Journal of the Korea Society of Computer and Information (한국컴퓨터정보학회논문지)

Korean Society of Computer Information (한국컴퓨터정보학회)
권호 표지
DOI QR코드

DOI QR Code

Studies of the possibility of external threats of the automotive ECU through simulation test environment

자동차용 ECU의 CAN 메시지를 통한 자동차 공격 방법 연구

  • Received : 2013.09.03
  • Accepted : 2013.09.24
  • Published : 2013.11.29
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, security mechanism of internal network(CAN) of vehicle is a very incomplete state and the possibility of external threats as a way to build a test environment that you can easily buy from the market by the vehicle's ECU(Electric Control Unit) to verify and obtain a CAN message. Then, by applying it to ECU of the real car to try to attack is proposed. A recent study, Anyone can see plain-text status of the CAN message in the vehicle. so that in order to verify the information is vulnerable to attack from outside, analyze the data in a vehicle has had a successful attack, but attack to reverse engineering in the stationary state and buying a car should attempt has disadvantages that spatial, financial, and time costs occurs. Found through the car's ECU CAN message is applied to a real car for Potential threats outside of the car to perform an experiment to verify and equipped with a wireless network environment, the experimental results, proposed method through in the car to make sure the attack is possible. As a result, reduce the costs incurred in previous studies and in the information absence state of the car, potential of vehicle's ECU attack looks.

본 논문에서는 자동차의 내부 통신망(CAN)에 대한 보안 매커니즘이 매우 미비하여 외부로부터 위협 가능성이 높은 점을 검증하기 위한 방법으로 시중에서 쉽게 구입할 수 있는 자동차의 ECU(Electric Control Unit)을 이용하여 테스트 환경을 구축하여 CAN 메시지를 획득한 다음 자동차의 실제 ECU에 적용시켜 공격을 시도하는 방법을 제안한다. 최근 연구들 중에서는 자동차에서 누구나 쉽게 평문 상태의 CAN 메시지를 볼 수 있어 외부로부터 공격에 취약한 것을 보이기 위하여 실제 자동차에서 데이터를 분석한 내용을 가지고 공격을 성공시켰으나 차를 구입하여 고정시킨 상태에서 CAN 메시지를 추출하고, 이를 분석하여 공격을 시도함으로 공간적, 금전적, 시간적 비용을 발생시키는 단점을 가진다. 본 논문에서는 자동차의 외부 위협 가능성을 검증하기 위한 실험을 수행하기 위해 자동차의 ECU를 통해 찾아낸 CAN 메시지를 실제 자동차에 적용하되 무선 네트워크 환경을 갖추어 실험한 결과 제안한 방법을 통해 자동차에 공격이 가능함을 확인한다. 그 결과 기존 연구에서 발생하는 비용을 줄임과 동시에 자동차의 정보가 전혀 없는 상태에서 자동차 ECU의 공격 가능성을 보인다.

Keywords

References

  1. D. K. Nilsson, U. E. Larson, and E. Jonsson, "Efficient In-Vehicle Delayed Data Authentication Based on Compound Message Authentication Codes," in Proceedings of the 68th IEEE Vehicular Technology Conference 2008(VTC 2008-Fall), pp. 1-5, Sep. 2008.
  2. Marko Wolf, Andr'e Weimerskirch, Christof Paar, "security in automotive bus systems," In Proceedings of the Workshop on Embedded Security in Cars 2004, pp.1-13, 2004.
  3. Karl Koscher, Alexei Czeskis, Franziska Roesner, "Experimental Security Analysis of a Modern Automobile," IEEE Symposium on Security and Privacy, pp.447 - 462, May. 2010.
  4. content of Car hacking, http://www.etnews.com/news/international/251094 6_1496.html
  5. McAfee Report on Automotive Systems Finds Prevelant Lack of Security in Today's Vehicles, "Partners with Wind River and ESCRYPT to Provide Analysis of Emerging Risks in Automotive Embedded Systems"
  6. Gang-seok Kim, "Vehicle ECU through CAN communication from eavesdropping and manipulation of the analysis of the possibility of external threats," Korea University, 2011
  7. T. Hoppe and J. Dittman, "Sniffing/Replay Attacks on CAN buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy," in Proceedings of the 2nd Workshop on Embedded Systems Security(WESS), pp.1-6, Oct. 2007.
  8. Tobias Hoppe, Stefan Kiltz, Andreas Lang, Jana Dittmann, "Exemplary Automotive Attack Scenarios - Trojan Horses for Electronic Throttle Control System (ETC) and Replay Attacks on the Power Window System, Automotive Security," VDI reports
  9. S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, and T. Kohno, "Comprehensive experimental analyses of automotive attack surfaces," in Proceeding of SEC'11 Proceedings of the 20th USENIX conference on Security, pp.1-16, 2011.
  10. I. Rouf, R. Miller, H. Mustafa, T. Taylor, S. Oh, W. Xu, M. Gruteser, W. Trappe, and I. Seskar. "Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study," In USENIX Security 2010, pp. 323-338, Aug. 2010.
  11. S. Bono, M. Green, A. Stubblefield, A. Juels, A. Rubin, and M. Szydlo, "Security analysis of a cryptographically-enabled RFID device," in Proceeding of SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium, pp. 1-15. 2005
  12. Thomas Eisenbarth, Timo Kasper, Amir Moradi, Christof Paar, Mahmoud Salmasizadeh, Mohammad T. Manzuri Shalmani, "On the power of power analysis in the real world: a complete break of the KEELOQ code hopping scheme," in Proceeding of the 28th International Cryptology Conference-CRYPTO 2008, pp.203-220, Aug. 2008.
  13. Irshad Ahmed Sumra, Iftikhar Ahmad, Halabi Hasbullah, Jamalul-lail bin Ab Manan "Classes of attacks in VANET," in Proceedings of Electronics, Communications and Photonics Conference(SIECPC), 2011 Saudi International, pp.1-5, April. 2011.
  14. Search for ECU pin numbers, http://www.globalserviceway.com/
  15. Xiao Ni, Weiren Shi, Victor Foo Siang Fook, "AES Security Protocol Implementation for Automobile Remote Keyless System," in Proceedings of the 65th IEEE Vehicular Technology Conference 2007(VTC2007-Spring). pp.2526-2529, April 2007.
  16. Hye-ryun Lee, Kyoung-jin Kim, Gi-hyun Jung, Kyung-hee Choi, "Research of generate a test case to verify the possibility of external threat of the automotive ECU," The Korea Society of Computer and Information, pp21-31, Sep. 2013. https://doi.org/10.9708/jksci.2013.18.9.021

Cited by

  1. CloudSwitch: A State-aware Monitoring Strategy Towards Energy-efficient and Performance-aware Cloud Data Centers vol.9, pp.12, 2015, https://doi.org/10.3837/tiis.2015.12.002
  2. 외부 해킹 방지를 위한 CAN 네트워크 침입 검출 알고리즘 개발 vol.20, pp.2, 2013, https://doi.org/10.21289/ksic.2017.20.2.177