Visible to the public Covert Channel-Based Transmitter Authentication in Controller Area Networks

TitleCovert Channel-Based Transmitter Authentication in Controller Area Networks
Publication TypeJournal Article
Year of Publication2021
AuthorsYing, Xuhang, Bernieri, Giuseppe, Conti, Mauro, Bushnell, Linda, Poovendran, Radha
JournalIEEE Transactions on Dependable and Secure Computing
Keywordsauthentication, Clocks, composability, compositionality, Controller area network (CAN), covert channel, covert channels, Cyber-Physical System (CPS) security, Intrusion detection, Manganese, Monitoring, Protocols, pubcrawl, resilience, Resiliency, Scalability, Throughput, Transmitter authentication, Transmitters
AbstractIn recent years, the security of automotive Cyber-Physical Systems (CPSs) is facing urgent threats due to the widespread use of legacy in-vehicle communication systems. As a representative legacy bus system, the Controller Area Network (CAN) hosts Electronic Control Units (ECUs) that are crucial for the vehicles functioning. In this scenario, malicious actors can exploit the CAN vulnerabilities, such as the lack of built-in authentication and encryption schemes, to launch CAN bus attacks. In this paper, we present TACAN (Transmitter Authentication in CAN), which provides secure authentication of ECUs on the legacy CAN bus by exploiting the covert channels. TACAN turns upside-down the originally malicious concept of covert channels and exploits it to build an effective defensive technique that facilitates transmitter authentication. TACAN consists of three different covert channels: 1) Inter-Arrival Time (IAT)-based, 2) Least Significant Bit (LSB)-based, and 3) hybrid covert channels. In order to validate TACAN, we implement the covert channels on the University of Washington (UW) EcoCAR (Chevrolet Camaro 2016) testbed. We further evaluate the bit error, throughput, and detection performance of TACAN through extensive experiments using the EcoCAR testbed and a publicly available dataset collected from Toyota Camry 2010.
NotesConference Name: IEEE Transactions on Dependable and Secure Computing
Citation Keyying_covert_2021