Techniques for utilizing classification towards securing automotive controller area network and machine learning towards the reverse engineering of CAN messages

dc.contributor.advisor Joseph Zambreno
dc.contributor.author Young, Clinton
dc.contributor.department Department of Electrical and Computer Engineering
dc.date 2020-06-26T19:54:37.000
dc.date.accessioned 2020-06-30T03:21:51Z
dc.date.available 2020-06-30T03:21:51Z
dc.date.copyright Fri May 01 00:00:00 UTC 2020
dc.date.embargo 2020-06-23
dc.date.issued 2020-01-01
dc.description.abstract <p>The vehicle industry is quickly becoming more connected and growing. This growth is due to advancements in cyber physical systems (CPSs) that enhance the safety and automation in vehicle. The modern automobile consists of more than 70 electronic control units (ECUs) that communicate and interact with each other over automotive bus systems. Passenger comforts, infotainment features, and connectivity continue to progress through the growth and integration of Internet-of-Things (IoT) technologies. Common networks include the Controller Area Network (CAN), Local Interconnect Network (LIN), and FlexRay.</p> <p>However, the benefits of increased connectivity and features comes with the penalty of increased vulnerabilities. Security is lacking in preventing attacks on safety-critical control systems. I will explore the state of the art methods and approaches researchers have taken to identify threats and how to address them with intrusion detection. I discuss the development of a hybrid based intrusion detection approach that combines anomaly and signature based detection methods.</p> <p>Machine learning is a hot topic in security as it is a method of learning and classifying system behavior and can detect intrusions that alter normal behavior. In this paper, we discuss utilizing machine learning algorithms to assist in classifying CAN messages. I present work that focuses on the reverse engineering and classification of CAN messages. The problem is that even though CAN is standardized, the implementation may vary for different manufacturers and vehicle models. These implementations are kept secret, therefore CAN messages for every vehicle needs to be analyzed and reverse engineered in order to get information. Due to the lack of publicly available CAN specifications, attackers and researchers need to reverse engineer messages to pinpoint which messages will have the desired impact. The reverse engineering process is needed by researchers and hackers for all manufacturers and their respective vehicles to understand what the vehicle is doing and what each CAN message means. The knowledge of the specifications of CAN messages can improve the effectiveness of security mechanisms applied to CAN.</p>
dc.format.mimetype application/pdf
dc.identifier archive/lib.dr.iastate.edu/etd/17927/
dc.identifier.articleid 8934
dc.identifier.contextkey 18242501
dc.identifier.doi https://doi.org/10.31274/etd-20200624-106
dc.identifier.s3bucket isulib-bepress-aws-west
dc.identifier.submissionpath etd/17927
dc.identifier.uri https://dr.lib.iastate.edu/handle/20.500.12876/32110
dc.language.iso en
dc.source.bitstream archive/lib.dr.iastate.edu/etd/17927/Young_iastate_0097E_18702.pdf|||Fri Jan 14 21:31:14 UTC 2022
dc.subject.keywords Automotive Security
dc.subject.keywords Controller Area Network
dc.subject.keywords Intrusion Detection
dc.subject.keywords Machine Learning
dc.subject.keywords Reverse Engineering
dc.title Techniques for utilizing classification towards securing automotive controller area network and machine learning towards the reverse engineering of CAN messages
dc.type thesis
dc.type.genre thesis
dspace.entity.type Publication
relation.isOrgUnitOfPublication a75a044c-d11e-44cd-af4f-dab1d83339ff
thesis.degree.discipline Computer Engineering(Secureand Reliable Computing)
thesis.degree.level thesis
thesis.degree.name Doctor of Philosophy
File
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Young_iastate_0097E_18702.pdf
Size:
1.76 MB
Format:
Adobe Portable Document Format
Description: