CPS: Breakthrough: Collaborative Research: Track and Fallback: Intrusion Detection to Counteract Carjack Hacks with Fail-Operational Feedback

CPS：突破：协作研究：跟踪和回退：入侵检测通过失败操作反馈来对抗劫车黑客

• 批准号: 2011620
• 负责人: Gedare Bloom
• 金额: $ 0.46万
• 依托单位: University of Colorado at Colorado Springs
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-12-01 至 2021-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2011620&HistoricalAwards=false
• 关键词: CPS; Breakthrough; Collaborative; Research; Track

The security of every vehicle on the road is necessary to ensure the safety of every person on or near roadways, whether a motorist, bicyclist, or pedestrian. Features such as infotainment, telematics, and driver assistance greatly increase the complexity of vehicles: top-of-the-line cars contain over 200 computers and 100 million lines of software code. With rising complexity comes rising costs to ensure safety and security. This project investigates novel methods to improve vehicular security by detecting malicious cyber attacks against a moving automobile and responding to those attacks in a manner that ensures the safety of humans in close proximity to the vehicle.The objective of this project is to protect in-vehicle networks from remote cyber attacks. The method of protection is a distributed in-vehicle network intrusion detection system (IDS) using information flow tracking and sensor data provenance in the cyber domain with novel approaches to address the physical uncertainty and time constraints of an automotive control system. When an intrusion is detected, the IDS triggers a fail-operational mode change to provide graceful degradation of service and initiate recovery without compromising human safety. Specific research aims of this project are to explore the design space of fail-operational IDS for automotive in-vehicle networks, to evaluate security and resiliency of an automobile using a fail-operational IDS, and to generalize fundamentals of a fail-operational IDS to other cyber-physical systems.

需要道路上每辆车的每辆车的安全性，以确保道路上或附近的每个人的安全，无论是驾车者，骑自行车的人还是行人。诸如信息娱乐，远程信息处理和驾驶员帮助之类的功能极大地增加了车辆的复杂性：顶级汽车包含200多个计算机和1亿行软件代码。随着复杂性的增加，成本上升以确保安全和保障。该项目通过发现恶意的网络攻击，以防止移动的汽车进行恶意的网络攻击，并以确保人类紧邻车辆的安全性来调查改善车辆安全性的新方法。该项目的目的是保护车内网络免受远程网络攻击。保护方法是使用信息流跟踪和网络域中的传感器数据出处的分布式车载网络入侵检测系统（IDS），采用新颖的方法来解决汽车控制系统的物理不确定性和时间限制。当检测到入侵时，IDS会触发失败的模式变化，以提供服务的优雅降级并启动恢复而不会损害人类安全。该项目的具体研究目的是探索用于汽车内网络的故障操作ID的设计空间，以使用故障操作ID来评估汽车的安全性和弹性，并将失败操作ID的基础知识推广到其他网络物质系统。

项目成果

SAIDuCANT: Specification-Based Automotive Intrusion Detection Using Controller Area Network (CAN) Timing

• DOI: 10.1109/tvt.2019.2961344
• 发表时间: 2020-02-01
• 期刊: IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
• 影响因子: 6.8
• 作者: Olufowobi, Habeeb;Young, Clinton;Bloom, Gedare
• 通讯作者: Bloom, Gedare

WeepingCAN: A Stealthy CAN Bus-off Attack

WeepingCAN：隐秘的 CAN 总线关闭攻击

• DOI: 10.14722/autosec.2021.23002
• 发表时间: 2021
• 期刊: Workshop on Automotive and Autonomous Vehicle Security
• 作者: Bloom, Gedare

Reverse Engineering Controller Area Network Messages Using Unsupervised Machine Learning

• DOI: 10.1109/mce.2020.3023538
• 发表时间: 2022-01-01
• 期刊: IEEE CONSUMER ELECTRONICS MAGAZINE
• 影响因子: 4.5
• 作者: Ezeobi, Uchenna;Olufowobi, Habeeb;Bloom, Gedare
• 通讯作者: Bloom, Gedare

Controller Area Network Intrusion Prevention System Leveraging Fault Recovery

利用故障恢复的控制器局域网入侵防御系统

• DOI: 10.1145/3338499.3357360
• 发表时间: 2019
• 期刊: Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy
• 作者: Olufowobi, Habeeb;Hounsinou, Sena;Bloom, Gedare
• 通讯作者: Bloom, Gedare

Vulnerability of Controller Area Network to Schedule-Based Attacks

• DOI: 10.1109/rtss52674.2021.00051
• 发表时间: 2021-12
• 期刊: 2021 IEEE Real-Time Systems Symposium (RTSS)
• 作者: Sena Hounsinou;Mark Stidd;Uchenna Ezeobi;Habeeb Olufowobi;M. Nasri;Gedare Bloom