Change Your Car's Filters: Efficient Concurrent and Multi-Stage Firewall for OBD-II Network Traffic

Modern cars offer one common interface to the outside, the OBD. Among the multitude of protocols that could exchange messages with the car's internal devices over OBD the CAN-BUS protocol is the most well-known; several commercial devices (so-called dongles) would allow to send and receive mess...

Full description

Saved in:
Bibliographic Details
Main Authors: Klement, Felix, Pohls, Henrich C., Katzenbeisser, Stefan
Format: Conference Proceeding
Language:English
Subjects:
CAN
Computer peripherals
Current measurement
Filtering
Firewalls (computing)
Information Flow Control
Network Security
OBD-II
Protocols
Prototypes
Telecommunication traffic
Vehicular Security
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Modern cars offer one common interface to the outside, the OBD. Among the multitude of protocols that could exchange messages with the car's internal devices over OBD the CAN-BUS protocol is the most well-known; several commercial devices (so-called dongles) would allow to send and receive messages without any user-controlled restrictions. In order to enable fine-grained filtering on the CAN - BUS we exploit a security weakness called man-in-the-middle: the car or dongle does not apply any origin authentication as neither digital signatures nor message authentication codes (MACs) are used. We are the first to present this approach and offer measurements for our concurrent and multi-stage design that enables a fine-grained and extensible filtering approach for all protocols within the OBD.
ISSN:2378-4873
DOI:10.1109/CAMAD55695.2022.9966902