dc.description.abstract |
The SAE J1939 protocol, built on the top of the CAN protocol, is a
standard for heavy-duty in-vehicle networks. This commercial vehicle
sector plays a significant role in various domains, including goods distribution,
public transportation, construction, agriculture, forestry and
marine vehicular technologies, etc., all of these being essential for the
global economy. Given the high degree of inter-connectivity of modern
vehicles and the numerous cyber-attacks reported in the past decade,
detecting and preventing intrusions on J1939 communications is crucial.
In the light of the above, this thesis proposes various intrusion detection
systems for CAN buses focusing on the SAE J1939 heavy-duty vehicle
buses. The techniques behind the design and implementation of these
IDS varies from the use of machine learning algorithms, to deterring
adversaries by concealing the content of CAN frames using symmetric
encryption, or performing a fine-grained analysis at the control system
level. A novel mechanism to decode the content of the CAN frames, ID
and data field is introduced, which paves the way for real-time destruction
of the intrusions before the complete reception of malicious frames.
Also, a more in-depth analysis performed at control system level opens
the road for complementing the traditional CAN bus attacks with more
knowledgeable attacks that can evade the intrusion detection and for designing
mitigation mechanisms to detect such attacks. The experimental
part builds on realistic frameworks deployed within an industry-standard
tool, i.e., the CANoe environment, which allows for the integration of
adversary models and intrusion detection. |
en_US |