Search Icon
Register

WeepingCAN: A Stealthy CAN Bus-off Attack

Gedare Bloom (University of Colorado Colorado Springs)

Best Paper Award Winner ($300 cash prize)!

The controller area network (CAN) is a high-value asset to defend and attack in automobiles. The bus-off attack exploits CAN’s fault confinement to force a victim electronic control unit (ECU) into the bus-off state, which prevents it from using the bus. Although pernicious, the bus-off attack has two distinct phases that are observable on the bus and allow the attack to be detected and prevented. In this paper we present WeepingCAN, a refinement of the bus-off attack that is stealthy and can escape detection. We evaluate WeepingCAN experimentally using realistic CAN benchmarks and find it succeeds in over 75% of attempts without exhibiting the detectable features of the original attack. We demonstrate WeepingCAN on a real vehicle.

Paper

View More Papers

Demo #1: Security of Multi-Sensor Fusion based Perception in...

Yulong Cao (University of Michigan), Ningfei Wang (UC, Irvine), Chaowei Xiao (Arizona State University), Dawei Yang (University of Michigan), Jin Fang (Baidu Research), Ruigang Yang (University of Michigan), Qi Alfred Chen (UC, Irvine), Mingyan Liu (University of Michigan) and Bo Li (University of Illinois at Urbana-Champaign)

Read More

Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement...

Sudheesh Singanamalla*†, Suphanat Chunhapanya*, Jonathan Hoyland*, Marek Vavruša*, Tanya Verma*, Peter Wu*, Marwan Fayed*, Kurtis Heimerl†, Nick Sullivan*, Christopher Wood* (*Cloudflare Inc. †University of Washington)

Read More

PyPANDA: Taming the PANDAmonium of Whole System Dynamic Analysis

Luke Craig, Tim Leek (MIT Lincoln Laboratory), Andrew Fasano, Tiemoko Ballo (MIT Lincoln Laboratory, Northeastern University), Brendan Dolan-Gavitt (New York University), William Robertson (Northeastern University)

Read More

Evading Voltage-Based Intrusion Detection on Automotive CAN

Rohit Bhatia (Purdue University), Vireshwar Kumar (Indian Institute of Technology Delhi), Khaled Serag (Purdue University), Z. Berkay Celik (Purdue University), Mathias Payer (EPFL), Dongyan Xu (Purdue University)

Read More