CANOA: CAN Origin Authentication Through Power Side-Channel Monitoring

IF 2 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

ACM Transactions on Cyber-Physical Systems Pub Date : 2020-06-12 DOI:10.1145/3571288

Shailja Thakur, Carlos Moreno, S. Fischmeister

{"title":"CANOA: CAN Origin Authentication Through Power Side-Channel Monitoring","authors":"Shailja Thakur, Carlos Moreno, S. Fischmeister","doi":"10.1145/3571288","DOIUrl":null,"url":null,"abstract":"The lack of any sender authentication mechanism in place makes Controller Area Network (CAN) vulnerable to security threats. For instance, an attacker can impersonate an Electronic Control Unit (ECU) on the bus and send spoofed messages unobtrusively with the identifier of the impersonated ECU. To address this problem, we propose a novel source authentication technique that uses power consumption measurements of the ECU to authenticate the source of a message. A transmission of an ECU affects the power consumption and a characteristic pattern will appear. Our technique exploits the power consumption of each ECU during the transmission of a message to determine whether the message actually originated from the purported sender. We evaluate our approach in both a lab setup and a real vehicle. We also evaluate our approach against factors that can impact the power consumption measurement of the ECU. The results of the evaluation show that the proposed technique is applicable in a broad range of operating conditions with reasonable computational power requirements and attaining good accuracy.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2020-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3571288","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 3

Abstract

The lack of any sender authentication mechanism in place makes Controller Area Network (CAN) vulnerable to security threats. For instance, an attacker can impersonate an Electronic Control Unit (ECU) on the bus and send spoofed messages unobtrusively with the identifier of the impersonated ECU. To address this problem, we propose a novel source authentication technique that uses power consumption measurements of the ECU to authenticate the source of a message. A transmission of an ECU affects the power consumption and a characteristic pattern will appear. Our technique exploits the power consumption of each ECU during the transmission of a message to determine whether the message actually originated from the purported sender. We evaluate our approach in both a lab setup and a real vehicle. We also evaluate our approach against factors that can impact the power consumption measurement of the ECU. The results of the evaluation show that the proposed technique is applicable in a broad range of operating conditions with reasonable computational power requirements and attaining good accuracy.

查看原文本刊更多论文

CANOA：通过电源侧通道监控进行CAN起源认证

由于缺乏任何发送器身份验证机制，控制器局域网（CAN）容易受到安全威胁。例如，攻击者可以模拟总线上的电子控制单元（ECU），并使用模拟ECU的标识符不引人注目地发送伪造消息。为了解决这个问题，我们提出了一种新的源认证技术，该技术使用ECU的功耗测量来认证消息的源。ECU的变速器会影响功耗，并且会出现特性模式。我们的技术利用每个ECU在消息传输过程中的功耗来确定消息是否真的来自所谓的发送者。我们在实验室设置和实际车辆中评估我们的方法。我们还针对可能影响ECU功耗测量的因素来评估我们的方法。评估结果表明，所提出的技术适用于广泛的操作条件，具有合理的计算能力要求，并获得了良好的精度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Transactions on Cyber-Physical Systems COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-

CiteScore

5.70

自引率

4.30%

发文量

文献相关原料

公司名称	产品信息	采购帮参考价格