Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks

TL;DR

This paper introduces a physical-layer ECU identification method in CAN networks that detects compromised units by analyzing signal characteristics, enhancing security without altering existing vehicle communication standards.

Contribution

It presents a novel, deployable ECU identification technique based on signal features, improving detection accuracy and reducing false positives compared to previous methods.

Findings

Higher identification accuracy than existing methods

False positive rate more than twice lower

First to identify potential attack models in CAN networks

Abstract

In the last several decades, the automotive industry has come to incorporate the latest Information and Communications (ICT) technology, increasingly replacing mechanical components of vehicles with electronic components. These electronic control units (ECUs) communicate with each other in an in-vehicle network that makes the vehicle both safer and easier to drive. Controller Area Networks (CANs) are the current standard for such high quality in-vehicle communication. Unfortunately, however, CANs do not currently offer protection against security attacks. In particular, they do not allow for message authentication and hence are open to attacks that replay ECU messages for malicious purposes. Applying the classic cryptographic method of message authentication code (MAC) is not feasible since the CAN data frame is not long enough to include a sufficiently long MAC to provide effective authentication. In this paper, we propose a novel identification method, which works in the physical layer of an in-vehicle CAN network. Our method identifies ECUs using inimitable characteristics of signals enabling detection of a compromised or alien ECU being used in a replay attack. Unlike previous attempts to address security issues in the in-vehicle CAN network, our method works by simply adding a monitoring unit to the existing network, making it deployable in current systems and compliant with required CAN standards. Our experimental results show that the bit string and classification algorithm that we utilized yielded more accurate identification of compromised ECUs than any other method proposed to date. The false positive rate is more than 2 times lower than the method proposed by P.-S. Murvay et al. This paper is also the first to identify potential attack models that systems should be able to detect.