Auflistung nach Autor:in "Kneib, Marcel"
1 - 6 von 6
Treffer pro Seite
Sortieroptionen
- TextdokumentAssessment of Current Intrusion Detection System Concepts for Intra-Vehicle Communication(INFORMATIK 2020, 2021) Schell, Oleg; Reinhard, Jan Peter; Kneib, Marcel; Ring, MartinNowadays, vehicles incorporate a lot of electronics, which offer both advanced functionalities but also a great attack surface. Once having access to the communication network, an attacker can control critical functions like accelerating or steering. One possibility to detect these malicious intentions consists in the implementation of IDSs, which will even become mandatory via UN regulations in the future. Therefore, it is important for manufacturers and engineers to understand the opportunities and challenges of IDSs in the automotive environment. Giving an overview on these detection mechanisms is the primary goal of this elaboration. After the current vehicular communication architectures and protocols are outlined, potential attacks on the communication network are addressed. Afterwards, existing IDS concepts are presented, while the general requirements on these systems from an automotive perspective are stated and described next. Following the discussion on how to react to a detection, the elaboration is concluded with an outlook on what has still to be achieved to successfully integrate present IDSs into a vehicle.
- TextdokumentEffects of the Sampling Technique on Sender Identification Systems for the Controller Area Network(INFORMATIK 2020, 2021) Kneib, Marcel; Schell, OlegAs a result of the ongoing development of vehicle electronics and additional wireless communication interfaces, the possibilities for attacks and their negative consequences are increasing. Once an attacker has obtained access to the internal vehicle communication, in the case of the Controller Area Network (CAN) the attacker is able to forge all messages of the connected Electronic Control Units (ECUs) without a receiving ECU being able to recognize any suspicious behavior. The use of cryptographic methods is only possible to a limited extent due to restricted resources of the ECUs, which is why sender identification systems have been presented which are able to detect these kind of attacks. Presented approaches use different procedures to capture the analog signals on which the detection of attacks respectively the identification of the sender is based. This work shows that the impact on the performance of the sender identification system by the different sampling methods is minimal and therefore the selection of the appropriate technique can be mainly based on the available resources and the communication structure of the corresponding vehicle platform. This is shown on the one hand by the direct analysis of the analog signals captured from a real vehicle as well as by an evaluation of the previously introduced sampling methods using a recently published sender identification system. In addition, an assessment of the procedures based on different parameters shows which method is to be preferred for which application.
- AbstractHardware Accelerated Sender Identification for the Controller Area Network(crypto day matters 29, 2018) Klingenstein, Markus; Kneib, Marcel
- AbstractMachine Learning Based Sender Identification for Controller Area Network(crypto day matters 29, 2018) Schell, Oleg; Kneib, Marcel
- TextdokumentOn the Fingerprinting of Electronic Control Units Using Physical Characteristics in Controller Area Networks(INFORMATIK 2017, 2017) Kneib, Marcel; Huth, ChristopherMore and more connected features, like up-to-date maps or car-to-car communication, are added to our vehicles. Besides comfort and environmental benefits, those connections also enable attackers to cause high damages, as Miller and Valasek had shown with their remote hack of a Jeep Cherokee [MV15]. The exploited vulnerability caused a recall of 1.4 million vehicles. Such attacks are possible since no security mechanisms and no sender information are present in the Controller Area Network. Unfortunately, classical cryptographic algorithms cannot be added easily, due to its small payload size. A promising opportunity to increase security is to exploit physical information included in the received messages by extracting fingerprints. These allow to identify the sender of received messages, what can enhance detection or prevention of attacks. In the following, we impart the needed background and give an overview of the two known approaches to expand the Controller Area Network with sender identification.
- KonferenzbeitragA Survey on Sender Identification Methodologies for the Controller Area Network(SICHERHEIT 2020, 2020) Kneib, MarcelThe connectivity of modern vehicles is constantly increasing and consequently also the amount of attack vectors. Researchers have shown that it is possible to access internal vehicle communication via wireless connections, allowing the manipulation of safety-critical functions such as brakes and steering. If a Electronic Control Unit (ECU) can be compromised and is connected to the internal vehicle bus, attacks on the vehicle can be carried out in particular by impersonating other bus participants. Problematic is that the Controller Area Network (CAN), the most commonly used bus technology for internal vehicle communication, does not provide trustworthy information about the sender. Thus ECUs are not able to recognize whether a received message was sent by an authorized sender. Due to the limited applicability of cryptographic measures for the CAN, sender identification methods were presented that can determine the sender of a received message based on physical characteristics. Such approaches can increase the security of internal vehicle networks so that, for example, the manipulations can be limited to a single bus segment, thus preventing the propagation of the attack. This paper presents the different methodologies, which can mainly be divided into the categories time- and voltage-based, identifies problems as well as open questions and compares the existing approaches. The work thus offers an introduction into the topic, identifies possible research fields and enables a quick evaluation of the existing technologies.