] TrendMicro. Iot 車聯網:這個安全漏洞可讓停車感應器、安全
氣囊失效! https://blog.trendmicro.com.tw/?p=52300, 2017.
Online; accessed December 15, 2022.
[53] Tristan Shale-Hester. VW emissions scandal: VW installed
‘defeat devices’ in thousands of cars, High Court finds.
https://www.autoexpress.co.uk/volkswagen/92893/vwemissions-scandal-vw-installed-defeat-devicesthousands-cars-high-court-finds, 2020. Online; accessed
December 15, 2022.
[54] Wikipedia. Volkswagen emissions scandal. https:
//en.wikipedia.org/wiki/Volkswagen_emissions_scandal,
2015. Online; accessed December 15, 2022.
[55] M. Contag, G. Li, A. Pawlowski, F. Domke, K. Levchenko, T. Holz,
and S. Savage. How They Did It: An Analysis of Emission Defeat Devices in Modern Automobiles. 2017 IEEE Symposium on
Security and Privacy (SP), pages 231–250.
52
[56] M. Müter, A. Groll, and F. C. Freiling. A structured approach to
anomaly detection for in-vehicle networks. In 2010 Sixth International Conference on Information Assurance and Security, pages
92–98, 2010.
[57] H. Lee, S.H. Jeong, and H.K. Kim. OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame. In 2017
15th Annual Conference on Privacy,Security and Trust (PST), page
57–5709, 2017.
[58] W. Choi, H. J. Jo, S. Woo, J. Y. Chun, J. Park, and D. H. Lee. Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks. IEEE Transactions on Vehicular Technology,
67(6):4757–4770, 2018.
[59] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Maci´a-Fern´andez, and
E. V´azquez. Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers Security, 28(1):18–28.
[60] Marcel Kneib and Christopher Huth. Scission: Signal
Characteristic-Based Sender Identification and Intrusion Detection
in Automotive Networks. In Conference on Computer and Communications Security, page 14, October 2018.
[61] K. Agrawal, T. Alladi, A. Agrawal, V. Chamola, and A. Benslimane.
NovelADS: A Novel Anomaly Detection System for Intra-Vehicular
Networks. IEEE Transactions on Intelligent Transportation Systems, 23(11):22596–22606, November 2022.
[62] V. Tanksale. Intrusion detection for controller area network using
support vector machines. In 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems Workshops (MASSW),
pages 121–126, November 2019.
[63] Florian Fenzl, Roland Rieke, and Andreas Dominik. In-vehicle detection of targeted CAN bus attacks. In The 16th International
Conference on Availability, Reliability and Security (ARES 2021),
page 7, August 2021.
53
[64] Attacking and defending vehicle groups. https://www.techbang.
com/posts/52653-hacking-team-tesla-will-be-thedefense-team-attacks-as-security-the-highest-priority.
Online; accessed November 20, 2022.
[65] Jürgen Wagenbach. CAN bus topology and bus termination. https://support.maxongroup.com/hc/en-us/articles/
360009241840-CAN-bus-topology-and-bus-termination, July
19, 2022. Online; accessed August 29, 2022.
[66] S4 + cluster. http://www.microport-taiwan.com/big5/
SingleP.asp?Category=573&PNo=4875&Url=Product&page=1.
Online; accessed November 20, 2022.
[67] Carusedjp. Why is the Water Temperature in my Car Too
High? https://carused.jp/blog/car-maintenance/why-isthe-water-temperature-in-my-car-too-high/, June 13, 2021.
Online; accessed August 29, 2022.
[68] Hercules. https://www.dgtech.com/software/#Hercules. Online; accessed October 02, 2022.
[69] Ford Mustang. https://www.ebay.com/itm/175477564811?
fits=Model%3AMustang%7CMake%3AFord&epid=1222689870&
hash=item28db47258b:g:eM0AAOSw1HdjZYft&amdata=enc%
3AAQAHAAAA4NcoX6rYrFgjXnd0f0VIyh5OPLH3bSOFKW72pSqhmsLr\r HgPjGiQEI2kbzpM6yXMZoE1T8bjL2F8t1K3hw31RRCIc8BX1Mr04Ju\r pLylJZOhv6Qz39xYgRX8FHvYvpOi30MjtIto0n%2FBgeQ9A%
2FFq3BCGIr3J6RfLmw34HvClKLlNRKQG1U8lmqkO7%
2BqRTX40q1mCF1YkeLofDGiYh40J0oVJqgDAwffAvoKpJ9jrFszoN3\r ZES%2BqaPB7wf7PYJsOb5ocD%2BUgXmQR0rMM5zNf8iWbxMiMbRunL\r uUcr3T0wpKDDPl%7Ctkp%3ABFBM7uXF6Zdh. Online; accessed
November 20, 2022.
[70] Wikipedia. Ford mustang (fifth generation). https://en.
wikipedia.org/wiki/Ford_Mustang_(fifth_generation),
2022. Online; accessed December 15, 2022.
54
[71] Chris Valasek and Charlie Miller. A survey of remote automotive attack surfaces. https://ioactive.com/pdfs/IOActive_Remote_
Attack_Surfaces.pdf, 2014. Online; accessed January 1, 2023.
[72] M. Wolf, A. Weimerskirch, and C. Paar. Secure In-Vehicle Communication. Springer Berlin Heidelberg-Embedded Security in Cars:
Securing Current and Future Automotive IT Applications, pages
95–109.
[73] VOLVO. Fleet management system fms. https://stpi.it.
volvo.com/STPIFiles/Volvo/FactSheet/FMS_Eng_02_675454.
pdf, 2011. Online; accessed January 1, 2023.
[74] T-Systems. Intrusion detection system: The security guard
in a connected car. https://www.t-systems.com/dk/en/
industries/automotive/automotive-security/intrusiondetection-system, 2022. Online; accessed December 15, 2022.
[75] Mike Borza. Why It’s Critical to Design in Security Early to Protect Automotive Systems from Hackers. https://blogs.synopsys.com/from-silicon-tosoftware/2021/05/20/ecu-automotive-cybersecurity/,
2021. Online; accessed January 1, 2023.
[76] infineon. Secure remote firmware updates and ecu integrity
protection. https://www.infineon.com/dgdl/InfineonISPN+Use+Case+Frauenhofer+Automotive+Firmware_V3-ABRv01_00-EN.pdf?fileId=5546d462576f34750157d80626b10ac7,
2016. Online; accessed January 1, 2023.

指導教授

許富皓

審核日期

2023-1-18

推文