Controller Area Network (CAN)

SmrtComp: Intelligent and Online CAN Data Compression

We introduce a novel Controller Area Network (CAN) traffic data compression mechanism that aims to achieve a much larger storage efficiency by storing recent data in a lossless format and compressing older data in increasingly lossy formats.

ZBCAN: A Zero-Byte CAN Defense System

We introduce a defense system that uses zero bytes of the automotive controller area network (CAN) frame to secure against the most common CAN attacks, including message injection, replay, fuzzing, impersonation, flooding, collision injection, bus-off, and network mapping attacks, without using message authentication codes.

Demo: Attacks on CAN Error Handling Mechanism

We discuss the security vulnerabilities of automotive controller area network (CAN) and present three attacks which exploit them.

Exposing new vulnerabilities of error handling mechanism in CAN

We discover three major vulnerabilities in the error handling mechanism of the automotive controller area network that could be exploited to launch a variety of attacks including a denial-of-service attack against benign electronic control units.

Cumulative message authentication codes for resource-constrained IoT networks

To provide message authenticity in IoT, we employ a speculation procedure for predicting future message values to achieve an advantageous trade-off between the cryptographic strength and the latency in processing of the message authentication codes.

Evading voltage-based intrusion detection on automotive CAN

We discover a novel tactic that can be exploited by two malicious electronic control units (ECUs) on an automotive controller area network to masquerade a benign ECU while evading voltage-based intrusion detection system.

Cumulative message authentication codes for resource-constrained networks

To provide message authenticity in IoT, we enable the verifier to achieve an advantageous trade-off between the cryptographic strength and the latency in processing of the message authentication codes.