Start Date
12-10-2019 1:00 PM
End Date
12-10-2019 1:25 PM
Location
KSU Center Rm 400
Abstract
This research provides a means of automating the process to reverse engineer an automobile’s CAN Bus to quickly recover CAN IDs and message values to control the various systems in a modern automobile. This approach involved the development of a Python script that uses several open-source tools to interact with the CAN Bus, and it takes advantage of several vulnerabilities associated with the CAN protocol. These vulnerabilities allow the script to conduct replay attacks against the CAN Bus and affect various systems in an automobile without the operator’s knowledge or interaction.
These replay attacks can be accomplished by capturing recorded network traffic and resending them to find which traffic conducts certain actions. Automobiles are becoming more reliant on computer systems and networks to operate, including the integration of wireless interfaces to interact with these systems (Avatefipour & Malik, 2018). These systems contain numerous vulnerabilities as they were not built with consideration to hacking (Wolf, Weimerskirch, & Paar, 2004). Creating a tool to automate the reverse engineering process allows for a better understanding of the CAN Bus and its vulnerabilities. The aim of this script is to allow the user to identify what specific packets captured from CAN Bus traffic will initiate selected actions in the automobile’s controls. The results show the user can repeatedly split and send log files to the CAN Bus to narrow down the files to a single packet that is starting the selected outputs of the CAN Bus using this script.
Included in
Automotive Engineering Commons, Information Security Commons, Management Information Systems Commons, Technology and Innovation Commons
Automated Reverse Engineering of Automotive CAN Bus Controls
KSU Center Rm 400
This research provides a means of automating the process to reverse engineer an automobile’s CAN Bus to quickly recover CAN IDs and message values to control the various systems in a modern automobile. This approach involved the development of a Python script that uses several open-source tools to interact with the CAN Bus, and it takes advantage of several vulnerabilities associated with the CAN protocol. These vulnerabilities allow the script to conduct replay attacks against the CAN Bus and affect various systems in an automobile without the operator’s knowledge or interaction.
These replay attacks can be accomplished by capturing recorded network traffic and resending them to find which traffic conducts certain actions. Automobiles are becoming more reliant on computer systems and networks to operate, including the integration of wireless interfaces to interact with these systems (Avatefipour & Malik, 2018). These systems contain numerous vulnerabilities as they were not built with consideration to hacking (Wolf, Weimerskirch, & Paar, 2004). Creating a tool to automate the reverse engineering process allows for a better understanding of the CAN Bus and its vulnerabilities. The aim of this script is to allow the user to identify what specific packets captured from CAN Bus traffic will initiate selected actions in the automobile’s controls. The results show the user can repeatedly split and send log files to the CAN Bus to narrow down the files to a single packet that is starting the selected outputs of the CAN Bus using this script.
Comments
The authors are grateful to the reviewer, and have addressed the reviewer's comments and suggestions. Two additional references are added with four previous examples of automotive hacks in recent literature at the reviewer's suggestion. A photo of the Korlan USB2CAN device is added as Figure 1 per the reviewer's comment. We have added a note on the future work we have begun by capturing data from three of four vehicles successfully to date. The only recommendation we did not take was changing the name of the paper, rather, we added two sections explaining the reverse engineering process in the paper.