UTSCybeR

Reverse Engineering Approaches to Vehicular Networks

Project background

The automotive industry is experiencing unprecedented technological changes, driven by the advent of digital technologies, autonomous driving and connected vehicles. Car manufacturers are constantly working on new technologies to improve road safety and user convenience, to save life and time.

Demonstration: Remote Hacking Demo

Unfortunately, car thieves and hackers are hot on their heels in trying to find ways to exploit these technologies. The global market for connected cars will double within the next few years, with exponential growth of the connected features that make our trips safer and more enjoyable.

However, the increasing number of smart features built into cars opens the door to a serious threat – hacker attacks. Because connected cars are linked with the internet and their crucial parts are interconnected over a network, adversaries have the potential to remotely access and manipulate the data being exchanged. This situation could lead to a number of problems, such as leaked personal information, overcoming vehicle’s security mechanisms, or even full remote control of the car.

One of the basic steps to gain access to vehicle systems is to eavesdrop or interlink with vehicular network communication. For this it is necessary to reverse engineer the usually encrypted and protected communication on these networks.

With current CAN bus systems, this can be achieved with trial and error approaches and the necessary time and patience to test through all relevant functionality. Future systems might be protected against these reverse engineering approaches through their sheer complexity and higher levels of encryption, however more sophisticated approaches and the continuous increase in computation power might render this advantage obsolete over time.

To determine appropriate counter measures in future networks, a clear knowledge and understanding of such new approaches is necessary.

Demonstration: iMove IAG UTS Vehicle Security Project Introduction

This project aims at developing new highly efficient cyber schemes to reverse engineer vehicular network communications. We start with contemporary vehicle networks by reviewing and demonstrating existing methods to identify & understand black-box vehicular network communications and existing cyber defence schemes. Further research and development will expand this to future network designs, incorporate V2X connectivity and determine new methodologies to reduce the time to gain access and to deal with higher levels of security. Cyber security solutions will be designed and implemented to address security challenges in vehicular and V2X networks. Research publications will be generated throughout the project.

Project objectives

This project will start by reviewing and demonstrating existing approaches to exploit vehicular network vulnerabilities and contemporary cybersecurity defence schemes.

Further research and development will develop methodologies that can be applied to more complex and more heavily shielded vehicular and V2X networks utilizing new mathematical approaches and advanced computation technology.

In a final step we will use this technology to determine possible future vulnerabilities in V2X network environments and to develop appropriate cyber security solutions. IP and research publications will be generated throughout the project.

Specifically, it will:

  • Develop demonstrations to showcase vehicle network security risks and solutions
  • Design reverse engineering tools to identify security challenges in In-Vehicle Networks (IVNs)
  • Propose automatic and uniform reverse-engineering mechanisms and develop the proof-of-concept testbed
  • Develop reverse engineering mechanisms and theories to identify security challenges in vehicular networks
  • Design cyber security solutions to address security challenges in vehicles and vehicular networks
  • Develop cyber security testing procedures for vehicular network safety and security
  • Work with IAG staff to implement vehicle cybersecurity tests
  • Generate IP and research publications

Demonstration: 2020 Program

Learn more about our technology

[TITS] CAN-Trace Attack: Exploit CAN Messages to Uncover Driving Trajectories

[IoT-J] ByCAN: Reverse Engineering Controller Area Network (CAN) Messages from Bit to Byte Level