Master/Doctor Dissertation

Physical-Layer Identification Based on High-Resolution
Observation of Delay-Time in In-Vehicle Networks

The number of vehicles connected to the internet is increasing, and there is a concern for cyberattacks on Controller Area Network (CAN). CAN is an in-vehicle network protocol used for communication among Electronic Control Units (ECUs). The CAN message does not have source information for identifying the sender. Therefore, it is impossible to distinguish between a benign message sent from a legitimate ECU and a malicious message sent from an attacker so that some sender identification method based on the physical characteristics of the ECU has been studied.

Issues

A conventional method has been proposed to observe the delay-time of a CAN transceiver with an inexpensive device. However, if the difference in delay-time between some ECUs is lower than the time resolution of the inexpensive device, the conventional method could not classify the ECUs. In this study, we propose a source identification method based on high-resolution observation of delay-time using Time-Digital Converter (TDC) to improve the accuracy of ECU identification. We implement the experimental devices using FPGA and microcomputer to evaluate the proposed method for the identification of legitimate ECUs. As a result of the evaluation, the conventional method identifies ECUs with a mean accuracy rate of 81.43% in the CAN bus prototype and 76.75% in a real-vehicle. In contrast, the proposed method achieves an accuracy rate of 99.67% in the CAN bus prototype and 95.94% in a real-vehicle.

Proposed method.
Prototype IDS and attack experiment

Publication

  • 大平 修慈, Kibrom Araya Desta, 新井 イスマイル, 藤川 和利, "TDCによる遅延時間の高時間分解能観測に基づくCANメッセージの送信元識別手法," 研究報告コンピュータセキュリティ(CSEC), 情報処理学会, vol.2019-CSEC-87, no.12, pp1-8, 2019年12月.