Assessing the Security of Internal Automotive Networks

dc.contributor.authorAlkoutli, Anas
dc.contributor.authorAnderlind, Joakim
dc.contributor.authorBjörnson, Carl-Johan
dc.contributor.authorDrage, Mathias
dc.contributor.authorThowsen, Morgan
dc.contributor.authorWelzel, Antonia
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.examinerBerger, Christian
dc.contributor.supervisorStaron, Miroslaw
dc.date.accessioned2021-09-14T08:40:35Z
dc.date.available2021-09-14T08:40:35Z
dc.date.issued2021sv
dc.date.submitted2020
dc.description.abstractContext In order to address the growing need for connectivity in today’s cars, the in-vehicle network has increased in complexity, now consisting of over 100 electrical control units. Balancing the level of security with high performance is non-trivial, and current networks have shown to sacrifice security measures for performance, therefore leaving the networks sensitive to both manipulation and information re trieval. Objective The first objective of this thesis was to assess the security of in-vehicle networks and identify potential security threats that may be exercised with commodity hardware and without expert knowledge in vehicular networking. Secondly, propose solutions to identified security vulnerabilities that act as a defence against the exercised attacks. Method The project was executed with the Design Science Research methodology, where an artefact is developed and evaluated through iterations. The artefact consists of commodity hardware and open software as well as our approach to simulate an attack of an uninitiated tamperer. The applying artefact was evaluated by testing it on vehicle test beds. The evaluation was also the basis for the assessment and in extension the proposed solutions. Results The in-vehicle network was susceptible to multiple attacks such as Man in-the-middle and Replay attacks. For instance, multiple components in the network were successfully manipulated through replay attacks on the network. The replay attacks were conducted in combination with a minimization algorithm which enabled reverse engineering of specific functions with high precision. This made it possible to not only take full control but to block user input. Moreover, Man-in-the-middle attacks on the Ethernet traffic yielded raw data indicating a lack of encryption and also enabled us to map the network topology. To resolve the aforementioned issues, this thesis proposes solutions at varying security levels that would have prevented our attacks; such as CAN bus message counters, MACsec for low-level protection against sniffing and TLS encryption for the confidentiality of raw data. Conclusions The project has shown that it is indeed possible to extract and manipulate data even with the limitations enforced in this project. In addition, it showed that the tested in-vehicle networks lack resilience against unauthorized access and manipulation. The proposed solutions protect against exercised attacks but are subject to future research in terms of implementation and overhead measurements.sv
dc.identifier.coursecodeTKITEsv
dc.identifier.urihttps://hdl.handle.net/20.500.12380/304115
dc.language.isoengsv
dc.setspec.uppsokTechnology
dc.subjectVehiclesv
dc.subjectNetwork Securitysv
dc.subjectCANsv
dc.subjectEthernetsv
dc.titleAssessing the Security of Internal Automotive Networkssv
dc.type.degreeExamensarbete på kandidatnivåsv
dc.type.uppsokM2
Ladda ner
Original bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
CSE 21-19 Group 27.pdf
Storlek:
16.95 MB
Format:
Adobe Portable Document Format
Beskrivning:
License bundle
Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.51 KB
Format:
Item-specific license agreed upon to submission
Beskrivning: