Overall, the available data pigeon-holes CAN IDS works into testing on limited, often inappropriate data (usually with attacks that are too easily detectable to truly test the method), and this lack data has stymied comparability and reproducibility of results. Only one dataset provides signal-translated data but not a corresponding raw binary version. In general, the physical effects of attacks on the vehicle are not verified in the available datasets. Current public CAN IDS datasets are limited to real fabrication (simple message injection) attacks and simulated attacks often in synthetic data, which lack fidelity. To assist researchers, we present the first comprehensive guide to the existing open CAN intrusion datasets, including a quality analysis of each dataset and an enumeration of each's benefits, drawbacks, and suggested use case. Producing vehicular CAN data with a variety of intrusions is out of reach for most researchers as it requires expensive assets and expertise. A rapidly growing field of CAN security research has emerged that seeks to detect intrusions on CANs. Taken together we advance the state of the art for CAN attacks and blind attackers, while proposing a detection system against stealthy attacks, and the larger problem of CAN's abusable error frames.Īlthough ubiquitous in modern vehicles, Controller Area Networks (CANs) lack basic security properties and are easily exploitable. Finally, we propose a small modification to the CAN error process to ensure an ECU cannot fail without being detected, no matter how advanced the attacker is. Taking a limited attacker's chance of success from the percentage of dead bus time, to 100%. We propose a new technique which synchronizes the bus, such that even a blind attacker, incapable of reading the bus, can know when to transmit. But this attack, and all prior CAN attacks, rely on the ability to read the bus. We show that an attacker who can only flip bits 40% of the time can execute our stealthy attack 100% of the time. Performing this attack requires the ability to flip bits on the bus, but not with any level of sophistication. We propose a novel attack, undetectable by prior intrusion detection systems, which disables ECUs within a single message without generating any errors on the bus. Previous work abuses this process to disable ECUs, but is trivial to detect through the multiple errors transmitted over the bus.
If an ECU generates enough errors, their transmitter is put in a bus-off state, turning it off. Electronic Control Units (ECUs) exchange data across a shared bus, dropping messages whenever errors occur.
The CAN Bus is crucial to the efficiency, and safety of modern vehicle infrastructure.