The automotive industry has experienced significant evolution and expansion in recent years, resulting in increasingly complex in-vehicle networks and a growing number of external communication interfaces and on-board Electronic Control Units (ECUs). Despite advancements, the Controller Area Network (CAN) protocol and its enhanced version, the CAN with Flexible Data-rate (CAN FD) protocol, continue to be widely used due to their reliable and eficient real-time transmission capabilities. However, the CAN protocol was not originally designed with security in mind, lacking authentication mechanisms for communications. This vulnerability allows attackers to send spoofed messages across the bus. While application-level Intrusion Detection Systems (IDSs) can identify these spoofed messages, sophisticated attackers can bypass such security measures by disconnecting the target ECU before initiating the spoofing attack. This disconnection can be achieved through error frame injection attacks, a known vulnerability of the CAN protocol. In this work, we propose an IDS that defends against error frame injection attacks, recognizing an attacker's attempt to force a victim ECU to disconnect itself from the network. Our approach detects these attacks with up to 0.97 accuracy, without requiring any modifications to existing ECUs or the network architecture.
The automotive industry has experienced a significant evolution over the past decades, transforming from purely mechanical systems to advanced, digitally integrated vehicles. This digitalization has enabled a range of functionalities, including enhanced safety features, infotainment systems, and autonomous driving capabilities, marking a new era of automotive innovation. However, this increased integration of digital components and networked systems has also increased the security risk. As vehicles now rely heavily on complex electronic control systems, the potential for security vulnerabilities has escalated, creating critical challenges in ensuring the safety and reliability of modern vehicles.
In this context, the Controller Area Network (CAN) protocol is the de facto standard for in-vehicle
communication. Developed in the 1980s, CAN was designed for eficiency and real-time data
transmission, making it highly suitable for automotive applications. However, due to the lack of inherent
security features in CAN’s original design, the protocol is highly vulnerable to various forms of attacks.
Research has demonstrated numerous attack vectors targeting CAN, including spoofing, injection, and
denial-of-service (DoS) attacks [
A specific subset of attacks that leverage CAN’s vulnerabilities is bus-of attacks [ 9], which pose a unique and particularly stealthy threat to in-vehicle communication. In a bus-of attack, an attacker induces a series of error frames that temporarily disconnect an Electronic Control Unit (ECU) from the CAN bus. These errors, however, are not transmitted to the application layer, making the attack efectively invisible at this level. This covert quality allows a bus-of attack to momentarily deactivate an ECU without triggering immediate alerts. Such attacks may both directly impact the vehicle’s functionality and safety, and be used to implement more complex spoofing attacks [10].
Despite the significant threat posed by bus-of attacks, most existing CAN intrusion detection systems (IDS) focus on recognizing the aftermath of such attacks rather than directly preventing them. Many IDS solutions aim to identify anomalous behavior on the bus once an ECU is already silenced, indirectly inferring that an attack may have occurred [11, 12]. To the best of our knowledge, only one solution, CopyCAN [13], directly addresses bus-of attacks; however, it can only detect these attacks after their completion, rendering impossible to develop reaction measures to avoid the attack’s efects.
In this paper we introduce CANpak, a lightweight IDS for CAN bus-of and generally error frame injection attacks, that overcomes the limitation of previous works by exploiting the concept of polyglot frames presented in [14] to recognize the attacker before the victim ECU has been deactivated. The intuition behind CANpak is that the injection of errors on the bus by the attacker is hardly perfectly synchronized with the victim’s clock. Unlike other solutions, which require changes to the network architecture or ECUs, our IDS only requires the monitoring unit to be installed within the existing network, and does not require knowledge of other ECUs signals. We demonstrate our approach in a real-world test-bed, operating the IDS on an embedded system, demonstrating its capabilities to work with a variety of frame and timing configurations. Our solution obtains a 0.97 detection rate, remarkably without obtaining false positives, a crucial characteristic for cyber-physical systems intrusion detection, enabling the implementation of active reaction measures.
In summary, our contributions are the following: • We study the efectiveness of exploiting polyglot frames [ 14] in defensive solutions for CAN attacks. • We present CANpak, a lightweight, efective, specification-based IDS against CAN error frame attacks, based on the oversampling capabilities of SPI. • We demonstrate CANpak capabilities in a real-world test-bed, obtaining 0.96 detection rate, 0.95 f1-score, and no false positives.
In this section, we present an overview of the necessary protocol details for the presented solution. Additional details regarding protocol specifications are available at [15, 16].
CAN nodes are composed of a transceiver and a controller, as illustrated in Figure 1, connected to a two-wire diferential bus that forms a broadcast topology. The CAN controller, embedded within the host microcontroller, encodes and decodes data according to the CAN protocol’s data link layer and manages frame transmission from application-level messages. The CAN transceiver converts logical data to physical signals, with its selection based on speed requirements. Low-speed transceivers support up to 125 Kbit/s and ofer fault-tolerant communication, while high-speed transceivers handle bit rates up to 1 Mbit/s. Every typical CAN data frame includes multiple fields as illustrated in Figure 2. Transmission of Messages. CAN’s communication protocol operates on the Carrier Sense Multiple Access/Collision Detection (CSMA/CD) principle, where nodes on the network monitor the bus for idle time before attempting to transmit messages. In case of simultaneous transmission attempts, collision detection is executed mostly at arbitration time, ensuring that nodes detect and respond to collisions appropriately.
Arbitration Mechanism. CAN arbitration mechanism, based on dominant (0) and recessive (1) bits at the physical layer, ensures collision avoidance through CSMA/CA. During transmission, nodes monitor the bus bit by bit, particularly the ID field, which is the first after the Start of Frame, is used for arbitration. If multiple nodes transmit simultaneously, each continues until the data sent difers from the data received. A mismatch causes the node to cease transmission, preventing collisions. Since dominant bits override recessive ones, lower-priority messages (higher IDs) lose arbitration, allowing higher-priority messages to be transmitted first.
Application Layer
(Messages) Data Link Layer
(Bits) Physical Layer (Voltage)
MCU
CAN Controller CAN TX
CAN RX CAN Transceiver
MCU
CAN Controller CAN TX
CAN RX CAN Transceiver
Bit Stufing. CAN employs bit stufing to maintain bus synchronization. After every five consecutive identical bits, a bit of the opposite value is inserted, regardless of the sixth bit’s value. This avoids desynchronization between nodes, since synchronization is obtained during the raising or falling edge of a bit.
Error Handling. When a transmitter or receiver detects an error, it sends an error frame starting with an Error Flag (composed of six consecutive dominant or recessive bits) violating the bit-stufing rule. This forces all nodes to detect the error, ignore the currently transmitted message, and respond with their own Error Flags. The frame ends with an error delimiter of eight recessive bits. The transmitter then retries sending the corrupted frame once the bus becomes idle, competing again for arbitration. Fault Management. When a node detects and handles an error while transmitting or receiving, it increases its transmit or receive error counter of a value of 8. Once the transmit error counter increases over 255, the node moves in bus of state and shuts itself out of communication until enough packets have passed.
In 2011, Bosch started working with automakers and CAN experts to develop the Controller Area Network with Flexible Data-rate, or CAN FD. With the help of this new protocol, data can be transferred at rates higher than 1 Mbit/s and with payload lengths of up to 64 bytes. ISO 11898-1:2015 is the international standard for CAN FD [16].
Although CAN FD was initially developed for high-performance automotive ECUs, it is also suitable for non-automotive applications needing reliable, high-speed data transmission. With its enhanced communication capabilities, CAN FD is expected to become standard in new vehicles as manufacturers transition from traditional CAN bus systems [17, 18].
Frame format. The frame format is one of the key distinctions between CAN and CAN FD. The two-frame format is displayed in Figure 2.
Bit Rate. Higher bit-rates are needed to reduce the transmission time and maintain an acceptable throughput as payload sizes expand. Although the arbitration phase is still only allowed to proceed at a maximum of 1 Mbit/s for compatibility, CAN FD increases the bit rate during the transmission of the
Data-Frame IBdules- SO Identifier
F
R I TR ED r
DLC
Data Field
Checksum
EOF
ITM 1 11 bits 1 1 1 4 bits 0-8 bytes 15 bits 1 1 7 bits 3 bits Arbitration-Field
Control-Field
Data-Field
Check-Field
ACK-Field D A E C L K D A E C L K 1 1
D E L 1 D E L 1 (a) Standard CAN Frame
Extended CAN Data-Frame IBdules- SO Identifier SR ID ID TRR r1 r0 DLC Data Field
F R E
Checksum 1 11 bits 1 1 18 1 1 1 4 bits 0-8 bytes 15 bits
EOF IFS 7 bits 3 bits payload up to eight times (8 Mbit/s). Nevertheless, there is a notable deviation from the theoretical and practical bit-rate [19].
CRC Calculation. CAN with Flexible Data-rate (CAN FD) uses diferent CRC polynomials based on frame formats and includes stufed bits across the entire frame. For all standard CAN and CAN FD frames, a CRC-15 polynomial is used. CAN FD frames with data fields up to 16 bytes use CRC-17, while those with fields larger than 16 bytes use CRC-21.
Note that the bit-stufing rule also applies to the CRC field, adding bits at specific points: at the start and after every 4th bit of the CRC sequence, with values opposite to the previous bit. If a receiver detects a stuf error (when a fixed bit matches the previous bit’s value), it drops these bits before running the CRC check.
Multiple researchers have demonstrated over the years both how attacks against automotive CAN
are safety critical [20, 21, 22, 10], and how it is possible to reach the CAN buses of a vehicle through
physical [
A vast literature is also present regarding countermeasures against CAN attacks. One of the most viable and common mechanisms to mitigate such events are IDSs [27]. Such systems can be classified depending on the technology used for detection, e.g., model-based or machine-learning based, or on the features and network level at which they operate: Signature-based IDSs identify attacks by comparing real-time activity to a list of recognized signatures, harmful events, or rules derived from known attack patterns. To detect attack fingerprints for present and future intrusion detection systems, Muter et al. [28] deployed eight anomaly detection sensors. On a similar vein, Studnia et al. [29] identified signatures of an anomalous CAN message sequence on a network. Time or Frequency-based IDSs [30, 31, 32] work based on the knowledge that the majority of the vehicle signals are transmitted at fixed intervals to comply with safety standards, and that attacks that inject or remove messages would modify the inter-arrival time between two packets with the same ID. Feature-Based IDSs evaluate network parameters like anomalous messages, payloads, bus load, frequency, and dropped messages. They compare these features against a baseline, flagging deviations that exceed a predefined threshold. These solutions often exploit machine-learning techniques. Finally, specification-based IDSs work based on the assumption that untampered messages follow protocol rules, while attack packets may not do so. Parrot, developed by Dagan et al. [33], operates by monitoring specific CAN IDs broadcasted by the ECU where the IDS is installed. If another ECU trasmits its IDs, Parrot deletes the message. However, it requires knowledge of all the broadcasted IDs and to be installed on each defended node. Longari et al. [13, 32] propose two IDSs that detect when an ECU is in bus-of state and do not allow its IDs to be sent in that period. However, they cannot detect attacks that trigger single error frames.
Note that while IDSs are efective, attacks have been studied to bypass them. In particular, many intrusion detection techniques are vulnerable to masquerade attacks, or attacks that - instead of injecting additional packets on the data stream - manage to modify the content of valid packets [34]. In fact, frequency-based detection becomes unefective, but also feature- and specification-based detection may at this point be exploited by adversarial attacks [35, 36]. However, to execute a masquerade attack from a CAN node diferent from the one that should generate a given packet (source), it is necessary to silence the source. This has been demonstrated feasible -although it is implementation dependent - through diagnostic services [10] or, more consistently, by exploiting the CAN fault management process. If the attacker manages to generate bus errors while another node is transmitting, it is possible to delete its messages, eventually send such node in bus of state, and start communicating on its behalf, efectively implementing a masquerade attack. This has been demonstrated feasible initially through physical access [8, 9] and successively from remote [14] through the exploitation of Polyglot frames. Polyglot Frames. Polyglot frames are based on the notion that a signal’s meaning is not intrinsic but instead depends on how it is interpreted, since its true meaning emerges only through interpretation based on decoding conventions or rules. Thus, a signal’s meaning is tied not to its physical properties but to the system interpreting it. In the context network protocols, a bitstream transmitted over the bus is considered a polyglot frame if it may be interpreted by multiple protocols. Specifically, De Faveri et al. [14] demonstrated that the SPI protocol is capable of interpreting and generating any CAN message due to its much less constrained protocol rules. Thanks to this property, if an attacker manages to modify which peripherals are connected to the physical pins of the embedded board, it is possible to connect the CAN transceiver (which is commonly not embedded in the microcontroller) to the SPI interface, allowing the attacker to bypass CAN protocol rules and generate bus of and masquerade attacks against other nodes.
Since gaining direct control over a safety-critical ECU is typically hindered by secure gateways [37, 38],
the adversary’s strategy involves influencing the operation of a separate ECU via a vulnerable one, all
without triggering suspicion. While physical attacks are now deemed impractical due to the necessity
of prior physical network access, the risk of remote attacks remains significant. Remote exploitation is
viable through various attack vectors as mentioned previously, Bluetooth, and cellular networks [
Motivation. CAN and CAN FD lack built-in security. While multiple IDSs techniques have been designed, many are not efective against adversarial masquerade attacks, which however require the attacker to delete the source frame. Our objective with this research is to build a simple IDS that can be used to recognize error frame and bus of attacks and therefore mitigate masquerade attacks. To do so, we follow the polyglot frames approach presented by De Faveri et al. [14] but implement it in a defensive setting.
The goal of our approach is to design a lightweight, consistent IDS for error frame attacks against CAN that meets the requirement of generating zero false positives, without relying on additional hardware or an ECU with high computational capabilities. To do so, our system is based on a simple intuition, which is that while the victim ECU, generating frames and being silenced by the attacker, has a consistent bit period, the attacker can hardly manage to avoid a phase shift while starting the injection of its dominant bits. To recognize this event, we oversample the reading by a factor of eight through the use of the SPI interface, thanks to a mechanism called "polyglot frames" designed and previously presented by de Faveri et al. [14].
Our approach can be divided in two phases: in the first phase the objective of the detection system is that of recognizing a potential attack event, which can be identified by an error flag. CANpak functions as a routine that consistently reads trafic from the CAN bus: a Finite State Machine (FSM) is utilized to parse the bit sequence, adhering to the frame format and fault confinement regulations, for the purpose of identifying erroneous bits or error sequences. Each field within nearly every frame corresponds to a FSM state, with the transition from one state to another determined by the bit count.
Once an error flag is identified, the second phase of the detection process aims to check whether the error flag appears to be generated by a malicious actor or not, and it does so by evaluating whether the oversampled error bits are consistent with the authentic trafic or not. If any 8-bit sequence starting from where the error-flag is located fails to comply with a combination of eight consecutive dominant or recessive bits, our algorithm generates an attack alert. Additionally, we monitor the Transmit Error Count (TEC) of the protected ECU or multiple ECUs based on the occurrence of error frames and successfully transmitted frames.
The IDS functions as a continuous reading routine, capturing CAN bus trafic bit by bit through the high-speed Serial Peripheral Interface (SPI). The key advantage of SPI is that of being perfectly "polyglot" in relation to CAN. In fact, thanks to the lack of start and stop bits, SPI allows for perfectly oversampling the CAN bus, even at its maximum 8 Mbit/s bit rate for CAN FD. By sampling the bus N times per bit, SPI captures an equivalent bit value composed of repeated samples. This oversampling enables the analysis of polyglot frames—bitstreams interpretable across multiple protocols. By bypassing the CAN controller, SPI captures raw CAN frames as digital signals, ofering fine-grained, bit-level data without significant hardware modifications.
This section outlines the algorithm driving the CANPak device, focusing on standard 11-bit frames for simplicity, though it can be easily adapted for 29-bit extended frames.
The algorithm functions as a custom CAN controller, continuously reading the bus bit by bit and interpreting the bit sequence following a Finite State Machine (FSM) that identifies valid CAN or CAN FD frames. Data is directly retrieved from the CAN transceiver. Inspired by Longari et al. [13], the FSM tracks frame fields, occasionally grouping them for simplification. The relevant variables are defined as follows: The Bit Counter, or BC, tracks the number of bits processed in the current frame field, increasing by 1 with each new bit. The Polarity Counter, or PC, counts consecutive identical bits, resetting when a diferent bit appears. It’s mainly used for fields with bit stufing and also for validating CRC stufed bits. The Stuf Counter counts stufed bits by incrementing when five identical bits are detected (PC == 4). The variable DL represents the data field length in bits, based on the frame’s DLC field. The CRC Counter, or CC, counts CRC sequence bits to ensure the CRC bit stufing rule is followed. The actual length of the CRC sequence is known as CRC LEN. It tracks the CRC sequence length, which varies (15, 17, or 21 bits) based on data length. The variable called TEC is required to maintain track of the protected ECU’s Transmit Error Count.
Error-free parsing. The algorithm begins in the IDLE state, incrementing the Bit Counter (BC) upon detecting a dominant bit, moving to the Start of Frame (SOF) and then the Identifier (ID) state. Here, stuf bits and errors are tracked by the Polarity Counter (PC) according to the bit stufing rule. The Identifier bits (2nd to 13th) identify the transmitter, with possible stuf bits noted by the Stuf counter. In the RTR/RRS state, both dominant and recessive bits are stored. Although CAN FD lacks remote frames, the RTR bit is saved for compatibility with other protocols. The IDE bit determines whether the ID is 11 or 29 bits long. The FDF bit directs the algorithm to either the RES state (for CAN FD) or DLC state (for CAN). If CAN FD is detected, a dominant reserved bit precedes the BRS state, which switches the data bit-rate based on the bit value. The algorithm then parses the DLC, Data Length (DL), CRC Length (CRC LEN), and CRC Stuf (CRC STUFF). In the DATA state, the payload is processed, followed by parsing the SBC and CRC sequence. The CRC counter increments as each bit is parsed, updating the PC as needed. Once bit stufing is no longer relevant, the PC counter is deactivated. The ifnal 10 bits, including the CRC delimiter, ACK slot, ACK delimiter, and EOF, are read, ensuring all are recessive except the ACK slot, which confirms successful reception. If no errors occur, the TEC decreases by 1, and after an IFS (3 recessive bits), the system resets to IDLE, awaiting the next frame. If any of the 3 IFS bits is dominant, the algorithm handles overload frames, parsing up to twelve dominant bits followed by eight recessive bits. For CAN frames, the FDF bit triggers a unique transition, but the general operations remain the same. The DLC and DL are extracted, and if the RTR bit is 0, the payload is processed; if 1, indicating a remote frame, the algorithm skips to CRC parsing. After parsing 15 CRC bits, the final frame bits are read, and if error-free, the TEC is decremented, returning to the IFS state. Error Handling and Attack Detection. The algorithm’s error detection process begins by observing the bus for an error-flag: if six consecutive identical bits are detected (PC == 5) during bit stufing, the error flag commences. Once the error flag finishes, the algorithm transitions to the ERROR FLAG state. Once in the Error-flag state, we collect the last 96 SPI bits (or 12 CAN bits, since we oversample CAN signals by a factor of eight) from the currently processed index.
Once the last twelve CAN bits are identified, our intuition is straightforward: if the error is not the result of an attack, the error flag initiated by the source node will consistently follow a predefined pattern, starting precisely at the beginning of a byte or clock signal in a fully synchronous manner. Conversely, if the CAN bits fail to align with the 8-bit SPI sequences, it can be assumed that this desynchronization is caused by an ongoing attack, which imposes an error flag on top of the victim’s trafic, as visible in Figure 3.
If any byte, starting from where the error-flag sequence begins, fails to comprise a combination of eight 0s or eight 1s (indicating an interruption or discrepancy in the expected error pattern), our algorithm triggers an attack message and current state will transition to error-DEL marking the end of the error analysis phase and alerting that an attack may be underway. Additionally, we continuously monitor and update the TEC of the protected ECU or multiple ECUs based on two conditions i.e incremented (+8) for error frames detected and decremented (-1) for successfully transmitted frames:
Subsequently, if the TEC reaches 256 (indicating a "bus-of" state), the algorithm scans for 11-bit-long sequences of recessive bits. Once 128 such sequences are detected, the TEC is reset, and the ECU is considered reconnected.
Our main experimental goals are to validate our synchronization assumption and to evaluate our approach performances in real-world scenarios. Specifically, we aim to demonstrate that the IDS can reliably detect fraudulent error-flag sequences composed of six consecutive dominant bits (0s) without mistaking legitimate error flags. By examining detection rates, false positives, and response times, we will validate the system’s capability to distinguish attack-generated error-flags from genuine network errors.
Our setup is composed of three devices connected to a CAN bus test-bed, as shown in Figure 4. An Arduino board with a CAN shield using an MCP2515 CAN controller acts as the victim of the attack, generating messages with various IDs on the bus. A first Nucleo L552ZE-Q board runs the CANpak code, monitoring the bus. Finally, second Nucleo L552ZE-Q board runs the attacker code, performing attacks by injecting dominant error frames against the victim’s frames on the bus. Both Nucleo boards are equipped with an external MCP2551 CAN transceiver.
Experiment 1: Attack detection.
We run our experiment multiple times, with the attacker attempting to inject error frames over multiple packets with various IDs generated by the victim. Our results are promising, as presented by the confusion matrix in Table 1. With an accuracy of 0.97, a precision of 1.0, and an f1-score of 0.95, while not achieving perfect detection rate, the performances suggest that our IDS may be implemented to recognize error-frame attacks, especially as an complementary measure for those techniques that are vulnerable to masquerade attacks.
Experiment 2: Error-free trafic.
The objective of the second experiment is to ensure that our assumption is correct, and that there are no instances of correctly generated error frames that are not synchronous and therefore end up being lfagged as false positives by our system. For this evaluation, we let our test-bed run in an attack-free scenario for hours, in order to allow for errors to "naturally" arise and error flags to (hopefully) not be detected. In fact, while unfortunately only in 9 instances errors were generated, none was detected by our system, ending up with a perfect 0.0 false positive rate.
In this study, we introduced CANpak, an innovative Intrusion Detection System (IDS) for CAN and CAN FD networks. Our research commenced drawing inspiration from both CopyCAN [13] for the reading routine and CANflict [ 14] for the idea of polyglot frames. Our design was born from the necessity of a robust and lightweight specification-based IDS capable of mitigating adversarial masquerade attacks. However, current state-of-the-art specification-based IDSs that work towards that goal either have too many requirements, such as having to be implemented on all nodes, or cannot directly detect a single error frame, and instead need the attack to lead the victim in bus-of state to be efective. Our IDS addresses these shortcomings while providing lightweight, real-time detection against error frame attacks and all the attacks enabled by silencing a victim node. Specifically, the system detects instances where an attacker inserts an error flag on the bus to disrupt the trafic of a specific target. We validated the viability of CANPak through the implementation of a proof-of-concept testbed. The experimental outcomes confirm the efectiveness of the algorithm and demonstrate its reliability achieving 0.97 accuracy, 0.95 f1-score, and 0.0 false positive rate.
Undoubtedly, our solution has its own limitation, specifically in the assumption that an attacker cannot synchronize its error flag with the rising or falling edge of the valid CAN packet they are attempting to invalidate. While - without oversampling themselves - the attacker cannot synchronize willingly, there is a chance dependent on the oversampling frequency that the attack ends naturally being synchronous with the valid trafic. To mitigate and minimize the chance that this event happens, future work includes studying the realistic increase in the oversampling rate that maintains the 0.0 false positive rate while increasing the detection rate, and the evaluation of diferent hardware that may allow for the increase of the maximum SPI clock frequency above the 40Mhz of the current one, potentially allowing for additional oversampling.
Generative AI tools such as Grammarly and ChatGPT 4o were utilized solely for proofreading and grammar refinement in the preparation of this manuscript. The authors retain full responsibility for the content presented in the final version. USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, USENIX Association, 2020, pp. 949–965. URL: https://www.usenix.org/conference/usenixsecurity20/presentation/wen. [5] I. D. Foster, A. Prudhomme, K. Koscher, S. Savage, Fast and vulnerable: A story of telematic failures, in: A. Francillon, T. Ptacek (Eds.), 9th USENIX Workshop on Ofensive Technologies, WOOT ’15, Washington, DC, USA, August 10-11, 2015, USENIX Association, 2015. URL: https: //www.usenix.org/conference/woot15/workshop-program/presentation/foster. [6] H. J. Jo, W. Choi, S. Y. Na, S. Woo, D. H. Lee, Vulnerabilities of android os-based telematics system, Wirel. Pers. Commun. 92 (2017) 1511–1530. URL: https://doi.org/10.1007/s11277-016-3618-9. doi:10. 1007/S11277-016-3618-9. [7] S. Mazloom, M. Rezaeirad, A. Hunter, D. McCoy, A security analysis of an in-vehicle infotainment and app platform, in: N. Silvanovich, P. Traynor (Eds.), 10th USENIX Workshop on Ofensive Technologies, WOOT 16, Austin, TX, USA, August 8-9, 2016, USENIX Association, 2016. URL: https://www.usenix.org/conference/woot16/workshop-program/presentation/mazloom. [8] K. Cho, K. G. Shin, Error handling of in-vehicle networks makes them vulnerable, in: E. R. Weippl, S. Katzenbeisser, C. Kruegel, A. C. Myers, S. Halevi (Eds.), Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016, ACM, 2016, pp. 1044–1055. URL: https://doi.org/10.1145/2976749.2978302. doi:10.1145/2976749. 2978302. [9] A. Palanca, E. Evenchick, F. Maggi, S. Zanero, A stealth, selective, link-layer denial-of-service attack against automotive networks, in: M. Polychronakis, M. Meier (Eds.), Detection of Intrusions and Malware, and Vulnerability Assessment - 14th International Conference, DIMVA 2017, Bonn, Germany, July 6-7, 2017, Proceedings, volume 10327 of Lecture Notes in Computer Science, Springer, 2017, pp. 185–206. URL: https://doi.org/10.1007/978-3-319-60876-1_9. doi:10.1007/978-3-319-60876-1\_9. [10] C. Miller, C. Valasek, Can message injection, OG Dynamite Edition (2016). [11] S. Longari, C. A. Pozzoli, A. Nichelini, M. Carminati, S. Zanero, Candito: Improving payload-based detection of attacks on controller area networks, in: S. Dolev, E. Gudes, P. Paillier (Eds.), Cyber Security, Cryptology, and Machine Learning - 7th International Symposium, CSCML 2023, Be’er Sheva, Israel, June 29-30, 2023, Proceedings, volume 13914 of Lecture Notes in Computer Science, Springer, 2023, pp. 135–150. URL: https://doi.org/10.1007/978-3-031-34671-2_10. doi:10.1007/ 978-3-031-34671-2\_10. [12] M. H. Shahriar, Y. Xiao, P. Moriano, W. Lou, Y. T. Hou, Canshield: Deep-learning-based intrusion detection framework for controller area networks at the signal level, IEEE Internet Things J. 10 (2023) 22111–22127. URL: https://doi.org/10.1109/JIOT.2023.3303271. doi:10.1109/JIOT.2023. 3303271. [13] S. Longari, M. Penco, M. Carminati, S. Zanero, Copycan: An error-handling protocol based intrusion detection system for controller area network, in: L. Cavallaro, J. Kinder, T. Holz (Eds.), Proceedings of the ACM Workshop on Cyber-Physical Systems Security & Privacy, CPS-SPC@CCS 2019, London, UK, November 11, 2019, ACM, 2019, pp. 39–50. URL: https://doi.org/10.1145/3338499. 3357362. doi:10.1145/3338499.3357362. [14] A. de Faveri Tron, S. Longari, M. Carminati, M. Polino, S. Zanero, Canflict: Exploiting peripheral conflicts for data-link layer attacks on automotive networks, in: H. Yin, A. Stavrou, C. Cremers, E. Shi (Eds.), Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, ACM, 2022, pp. 711–723. URL: https://doi.org/10.1145/3548606.3560618. doi:10.1145/3548606.3560618. [15] R. B. GmbH, Can specification, Available: http://esd.cs.ucr.edu/webres/can20.pdf. (1991). [16] Iso central secretary. road vehicles — controller area network (can) — part 1: Data link layer and physical signalling., Standard ISO 11898-1:2015, International Organization for Standardization, Geneva, CH, (2015). [17] A. Wang, J. Fang, Y. Xu, Y. Xu, Y. Wang, Y. Wu, J.-G. Chung, Anomaly information detection and fault tolerance control method for can-fd bus network, in: 2022 19th International SoC Design Conference (ISOCC), 2022, pp. 308–309. doi:10.1109/ISOCC56007.2022.10031520. [18] Cia can in automation. canopen fd, Available: https://www.can-cia.org/news/cia-inaction/view/canopenfd- cia-1301-released/. Cia 1301 released (2017). [19] J. Laufenberg, T. Kropf, O. Bringmann, Can simulation framework - from classic can to can xl, in: 2023 IEEE 26th International Conference on Intelligent Transportation Systems (ITSC), 2023, pp. 3343–3348. doi:10.1109/ITSC57777.2023.10422342. [20] S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno, Comprehensive experimental analyses of automotive attack surfaces, in: 20th USENIX Security Symposium, San Francisco, CA, USA, August 8-12, 2011, Proceedings, USENIX Association, 2011. URL: http://static.usenix.org/events/sec11/tech/full_papers/Checkoway.pdf. [21] K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, Experimental security analysis of a modern automobile, in: 2010 IEEE Symposium on Security and Privacy, 2010, pp. 447–462. doi:10.1109/SP.2010.34. [22] C. Miller, C. Valasek, Adventures in automotive networks and control units, Def Con 21 (2013) 15–31. [23] C. Miller, C. Valasek, A survey of remote automotive attack surfaces, black hat USA 2014 (2014) 94. [24] S. Woo, H. J. Jo, D. H. Lee, A practical wireless attack on the connected car and security protocol for in-vehicle CAN, IEEE Trans. Intell. Transp. Syst. 16 (2015) 993–1006. URL: https://doi.org/10. 1109/TITS.2014.2351612. doi:10.1109/TITS.2014.2351612. [25] Y. Lee, S. Woo, J. Lee, Y. Song, H. Moon, D. H. Lee, Enhanced android app-repackaging attack on in-vehicle network, Wirel. Commun. Mob. Comput. 2019 (2019). URL: https://doi.org/10.1155/ 2019/5650245. doi:10.1155/2019/5650245. [26] S. Nie, L. Liu, Y. Du, Free-fall: Hacking tesla from wireless to can bus, Briefing, Black Hat USA 25 (2017) 16. [27] B. Lampe, W. Meng, Intrusion detection in the automotive domain: A comprehensive review, IEEE Commun. Surv. Tutorials 25 (2023) 2356–2426. URL: https://doi.org/10.1109/COMST.2023.3309864. doi:10.1109/COMST.2023.3309864. [28] M. Müter, A. Groll, F. C. Freiling, A structured approach to anomaly detection for in-vehicle networks, in: Sixth International Conference on Information Assurance and Security, IAS 2010, Atlanta, GA, USA, August 23-25, 2010, IEEE, 2010, pp. 92–98. URL: https://doi.org/10.1109/ISIAS. 2010.5604050. doi:10.1109/ISIAS.2010.5604050. [29] I. Studnia, E. Alata, V. Nicomette, M. Kaâniche, Y. Laarouchi, A language-based intrusion detection approach for automotive embedded networks, Int. J. Embed. Syst. 10 (2018) 1–12. URL: https: //doi.org/10.1504/IJES.2018.10010488. doi:10.1504/IJES.2018.10010488. [30] M. R. Moore, R. A. Bridges, F. L. Combs, M. S. Starr, S. J. Prowell, Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection, in: J. P. Trien, S. J. Prowell, J. R. Goodall, J. M. Beaver, R. A. Bridges (Eds.), Proceedings of the 12th Annual Conference on Cyber and Information Security Research, CISRC 2017, Oak Ridge, TN, USA, April 4 - 6, 2017, ACM, 2017, pp. 11:1–11:4. URL: https://doi.org/10.1145/3064814.3064816. doi:10.1145/3064814.3064816. [31] H. M. Song, H. R. Kim, H. K. Kim, Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network, in: 2016 International Conference on Information Networking, ICOIN 2016, Kota Kinabalu, Malaysia, January 13-15, 2016, IEEE Computer Society, 2016, pp. 63–68. URL: https://doi.org/10.1109/ICOIN.2016.7427089. doi:10.1109/ICOIN.2016. 7427089. [32] S. Longari, G. Galletti, J. Holle, S. Zanero, et al., Canter: data-link layer detection of drop-and-spoof attacks on can and can fd, in: Proceedings of the Italian Conference on Cyber Security (ITASEC 2024), CEUR, 2024, pp. 1–13. [33] T. Dagan, A. Wool, Parrot, a software-only anti-spoofing defense system for the can bus, ESCAR
EUROPE 34 (2016). [34] A. Nichelini, C. A. Pozzoli, S. Longari, M. Carminati, S. Zanero, Canova: A hybrid intrusion detection framework based on automatic signal classification for CAN, Comput. Secur. 128 (2023) 103166. URL: https://doi.org/10.1016/j.cose.2023.103166. doi:10.1016/J.COSE.2023.103166. [35] S. Longari, F. Noseda, M. Carminati, S. Zanero, Evaluating the robustness of automotive intrusion detection systems against evasion attacks, in: S. Dolev, E. Gudes, P. Paillier (Eds.), Cyber Security, Cryptology, and Machine Learning - 7th International Symposium, CSCML 2023, Be’er Sheva, Israel, June 29-30, 2023, Proceedings, volume 13914 of Lecture Notes in Computer Science, Springer, 2023, pp. 337–352. URL: https://doi.org/10.1007/978-3-031-34671-2_24. doi:10.1007/978-3-031-34671-2\_24. [36] P. Cerracchio, S. Longari, M. Carminati, S. Zanero, et al., Investigating the impact of evasion attacks against automotive intrusion detection systems, ???? [37] J. Berg, J. Pommer, C. Jin, F. Malmin, J. Kristensson, Secure gateway-a concept for an in-vehicle ip network bridging the infotainment and the safety critical domains, 13th Embedded Security in Cars (ESCAR’15) (2015) 1–12. [38] A. de Faveri Tron, S. Longari, M. Carminati, M. Polino, S. Zanero, Canflict: Exploiting peripheral conflicts for data-link layer attacks on automotive networks, in: H. Yin, A. Stavrou, C. Cremers, E. Shi (Eds.), Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS 2022, Los Angeles, CA, USA, November 7-11, 2022, ACM, 2022, pp. 711–723. URL: https://doi.org/10.1145/3548606.3560618. doi:10.1145/3548606.3560618.