Connected and Autonomous Vehicle Cybersecurity Controller Area Network

Slides:



Advertisements
Similar presentations
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Advertisements

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
A Survey of Secure Wireless Ad Hoc Routing
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
overview Motivation Ongoing research on VANETs Introduction Objectives Applications Possible attacks Conclusion.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
Wireless Sensor Network Security Anuj Nagar CS 590.
A Lightweight Hop-by-Hop Authentication Protocol For Ad- Hoc Networks Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date:2005/01/20.
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Presented by: Nandhitha.M Under the guidance of: Mrs. Suma. R Associate profesor and Hod Dept of Computer Science and Engineering.
A Security-Aware Routing Protocol for Wireless Ad Hoc Networks
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
INTRADE (INTELLIGENT TRANSPORTATION FOR DYNAMIC ENVIRONMENT) PROJECT. FINAL WORKSHOP 4 & 5 DECEMBER 2014 Nacera Bahnes, Bouabdellah Kechar, Hafid Haffaf.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
Security in Mobile Ad Hoc Networks: Challenges and Solutions (IEEE Wireless Communications 2004) Hao Yang, et al. October 10 th, 2006 Jinkyu Lee.
P2 DAP-Sybil Attacks Detection in Vehicular Ad hoc Networks..
DETECTION AND IGNORING BLACK HOLE ATTACK IN VANET NETWORKS BASED LATENCY TIME CH. BENSAID S.BOUKLI HACENE M.K.FAROUAN 1.
VANETs. Agenda System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy → Anonymity Set → Tracking.
VEHICULAR AD HOC NETWORKS GAURAV KORDE KAPIL SHARMA.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Lecture 1 Introduction Dr. nermin hamza 1. Aim of Course Overview Cryptography Symmetric and Asymmetric Key management Researches topics 2.
BASIC CONCEPTS OF NETWORK. INDEX  Definition & applications of computer network  Components of computer network  Network benefits  Disadvantages of.
1Security for Service Providers – Dave Gladwin – Newport Networks – SIP ’04 – 22-Jan-04 Security for Service Providers Protecting Service Infrastructure.
Indian Institute Of Technology, Delhi Page 1 Enhancements in Security, Performance Modeling and Optimization in Vehicular Networks Ashwin Rao 2006SIY7513.
An Efficient and Practical Authenticated Communication Scheme for Vehicular Ad Hoc Networks Source: IEEE Transactions on Vehicular Technology, Reviewing.
Cryptography and Network Security
Presented by Edith Ngai MPhil Term 3 Presentation
Koji Nakao, Dai Arisue NICT, Japan
A brief introduction to IoT gateway
Introduction Wireless devices offering IP connectivity
Instructor Materials Chapter 6 Building a Home Network
VANET.
Wireless Protocols WEP, WPA & WPA2.
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
VANET.
Jack Pokrzywa Director Ground Vehicle Standards, SAE International
Packet Leashes: Defense Against Wormhole Attacks
Radius, LDAP, Radius used in Authenticating Users
Module 8: Securing Network Traffic by Using IPSec and Certificates
Information and Network Security
Adaptable safety and security in v2x systems
Transfer of data in ICT systems
Security in Networking
Project: IEEE P Interest Group for Wireless Personal Area Networks (WPANs) Submission Title: ITS OCC system based vehicle-to-vehicle communication.
Ariadne A Secure On-Demand Routing Protocol for Ad Hoc Networks
Mobile ad hoc networking: imperatives and challenges
Cryptography and Network Security
Vehicular Ad-hoc Network Survey
basics Richard Dunn CSE July 2, 2003.
Security Of Wireless Sensor Networks
ITIS 6010/8010 Wireless Network Security
The Secure Sockets Layer (SSL) Protocol
Privacy Preservation and Protection Scheme over ALARM on Geographical routing B. Muthusenthil, S. Murugavalli Results The PPS is geographical routing protocol,
Module 8: Securing Network Traffic by Using IPSec and Certificates
Antti Miettinen (modified by JJ)
Install AD Certificate Services
Network and security trends in connected cars
A lightweight biometrics based remote user authentication scheme for IoT services Source: Journal of Information Security and Applications Volume 34, Part.
Developing Vehicular Data Cloud Services in the IoT Environment
Welcome to the New Smart City by TrafficCast…
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Automotive V2X Market is set.
A Model For Network Security
Presentation transcript:

Connected and Autonomous Vehicle Cybersecurity Controller Area Network Brooks Beffa Dr. Lingfeng Wang ECU = Electronic Control Unit CAN = Controller Area Network OBD = On-Board Diagnostics Port VSN = Vehicle Sensor Network RSU = Roadside Unit Definitions Objectives Solution CAN Security Scheme Most vulnerable interfaces are part of the Infotainment system. These devices should be separated from safety-critical features by the security module. Additionally, a two-phase encryption scheme is implemented (1). ECU Authentication (Public Key): Upon startup, the Security Module (SM) broadcasts its certificate fSM and Public Key KSM+ across the network. Each ECU on the network should verify SM’s authenticity using fSM before responding with a registration message. The registration message for node n includes its certificate fn and a symmetric key kn to be used during Stream Authorization. All registration messages are encrypted with KSM+. The Security Module decrypts registration messages with its Private Key KSM- and saves kn for each ECU with a valid certificate. Stream Authorization (Symmetric Key): During operation, CAN messages are authorized using lightweight Symmetric Key Encryption. When ECU n wants to transmit a message, it must first request stream access. If the Security Module recognizes n as an authentic ECU, it provides a symmetric key kn to the source ECU, as well as all intended destinations. ECU n will encrypt its message with kn and transmit the stream. Now only the message’s intended destinations have kn and may decrypt the message. VSN Security Scheme Registration: In order to prevent an infinite number of malicious nodes form freely accessing the VSN, each user must register with valid identification such as Driver’s License/SSN, before being issued a smart card which enables access to the network. Login: When a valid user wishes to access a VSN, they must first login with their smart card and credentials. The user is then issued a Public Key Ku+ and Private Key Ku- to encrypt, decrypt, and sign messages with. Management: Road-Side Units (RSU’s) act as the computation hubs of a VSN. RSU’s are responsible for validating users, distributing keys, collecting information, and authenticating messages. Batch message authentication may be used to improve performance. To authenticate a message, its signature must be checked against the list of valid users. If a batch contains any illegitimate signatures, the batch is rejected (2). Removing Attackers: A Black Hole Attacker, for example, is one who always claims to have the freshest route to a destination, but drops packets instead of routing them. This can be detected by sending a ping to the intended destination. If no valid response is received, the node claiming to have a route can be reporting as suspicious. The RSU will then issue a fake route request to the suspicious node as bait, as seen in figure three. If the suspicious node responds to the fake request, it will be considered malicious and removed from the network (3). As modern vehicles continue to implement increasing levels of autonomy, their security becomes more important than ever. In addition to increasing levels of internal autonomy, modern vehicles are becoming increasingly connected, forming robust networks of vehicles and sensors. As many researchers continue to point out, the cybersecurity of these advanced systems needs to be a primary focus in order to ensure road safety. The aims of this research are twofold: Analyze current cyber-physical systems for vulnerabilities. Find emerging defense, detection, and mitigation techniques for the cyber threats that modern and next-generation systems face. Controller Area Network The Controller Area Network (CAN) has been the automotive standard for connecting Electronic Control Units (ECU’s) for more than 25 years. Connects all ECU’s within the vehicle through a common bus Broadcast Nature allows every node to see all transmitted messages Message Priority field determines order of transmission Fault-Tolerant, Unencrypted, 1Mbps transfer rate Entry Points Bluetooth and Wi-Fi connections CD Media Player On-Board Diagnostics Port Potential Attacks Priority Flooding (Availability) Suppress Target Node (Availability) Modify Target Message (Integrity) Fig. 2 – Controller Area Network (CAN) implementing Security Module for encryption and separation of Infotainment system from Safety-Critical features. Fig. 3 – Vehicular Sensor Network (VSN) consisting of two Roadside Units (RSU’s), four legitimate (black) vehicle nodes, and one malicious (red) vehicle node. Fig. 1 – Simple CAN bus with one malicious (red) node Vehicular Sensor Network A Vehicular Sensor Network (VSN) represents the interconnectivity of smart vehicles and the infrastructure supporting them. VSN’s support Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication to share information on road and traffic conditions. Integrity of this information is vital in order to prevent traffic congestion and vehicle collisions. Communication Protocols Dedicated Short-Range Communication (DSRC) Wireless Access in Vehicular Environment (WAVE) Ad-hoc On-demand Distance Vector (AODV) Vulnerabilities Malicious vehicles can provide false information (Integrity) Black Hole attackers may interrupt data transmission (Availability) Encryption Symmetric Key Encryption: Each pair of nodes shares a secret key value. This shared key is used to both encrypt and decrypt messages between two nodes. For a network of n nodes, the total number of keys needed is n (n-1) / 2. Public Key Encryption: In a public key system, each node n has a public key Kn+ and a private key Kn-. Public key Kn+ is used by other nodes to encrypt a message destined to node n. Then, n uses its private key Kn to decrypt the messages. Private keys are also used for message signatures. Bibliography Mundhenk, Philipp & Steinhorst, Sebastian & Lukasiewycz, Martin & Fahmy, Suhaib & Chakraborty, Samarjit. (2015). Lightweight Authentication for Secure Automotive Networks. 1-4. 10.7873/DATE.2015.0174. Li, Congcong & Zhang, Xi & Wang, Haiping & Li, Dongfeng. (2018). An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks. Sensors. 18. 194. 10.3390/s18010194. S. S. Albouq and E. M. Fredericks, "Lightweight Detection and Isolation of Black Hole Attacks in Connected Vehicles," 2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW), Atlanta, GA, 2017, pp. 97-104. doi: 10.1109/ICDCSW.2017.23

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.