Security analytics and forensics applied to in-vehicle networks are growing research areas that gained relevance after recent reports of cyber-attacks against unmodified licensed vehicles. However, the application of security analytics algorithms and tools to the automotive domain is hindered by the lack of public specifications about proprietary data exchanged over in-vehicle networks. Since the controller area network (CAN) bus is the de-facto standard for the interconnection of automotive electronic control units, the lack of public specifications for CAN messages is a key issue. This paper strives to solve this problem by proposing READ: A novel algorithm for the automatic Reverse Engineering of Automotive Data frames. READ has been designed to analyze traffic traces containing unknown CAN bus messages in order to automatically identify and label different types of signals encoded in the payload of their data frames. Experimental results based on CAN traffic gathered from a licensed unmodified vehicle and validated against its complete formal specifications demonstrate that the proposed algorithm can extract and classify more than twice the signals with respect to the previous related work. Moreover, the execution time of signal extraction and classification is reduced by two orders of magnitude. Applications of READ to CAN messages generated by real vehicles demonstrate its usefulness in the analysis of CAN traffic.
READ: Reverse engineering of automotive data frames / Marchetti, M.; Stabili, D.. - In: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY. - ISSN 1556-6013. - 14:4(2019), pp. 1083-1097.
|Data di pubblicazione:||2019|
|Titolo:||READ: Reverse engineering of automotive data frames|
|Autore/i:||Marchetti, M.; Stabili, D.|
|Digital Object Identifier (DOI):||http://dx.doi.org/10.1109/TIFS.2018.2870826|
|Codice identificativo ISI:||WOS:000450038000007|
|Codice identificativo Scopus:||2-s2.0-85053336621|
|Citazione:||READ: Reverse engineering of automotive data frames / Marchetti, M.; Stabili, D.. - In: IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY. - ISSN 1556-6013. - 14:4(2019), pp. 1083-1097.|
|Tipologia||Articolo su rivista|
I documenti presenti in Iris Unimore sono rilasciati con licenza Creative Commons Attribuzione - Non commerciale - Non opere derivate 3.0 Italia, salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris