CANARY - A reactive defense mechanism for controller area networks based on active relays

Bogdan Groza, Lucian Popa, Pal Stefan Murvay, Yuval Elovici, Asaf Shabtai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations


We are rethinking the decades-old design of the CAN bus by incorporating reactive defense capabilities in it. While its reliability and cost effectiveness turned CAN into the most widely used in-vehicle communication interface, its topology, physical layer and arbitration mechanism make it impossible to prevent certain types of adversarial activities on the bus. For example, DoS attacks cannot be stopped as the physical layer gives equal rights to all the connected ECUs and an adversary may exploit this by flooding the network with high priority frames or cause transmission errors which may move honest ECUs into the bus-off state. In response to this, we propose a reactive mechanism based on relays placed along the bus that will change the network topology in case of an attack, i.e., a moving target defense mechanism, allowing a bus guardian to filter and redirect legitimate traffic. We take care of physical properties of the bus and keep the 120 Ω load constant at the end of the lines whenever relays are triggered to modify the topology of the bus. We build a proof-of-concept implementation and test it in a laboratory setup with automotive-grade controllers that demonstrates its functionality over collected real-world in-vehicle traffic. Our experiments show that despite short term disturbances when the relays are triggered, the frame loss is effectively zero.

Original languageEnglish
Title of host publicationProceedings of the 30th USENIX Security Symposium
PublisherUSENIX Association
Number of pages18
ISBN (Electronic)9781939133243
StatePublished - 1 Jan 2021
Event30th USENIX Security Symposium, USENIX Security 2021 - Virtual, Online
Duration: 11 Aug 202113 Aug 2021

Publication series

NameProceedings of the 30th USENIX Security Symposium


Conference30th USENIX Security Symposium, USENIX Security 2021
CityVirtual, Online

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'CANARY - A reactive defense mechanism for controller area networks based on active relays'. Together they form a unique fingerprint.

Cite this