Visible to the public Attack Graph-Based Assessment of Exploitability Risks in Automotive On-Board Networks

TitleAttack Graph-Based Assessment of Exploitability Risks in Automotive On-Board Networks
Publication TypeConference Paper
Year of Publication2018
AuthorsSalfer, Martin, Eckert, Claudia
Conference NameProceedings of the 13th International Conference on Availability, Reliability and Security
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-6448-5
KeywordsAttack Graph Construction, attack vectors, Human Behavior, network hardening, probabilistic model, pubcrawl, Resiliency, Scalability, security evaluation, security risk management, vehicle security, vulnerability assessment

High-end vehicles incorporate about one hundred computers; physical and virtualized ones; self-driving vehicles even more. This allows a plethora of attack combinations. This paper demonstrates how to assess exploitability risks of vehicular on-board networks via automatically generated and analyzed attack graphs. Our stochastic model and algorithm combine all possible attack vectors and consider attacker resources more efficiently than Bayesian networks. We designed and implemented an algorithm that assesses a compilation of real vehicle development documents within only two CPU minutes, using an average of about 100 MB RAM. Our proof of concept "Security Analyzer for Exploitability Risks" (SAlfER) is 200 to 5 000 times faster and 40 to 200 times more memory-efficient than an implementation with UnBBayes1. Our approach aids vehicle development by automatically re-checking the architecture for attack combinations that may have been enabled by mistake and which are not trivial to spot by the human developer. Our approach is intended for and relevant for industrial application. Our research is part of a collaboration with a globally operating automotive manufacturer and is aimed at supporting the security of autonomous, connected, electrified, and shared vehicles.

Citation Keysalfer_attack_2018