WEKO3
アイテム
IVNPROTECT: Isolable and Traceable Lightweight CAN-Bus Kernel-Level Protection for Securing in-Vehicle Communication
http://hdl.handle.net/10061/0002000199
http://hdl.handle.net/10061/00020001994b49d197-d683-4539-bd94-a7b66cead707
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
fulltext (388 KB)
|
|
| アイテムタイプ | 会議発表論文 / Conference Paper(1) | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2024-04-10 | |||||||||
| タイトル | ||||||||||
| タイトル | IVNPROTECT: Isolable and Traceable Lightweight CAN-Bus Kernel-Level Protection for Securing in-Vehicle Communication | |||||||||
| 言語 | ||||||||||
| 言語 | eng | |||||||||
| キーワード | ||||||||||
| 主題Scheme | Other | |||||||||
| 主題 | Automotive Security | |||||||||
| キーワード | ||||||||||
| 主題Scheme | Other | |||||||||
| 主題 | Controller Area Network | |||||||||
| キーワード | ||||||||||
| 主題Scheme | UDC | |||||||||
| 主題 | Intrusion Prevention System | |||||||||
| キーワード | ||||||||||
| 主題Scheme | Other | |||||||||
| 主題 | Operation System Kernel | |||||||||
| キーワード | ||||||||||
| 主題Scheme | Other | |||||||||
| 主題 | Loadable Kernel Module | |||||||||
| 資源タイプ | ||||||||||
| 資源タイプ | conference paper | |||||||||
| アクセス権 | ||||||||||
| アクセス権 | open access | |||||||||
| 著者 |
Ohira, Shuji
× Ohira, Shuji
× Desta, Araya Kibrom
× 新井, イスマイル× 藤川, 和利 |
|||||||||
| 抄録 | ||||||||||
| 内容記述タイプ | Abstract | |||||||||
| 内容記述 | Cyberattacks on In-Vehicle Networks (IVNs) are becoming the most urgent issue. The Controller Area Network (CAN), one of the IVNs, is a standard protocol for automotive networks. Many researchers have tackled the security issues of CAN, such as the vulnerability of Denial-of-Service (DoS) attacks and impersonation attacks. Though existing methods can prevent DoS attacks, they have problems in deployment cost, isolability of a compromised Electronic Control Unit (ECU), and traceability for the root cause of isolation. Thus, we tackle to prevent DoS attacks on CAN. To solve these problems of the existing methods, we propose an isolable and traceable CAN-bus kernel-level protection called IVNPROTECT. IVNPROTECT can be installed on an ECU, which has a wireless interface, just by the software updating because it is implemented in the CAN-bus kernel driver. We also confirm that our IVNPROTECT can mitigate two types of DoS attacks without distinguishing malicious/benign CAN identifie rs. After mitigating DoS attacks, IVNPROTECT isolates a compromised ECU with a security error state mechanism, which handles security errors in IVNPROTECT. And, we evaluate the traceability that an ECU with IVNPROTECT can report warning messages to the other ECUs on the bus even while being forced to send DoS attacks by an attacker. In addition, the overhead of IVNPROTECT is 9.049 $00B5s, so that IVNPROTECT can be installed on insecure ECUs with a slight side-effect. | |||||||||
| 書誌情報 |
en : Proceedings of the 9th International Conference on Information Systems Security and Privacy 巻 1, p. 17-28, 発行日 2023-02-22 |
|||||||||
| 会議情報 | ||||||||||
| 会議名 | Proceedings of the 9th International Conference on Information Systems Security and Privacy ICISSP | |||||||||
| 開始年 | 2023 | |||||||||
| 開始月 | 02 | |||||||||
| 開始日 | 22 | |||||||||
| 終了年 | 2023 | |||||||||
| 終了月 | 02 | |||||||||
| 終了日 | 24 | |||||||||
| 開催地 | Lisbon | |||||||||
| 開催国 | PRT | |||||||||
| 出版者 | ||||||||||
| 出版者 | SciTePress | |||||||||
| ISSN | ||||||||||
| 収録物識別子タイプ | EISSN | |||||||||
| 収録物識別子 | 2184-4356 | |||||||||
| 出版者版URI | ||||||||||
| 関連タイプ | isVersionOf | |||||||||
| 識別子タイプ | URI | |||||||||
| 関連識別子 | https://www.scitepress.org/PublicationsDetail.aspx?ID=T2UiM0VuhKY%3d&t=1 | |||||||||
| 権利 | ||||||||||
| 権利情報Resource | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |||||||||
| 権利情報 | c 2023 by SCITEPRESS $2013 Science and Technology Publications, Lda. Under CC license (CC BY-NC-ND 4.0) | |||||||||
| 著者版フラグ | ||||||||||
| 出版タイプ | AM | |||||||||
