Efficient ECU Analysis Technology Through Structure-Aware CAN Fuzzing

被引:2
作者
Kim, Hyunghoon [1 ]
Jeong, Yeonseon [2 ]
Choi, Wonsuk [3 ]
Lee, Doon Hoon [2 ]
Jo, Hyo Jin [1 ]
机构
[1] Soongsil Univ, Sch Software, Seoul 06978, South Korea
[2] Korea Univ, Sch Cybersecur, Seoul 02841, South Korea
[3] Hansung Univ, Div IT Convergence Engn, Seoul 136792, South Korea
关键词
Fuzzing; Monitoring; Standards; Reverse engineering; Microprogramming; Engines; Codes; ECU; CAN; vehicle hacking; CAN fuzzing; structure-aware CAN fuzzing;
D O I
10.1109/ACCESS.2022.3151358
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Modern vehicles are equipped with a number of electronic control units (ECUs), which control vehicles efficiently by communicating with each other through the controller area network (CAN). However, the CAN is known to be vulnerable to cyber attacks because it does not have any security mechanisms. To find vulnerable CAN messages that can control safety-critical functions in ECUs, researchers have studied CAN fuzzing methods. In existing CAN fuzzing methods, fuzzing input values are generally generated at random without considering the structure of CAN messages, resulting in non-negligible CAN fuzzing time. In addition, existing fuzzing solutions have limited monitoring capabilities of the fuzzing results. In this paper, we propose a Structure-aware CAN Fuzzing protocol, in which the structure of CAN messages is considered and fuzzing input values are systematically generated to locate vulnerable functions in ECUs. Our proposed Structure-aware CAN Fuzzing system takes less time to run than existing solutions, meaning that problematic CAN messages that may have originated from SW implementation errors or CAN DBC (database CAN) design errors can be found quickly and, subsequently, appropriate action can be taken. Finally, we evaluated the performance of our Structure-aware CAN Fuzzing system on two real vehicles. We proved that our proposed method can find CAN messages that control safety-critical functions in ECUs faster than existing fuzzing solutions.
引用
收藏
页码:23259 / 23271
页数:13
相关论文
共 24 条
  • [1] [Anonymous], 2003, 11898-1: 2003-Road Vehicles-Controller Area Network
  • [2] Bosch R., 1991, ROBER BOUSCH GMBH PO, V300240, P72
  • [3] Checkoway S., 2011, P 20 USENIX C SEC SE, V2011, P77
  • [4] Fuzz Testing for Automotive Cyber-security
    Fowler, Daniel
    Bryans, Jeremy
    Shaikh, Siraj Ahmed
    Wooderson, Paul
    [J]. 2018 48TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS WORKSHOPS (DSN-W), 2018, : 239 - 246
  • [5] A Method for Constructing Automotive Cybersecurity Tests, a CAN Fuzz Testing Example
    Fowler, Daniel S.
    Bryans, Jeremy
    Cheah, Madeline
    Wooderson, Paul
    Shaikh, Siraj A.
    [J]. 2019 COMPANION OF THE 19TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY (QRS-C 2019), 2019, : 1 - 8
  • [6] << I Know Where You Parked Last Summer >> Automated Reverse Engineering and Privacy Analysis of Modern Cars
    Frassinelli, Daniel
    Park, Sohyeon
    Nuernberger, Stefan
    [J]. 2020 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2020), 2020, : 1401 - 1415
  • [7] Deep Neural Networks for Acoustic Modeling in Speech Recognition
    Hinton, Geoffrey
    Deng, Li
    Yu, Dong
    Dahl, George E.
    Mohamed, Abdel-rahman
    Jaitly, Navdeep
    Senior, Andrew
    Vanhoucke, Vincent
    Patrick Nguyen
    Sainath, Tara N.
    Kingsbury, Brian
    [J]. IEEE SIGNAL PROCESSING MAGAZINE, 2012, 29 (06) : 82 - 97
  • [8] Kang TU, 2018, IEEE VTS VEH TECHNOL
  • [9] Experimental Security Analysis of a Modern Automobile
    Koscher, Karl
    Czeskis, Alexei
    Roesner, Franziska
    Patel, Shwetak
    Kohno, Tadayoshi
    Checkoway, Stephen
    Mccoy, Damon
    Kantor, Brian
    Anderson, Danny
    Shacham, Hovav
    Savage, Stefan
    [J]. 2010 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2010, : 447 - 462
  • [10] Fuzzing CAN Packets into Automobiles
    Lee, Hyeryun
    Choi, Kyunghee
    Chung, Kihyun
    Kim, Jaein
    Yim, Kangbin
    [J]. 2015 IEEE 29TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (IEEE AINA 2015), 2015, : 817 - 821