ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs

Sungwoo Kim; Gisu Yeo; Taegyu Kim; Junghwan "John" Rhee; Yuseok Jeon; Antonio Bianchi; Dongyan Xu; Dave Jing Tian

doi:10.1145/3488932.3523263

ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs

Sungwoo Kim, Gisu Yeo, Taegyu Kim, Junghwan "John" Rhee, Yuseok Jeon, Antonio Bianchi, Dongyan Xu, Dave Jing Tian

College of Information Sciences and Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Scopus citations

Abstract

Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backwardcompatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as busoff and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs.

Original language	English (US)
Title of host publication	ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security
Publisher	Association for Computing Machinery, Inc
Pages	534-545
Number of pages	12
ISBN (Electronic)	9781450391405
DOIs	https://doi.org/10.1145/3488932.3523263
State	Published - May 30 2022
Event	17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022 - Virtual, Online, Japan Duration: May 30 2022 → Jun 3 2022

Publication series

Name	ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security

Conference

Conference	17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022
Country/Territory	Japan
City	Virtual, Online
Period	5/30/22 → 6/3/22

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Computer Science Applications
Information Systems
Software

Access to Document

10.1145/3488932.3523263

Cite this

Kim, S., Yeo, G., Kim, T., Rhee, J., Jeon, Y., Bianchi, A., Xu, D., & Tian, D. J. (2022). ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs. In ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security (pp. 534-545). (ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security). Association for Computing Machinery, Inc. https://doi.org/10.1145/3488932.3523263

Kim, Sungwoo ; Yeo, Gisu ; Kim, Taegyu et al. / ShadowAuth : Backward-Compatible Automatic CAN Authentication for Legacy ECUs. ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2022. pp. 534-545 (ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security).

@inproceedings{9bb867dafc184affa6c53942628490ec,

title = "ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs",

abstract = "Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backwardcompatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as busoff and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs.",

author = "Sungwoo Kim and Gisu Yeo and Taegyu Kim and Rhee, {Junghwan {"}John{"}} and Yuseok Jeon and Antonio Bianchi and Dongyan Xu and Tian, {Dave Jing}",

note = "Funding Information: We thank the anonymous reviewers and Dr. Haehyun Cho for their valuable comments and suggestions. We also thank the open-source contributors and maintainers for their technical help. This project was supported in part by Office of Naval Research (ONR) under Grant N00014-18-1-2674 and N00014-20-1-2128, National Science Foundation (NSF) under Award Number CNS-2145744, and Defense Advanced Research Projects Agency (DARPA) under contract number N6600120C4031. This project was also supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2021R1F1A1049822). The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA or the U.S. Government. Any opinions, findings, and conclusions in this paper are those of the authors and do not necessarily reflect the views of our sponsors. Publisher Copyright: {\textcopyright} 2022 Owner/Author.; 17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022 ; Conference date: 30-05-2022 Through 03-06-2022",

year = "2022",

month = may,

day = "30",

doi = "10.1145/3488932.3523263",

language = "English (US)",

series = "ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery, Inc",

pages = "534--545",

booktitle = "ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security",

}

Kim, S, Yeo, G, Kim, T, Rhee, J, Jeon, Y, Bianchi, A, Xu, D & Tian, DJ 2022, ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs. in ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security. ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 534-545, 17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022, Virtual, Online, Japan, 5/30/22. https://doi.org/10.1145/3488932.3523263

ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs. / Kim, Sungwoo; Yeo, Gisu; Kim, Taegyu et al.
ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc, 2022. p. 534-545 (ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - ShadowAuth

T2 - 17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022

AU - Kim, Sungwoo

AU - Yeo, Gisu

AU - Kim, Taegyu

AU - Rhee, Junghwan "John"

AU - Jeon, Yuseok

AU - Bianchi, Antonio

AU - Xu, Dongyan

AU - Tian, Dave Jing

N1 - Funding Information: We thank the anonymous reviewers and Dr. Haehyun Cho for their valuable comments and suggestions. We also thank the open-source contributors and maintainers for their technical help. This project was supported in part by Office of Naval Research (ONR) under Grant N00014-18-1-2674 and N00014-20-1-2128, National Science Foundation (NSF) under Award Number CNS-2145744, and Defense Advanced Research Projects Agency (DARPA) under contract number N6600120C4031. This project was also supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2021R1F1A1049822). The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of DARPA or the U.S. Government. Any opinions, findings, and conclusions in this paper are those of the authors and do not necessarily reflect the views of our sponsors. Publisher Copyright: © 2022 Owner/Author.

PY - 2022/5/30

Y1 - 2022/5/30

N2 - Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backwardcompatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as busoff and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs.

AB - Controller Area Network (CAN) is the de-facto standard in-vehicle network system. Despite its wide adoption by automobile manufacturers, the lack of security design makes it vulnerable to attacks. For instance, broadcasting packets without authentication allows the impersonation of electronic control units (ECUs). Prior mitigations, such as message authentication or intrusion detection systems, fail to address the compatibility requirement with legacy ECUs, stealthy and sporadic malicious messaging, or guaranteed attack detection. We propose a novel authentication system called ShadowAuth that overcomes the aforementioned challenges by offering backwardcompatible packet authentication to ECUs without requiring ECU firmware source code. Specifically, our authentication scheme provides transparent CAN packet authentication without modifying existing CAN packet definitions (e.g., J1939) via automatic ECU firmware instrumentation technique to locate CAN packet transmission code, and instrument authentication code based on the CAN packet behavioral transmission patterns. ShadowAuth enables vehicles to detect state-of-the-art CAN attacks, such as busoff and packet injection, responsively within 60ms without false positives. ShadowAuth provides a sound and deployable solution for real-world ECUs.

UR - http://www.scopus.com/inward/record.url?scp=85133173982&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85133173982&partnerID=8YFLogxK

U2 - 10.1145/3488932.3523263

DO - 10.1145/3488932.3523263

M3 - Conference contribution

AN - SCOPUS:85133173982

T3 - ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security

SP - 534

EP - 545

BT - ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security

PB - Association for Computing Machinery, Inc

Y2 - 30 May 2022 through 3 June 2022

ER -

Kim S, Yeo G, Kim T, Rhee J, Jeon Y, Bianchi A et al. ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs. In ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security. Association for Computing Machinery, Inc. 2022. p. 534-545. (ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security). doi: 10.1145/3488932.3523263

ShadowAuth: Backward-Compatible Automatic CAN Authentication for Legacy ECUs

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this