March 6, 2021

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Two-Point Voltage Fingerprinting: Increasing Detectability of ECU Masquerading Attacks. (arXiv:2102.10128v1 [cs.CR])

Automotive systems continuously increase their dependency on Electronic
Control Units (ECUs) and become more interconnected to improve safety, comfort
and Advanced Driving Assistance Systems (ADAS) functions to passengers and
drivers. As a consequence of that trend, there is an expanding attack surface
which may potentially expose vehicle’s critical functions to cyberattacks. It
is possible for an adversary to reach the underlying Control Area Network (CAN)
through a compromised node or external-facing network interface, and launch
masquerading attacks that can compromise road and passenger safety. Due to lack
of native authentication in the CAN protocol, an approach to detect
masquerading attacks is to use ECU voltage fingerprinting schemes to verify
that the messages are sent by authentic ECUs. Though effective against simple
masquerading attacks, prior work is unable to detect attackers such as hardware
Trojans, which can mimic ECU voltages in addition to spoofing messages. We
introduce a novel Two-point ECU Fingerprinting scheme and demonstrate efficacy
in a controlled lab setting and on a moving vehicle. Our results show that our
proposed two-point fingerprinting scheme is capable of an overall F1-score over
99.4%. The proposed approach raises the bar for attackers trying to compromise
automotive security both remotely and physically, therefore improving security
and safety of autonomous vehicles.