CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

TL;DR

This paper introduces CAN Radar, a novel method using Time Domain Reflectometry to detect unknown devices and measure their distance in CAN networks, enhancing security by identifying covert attackers.

Contribution

The paper presents a new TDR-based approach for detecting unknown CAN devices and estimating their distance, addressing limitations of existing intrusion detection systems.

Findings

Successfully detects unknown CAN devices

Accurately estimates distance to attacker devices

Validated on real vehicle network

Abstract

The presence of security vulnerabilities in automotive networks has already been shown by various publications in recent years. Due to the specification of the Controller Area Network (CAN) as a broadcast medium without security mechanisms, attackers are able to read transmitted messages without being noticed and to inject malicious messages. In order to detect potential attackers within a network or software system as early as possible, Intrusion Detection Systems (IDSs) are prevalent. Many approaches for vehicles are based on techniques which are able to detect deviations from specified CAN network behaviour regarding protocol or payload properties. However, it is challenging to detect attackers who secretly connect to CAN networks and do not actively participate in bus traffic. In this paper, we present an approach that is capable of successfully detecting unknown CAN devices and determining the distance (cable length) between the attacker device and our sensing unit based on Time Domain Reflectometry (TDR) technique. We evaluated our approach on a real vehicle network.