CANAttack: Assessing Vulnerabilities within Controller Area Network

Damilola Oladimeji; Amar Rasheed; Cihan Varol; Mohamed Baza; Hani Alshahrani; Abdullah Baz

doi:10.3390/s23198223

CANAttack: Assessing Vulnerabilities within Controller Area Network

Sensors (Basel). 2023 Oct 2;23(19):8223. doi: 10.3390/s23198223.

Authors

Damilola Oladimeji¹, Amar Rasheed¹, Cihan Varol¹, Mohamed Baza², Hani Alshahrani³, Abdullah Baz⁴

Affiliations

¹ Department of Computer Science, Sam Houston State University, Huntsville, TX 77340, USA.
² Department of Computer Science, College of Charleston, Charleston, SC 29424, USA.
³ Department of Computer Science, College of Computer Science and Information Systems, Najran University, Najran 61441, Saudi Arabia.
⁴ Department of Computer Engineering, College of Computer and Information Systems, Umm Al-Qura University, Makkah 21955, Saudi Arabia.

Abstract

Current vehicles include electronic features that provide ease and convenience to drivers. These electronic features or nodes rely on in-vehicle communication protocols to ensure functionality. One of the most-widely adopted in-vehicle protocols on the market today is the Controller Area Network, popularly referred to as the CAN bus. The CAN bus is utilized in various modern, sophisticated vehicles. However, as the sophistication levels of vehicles continue to increase, we now see a high rise in attacks against them. These attacks range from simple to more-complex variants, which could have detrimental effects when carried out successfully. Therefore, there is a need to carry out an assessment of the security vulnerabilities that could be exploited within the CAN bus. In this research, we conducted a security vulnerability analysis on the CAN bus protocol by proposing an attack scenario on a CAN bus simulation that exploits the arbitration feature extensively. This feature determines which message is sent via the bus in the event that two or more nodes attempt to send a message at the same time. It achieves this by prioritizing messages with lower identifiers. Our analysis revealed that an attacker can spoof a message ID to gain high priority, continuously injecting messages with the spoofed ID. As a result, this prevents the transmission of legitimate messages, impacting the vehicle's operations. We identified significant risks in the CAN protocol, including spoofing, injection, and Denial of Service. Furthermore, we examined the latency of the CAN-enabled system under attack, finding that the compromised node (the attacker's device) consistently achieved the lowest latency due to message arbitration. This demonstrates the potential for an attacker to take control of the bus, injecting messages without contention, thereby disrupting the normal operations of the vehicle, which could potentially compromise safety.

Keywords: Controller Area Network (CAN); autonomous systems; intrusion; security; vulnerability andthreat modeling.

Grants and funding

The authors are thankful to the Deanship of Scientific Research at Najran University for funding this work under the Research Groups Funding Program Grant Code NU/RG/SERC/12/27. Also, the authors extend their appreciation to the Deanship for Research & Innovation, Ministry of Education in Saudi Arabia for funding this research work through the project number: IFP22UQU4260426DSR203.