Start Date

12-10-2019 1:00 PM

End Date

12-10-2019 1:25 PM

Location

KSU Center Rm 400

Abstract

This research provides a means of automating the process to reverse engineer an automobile’s CAN Bus to quickly recover CAN IDs and message values to control the various systems in a modern automobile. This approach involved the development of a Python script that uses several open-source tools to interact with the CAN Bus, and it takes advantage of several vulnerabilities associated with the CAN protocol. These vulnerabilities allow the script to conduct replay attacks against the CAN Bus and affect various systems in an automobile without the operator’s knowledge or interaction.

These replay attacks can be accomplished by capturing recorded network traffic and resending them to find which traffic conducts certain actions. Automobiles are becoming more reliant on computer systems and networks to operate, including the integration of wireless interfaces to interact with these systems (Avatefipour & Malik, 2018). These systems contain numerous vulnerabilities as they were not built with consideration to hacking (Wolf, Weimerskirch, & Paar, 2004). Creating a tool to automate the reverse engineering process allows for a better understanding of the CAN Bus and its vulnerabilities. The aim of this script is to allow the user to identify what specific packets captured from CAN Bus traffic will initiate selected actions in the automobile’s controls. The results show the user can repeatedly split and send log files to the CAN Bus to narrow down the files to a single packet that is starting the selected outputs of the CAN Bus using this script.

Comments

The authors are grateful to the reviewer, and have addressed the reviewer's comments and suggestions. Two additional references are added with four previous examples of automotive hacks in recent literature at the reviewer's suggestion. A photo of the Korlan USB2CAN device is added as Figure 1 per the reviewer's comment. We have added a note on the future work we have begun by capturing data from three of four vehicles successfully to date. The only recommendation we did not take was changing the name of the paper, rather, we added two sections explaining the reverse engineering process in the paper.

Share

COinS
 
Oct 12th, 1:00 PM Oct 12th, 1:25 PM

Automated Reverse Engineering of Automotive CAN Bus Controls

KSU Center Rm 400

This research provides a means of automating the process to reverse engineer an automobile’s CAN Bus to quickly recover CAN IDs and message values to control the various systems in a modern automobile. This approach involved the development of a Python script that uses several open-source tools to interact with the CAN Bus, and it takes advantage of several vulnerabilities associated with the CAN protocol. These vulnerabilities allow the script to conduct replay attacks against the CAN Bus and affect various systems in an automobile without the operator’s knowledge or interaction.

These replay attacks can be accomplished by capturing recorded network traffic and resending them to find which traffic conducts certain actions. Automobiles are becoming more reliant on computer systems and networks to operate, including the integration of wireless interfaces to interact with these systems (Avatefipour & Malik, 2018). These systems contain numerous vulnerabilities as they were not built with consideration to hacking (Wolf, Weimerskirch, & Paar, 2004). Creating a tool to automate the reverse engineering process allows for a better understanding of the CAN Bus and its vulnerabilities. The aim of this script is to allow the user to identify what specific packets captured from CAN Bus traffic will initiate selected actions in the automobile’s controls. The results show the user can repeatedly split and send log files to the CAN Bus to narrow down the files to a single packet that is starting the selected outputs of the CAN Bus using this script.

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.