Enabling Auditing and Intrusion Detection of Proprietary Controller Area Networks
@inproceedings{Stone2018EnablingAA,
title={Enabling Auditing and Intrusion Detection of Proprietary Controller Area Networks},
author={Brent C. Stone},
year={2018}
}Several trends in the Cyber domain are converging to present an imminent threat to the safety and prosperity of people and property. Efforts by organizations and nations to automate the administration and functions of Cyber-Physical Systems (CPS) such as road vehicles and manufacturing plants have the side effect of connecting previously isolated CPS networks to the global Internet. These CPS networks routinely have ineffective or no Cyber-security measures in place since they were assumed to…
Figures and Tables from this paper
table 1 
figure 1 
table 2 
figure 2 
figure 3 
table 3 
figure 4 
table 4 
figure 5 
table 5 
figure 6 
table 6 
figure 7 
table 7 
figure 8 
table 8 
figure 9 
table 9 
figure 10 
table 10 
figure 11 
table 11 
figure 12 
table 12 
figure 13 
table 13 
figure 14 
figure 15 
figure 16 
figure 17 
figure 18 
figure 19 
figure 20 
figure 21 
figure 22 
figure 23 
figure 24 
figure 25 
figure 26 
figure 27 
figure 28 
figure 29 
figure 30 
figure 31 
figure 32 
figure 33 
figure 34 
figure 35 
figure 36 
figure 37 
figure 38 
figure 39 
figure 40 
figure 41 
figure 42 
figure 43 
figure 44 
figure 45 
figure 46 
figure 47 
figure 48 
figure 49 
figure 50 
figure 51 
figure 52 
figure 53 
figure 54 
figure 55 
figure 56 
figure 57 
figure 58 
figure 59 
figure 60 
figure 61 
figure 62 
figure 63 
figure 64 
figure 65 
figure 66 
figure 67 
figure 68 
figure 69 
figure 70 
figure 71 
figure 72 
figure 73
2 Citations
Critical Infrastructure Protection XIV: 14th IFIP WG 11.10 International Conference, ICCIP 2020, Arlington, VA, USA, March 16–17, 2020, Revised Selected Papers
- Computer ScienceCritical Infrastructure Protection
- 2020
An automated model with graph-based information flow traversal is described for identifying information flow paths in the Automatic Dependent Surveillance-Broadcast (ADS-B) system used in civilian aviation, and subsequently partitioning the flows into security domains.
I Know Where You Parked Last Summer : Automated Reverse Engineering and Privacy Analysis of Modern Cars
- Computer Science2020 IEEE Symposium on Security and Privacy (SP)
- 2020
The results show that car makers track the GPS position, the number of occupants, their weight, usage statistics of doors, lights, and AC, and that OEMs embed functions to remotely disable the car or get an alert when the driver is speeding.
References
SHOWING 1-10 OF 103 REFERENCES
Secure Cyber-Physical Systems: Current trends, tools and open research problems
- Computer ScienceDesign, Automation & Test in Europe Conference & Exhibition (DATE), 2017
- 2017
A review of current security trends and tools for secure CPS, and a detailed characterization of attacks reported on different cyber-physical systems, grouped according to their application domains, attack complexity, attack source and impact.
Anomaly-Based Detection of Malicious Activity in In-Vehicle Networks
- Computer Science
- 2017
The goals are to show that anomaly detection trained without understanding of the message contents can detect attacks, and to create a framework for understanding how the characteristics of a novel attack can be used to predict its detectability.
Field classification, modeling and anomaly detection in unknown CAN bus networks
- Computer ScienceVeh. Commun.
- 2017
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
- Computer ScienceCCS
- 2009
Techniques to extract the format of protocol messages sent by an application that implements a protocol specification, and to infer the field semantics for messages both sent and received by the application are proposed.
Automobile Driver Fingerprinting
- Computer ScienceProc. Priv. Enhancing Technol.
- 2016
This study experimentally investigates the potential to identify individuals using sensor data snippets of their natural driving behavior and finds that, at least among small sets, drivers are indeed distinguishable using only incar sensors.
Traffic to protocol reverse engineering
- Computer Science2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications
- 2009
A new methodology to extract the relevant fields from arbitrary binary protocols to construct a state model is presented, which is proved by deriving the state machine of documented protocols ARP, DHCP and TCP.
A novel semi-supervised approach for network traffic clustering
- Computer Science2011 5th International Conference on Network and System Security
- 2011
This work presents a novel semi-supervised learning method using constrained clustering algorithms that incorporates constraints in the course of clustering, indicating that the overall accuracy and cluster purity can be significantly improved.
Dissecting Customized Protocols: Automatic Analysis for Customized Protocols based on IEEE 802.15.4
- Computer ScienceWISEC
- 2016
A novel methodology to analyze and reconstruct unknown wireless customized protocols over IEEE 802.15.4 and develops an automatic analysis and spoofing tool called WPAN automatic spoofer (WASp) that can be used to understand and reconstruct customized protocols to byte-level accuracy, and to generate packets that could be used for verification of analysis results or spoofing attacks.
Protocol-Independent Adaptive Replay of Application Dialog
- Computer ScienceNDSS
- 2006
RolePlayer is presented, a system which, given examples of an application session, can mimic both the client side and the server side of the session for a wide variety of application protocols.
Analysis of Eight Data Mining Algorithms for Smarter Internet of Things (IoT)
- Computer ScienceEUSPN/ICTH
- 2016