@INPROCEEDINGS{Stabili2019Missing,
author={D. {Stabili} and M. {Marchetti}},
booktitle={2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall)},
title={Detection of Missing CAN Messages through Inter-Arrival Time Analysis},
year={2019},
volume={},
number={},
pages={1-7},
abstract={Recent cyber-attacks to real vehicles demonstrated the risks related to connected vehicles, and spawned several research effort aimed at proposing algorithms and architectural solutions to improve the security of these vehicles. Most of the documented attacks to the connected vehicles require the injection of maliciously forged messages to subvert the normal behaviour of the electronic microcontrollers. More recently, researchers discovered that by abusing error isolation mechanisms of the Controller Area Network (CAN), one of the protocols deployed for in-vehicle networking, it is possible to isolate a microcontroller from the vehicle internal network (namely bus-off attack), with possible severe implication on both safety and security. This vulnerability has already been exploited for gaining remote control of a vehicle, by driving a targeted microcontroller in bus-off and impersonating it through the injection of malicious messages on the CAN bus. This paper strives to counter bus-off attacks by proposing an algorithm for the detection of missing messages from the in- vehicle CAN bus. Bus-off attacks to in-vehicle network are simulated by removing messages from valid CAN traces recorded from an unmodified licensed vehicle. Experimental evaluations of our proposal and comparisons with previous work demonstrate that the proposed algorithms outperforms other detection algorithms, achieving almost perfect detection (F-score equal or near to 1.0) across different tests.},
keywords={automotive electronics;computer network security;controller area networks;microcontrollers;cyber-attacks;detection algorithms;unmodified licensed vehicle;in-vehicle network;CAN bus;malicious messages;targeted microcontroller;bus-off attack;vehicle internal network;in-vehicle networking;Controller Area Network;error isolation mechanisms;electronic microcontrollers;maliciously forged messages;documented attacks;connected vehicles;inter-arrival time analysis;Security;Protocols;Microcontrollers;Safety;Connected vehicles;Proposals;Automotive engineering},
doi={10.1109/VTCFall.2019.8891068},
ISSN={1090-3038},
month={Sep.},}