CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks

Alvise De Faveri Tron, Stefano Longari, Michele Carminati, Mario Polino, Stefano Zanero

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Current research in the automotive domain has proven the limitations of the Controller Area Network (CAN) protocol from a security standpoint. Application-layer attacks, which involve the creation of malicious packets, are deemed feasible from remote but can be easily detected by modern Intrusion Detection Systems (IDSs). On the other hand, more recent link-layer attacks are stealthier and possibly more disruptive but require physical access to the bus. In this paper, we present CANflict, a software-only approach that allows reliable manipulation of the CAN bus at the data link layer from an unmodified microcontroller, overcoming the limitations of state-of-the-art works. We demonstrate that it is possible to deploy stealthy CAN link-layer attacks from a remotely compromised ECU, targeting another ECU on the same CAN network. To do this, we exploit the presence of pin conflicts between microcontroller peripherals to craft polyglot frames, which allows an attacker to control the CAN traffic at the bit level and bypass the protocol's rules. We experimentally demonstrate the effectiveness of our approach on high-, mid-, and low-end microcontrollers, and we provide the ground for future research by releasing an extensible tool that can be used to implement our approach on different platforms and to build CAN countermeasures at the data link layer.

Original languageEnglish
Title of host publicationCCS '22
Subtitle of host publicationProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages711-723
Number of pages13
ISBN (Electronic)9781450394505
DOIs
Publication statusPublished - Nov 2022
Event28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 - Los Angeles, United States
Duration: 7 Nov 202211 Nov 2022

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Conference

Conference28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022
Country/TerritoryUnited States
CityLos Angeles
Period7/11/2211/11/22

Bibliographical note

Funding Information:
This work was supported by the Dutch Science Organization NWO through project Intersect.

Publisher Copyright:
© 2022 ACM.

Keywords

  • automotive security
  • conflicting peripherals
  • controller area network
  • hardware attacks
  • polyglot frames

Fingerprint

Dive into the research topics of 'CANflict: Exploiting Peripheral Conflicts for Data-Link Layer Attacks on Automotive Networks'. Together they form a unique fingerprint.

Cite this