TY - GEN
T1 - PanoptiCANs - Adversary-Resilient Architectures for Controller Area Networks
AU - Groza, Bogdan
AU - Popa, Lucian
AU - Andreica, Tudor
AU - Murvay, Pal Stefan
AU - Shabtai, Asaf
AU - Elovici, Yuval
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2022
Y1 - 2022
N2 - Inspired by Jeremy Bentham’s panopticon, i.e., an institutional building design in which a single security guard is able to monitor all detainees while they are unable to tell if they are being watched, we design the PanoptiCANs—a series of adversary-resilient CAN bus architectures. While DoS attacks are impossible to prevent on a regular bus topology, the PanoptiCANs are able to actively respond to them, as well as to generic attacks, by air gapping the network. The proposed modifications allow a bus guardian to monitor and isolate intruders on the bus while all traffic is redirected so that legitimate nodes carry on their tasks without significant disturbances. A decentralized version delegates these abilities to regular nodes, reducing costs and wire lengths, while also being able to localize and isolate the intruders much faster. We prove the effectiveness of the proposed topologies on an experimental setup with automotive grade controllers and collected in-vehicle traffic data. With the most effective architecture, intruders are isolated in a few milliseconds following single frame injections.
AB - Inspired by Jeremy Bentham’s panopticon, i.e., an institutional building design in which a single security guard is able to monitor all detainees while they are unable to tell if they are being watched, we design the PanoptiCANs—a series of adversary-resilient CAN bus architectures. While DoS attacks are impossible to prevent on a regular bus topology, the PanoptiCANs are able to actively respond to them, as well as to generic attacks, by air gapping the network. The proposed modifications allow a bus guardian to monitor and isolate intruders on the bus while all traffic is redirected so that legitimate nodes carry on their tasks without significant disturbances. A decentralized version delegates these abilities to regular nodes, reducing costs and wire lengths, while also being able to localize and isolate the intruders much faster. We prove the effectiveness of the proposed topologies on an experimental setup with automotive grade controllers and collected in-vehicle traffic data. With the most effective architecture, intruders are isolated in a few milliseconds following single frame injections.
UR - http://www.scopus.com/inward/record.url?scp=85140793634&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-17143-7_32
DO - 10.1007/978-3-031-17143-7_32
M3 - Conference contribution
SN - 9783031171420
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 658
EP - 679
BT - Computer Security – ESORICS 2022 - 27th European Symposium on Research in Computer Security, Proceedings
A2 - Atluri, Vijayalakshmi
A2 - Di Pietro, Roberto
A2 - Jensen, Christian D.
A2 - Meng, Weizhi
PB - Springer Science and Business Media Deutschland GmbH
CY - Cham
T2 - 27th European Symposium on Research in Computer Security, ESORICS 2022
Y2 - 26 September 2022 through 30 September 2022
ER -