Riadul Islam’s scientific contributions

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (1)


Figure 4. The essential components of the CAN architecture show the interaction of the CAN module with the ECU on one end and with the CAN bus through the CAN transceiver on the other end.
Figure 7. Threat model showing adversary taking charge of the CAN bus in communication of individual CAN nodes over CAN bus.
Figure 9. Our hardware setup for emulating CAN controller logic on FPGA and its interaction with other CAN modules over the CAN bus.
Figure 10 illustrates an example of simulation results for the MGEESM module with the transmission of form error in every alternate standard frame with a length of 111 bits by showing the transition between the error-passive state and the bus-off state as the transmit error counter exceeds value 255. Similarly, Figure 11 illustrates an example of simulation results for the MGEESM module with the transmission of form error in every alternate standard frame with a length of 111 bits by showing the transition between the bus-off state and the error-active state after transmission of 128 occurrences of 11 consecutive recessive bits. The form error occurs at a position of 20 bits after the end of the data field within the standard frame.
Figure 13. The detection time and response time are presented for the BOAD111 module across all four sub-cases: (a) TEC value 255 with error introduced in every frame with response time 77.66% lower than detection time. (b) TEC value 255 with error introduced in every alternate frame with response time 87.40% lower than detection time. (c) TEC value 127 with error introduced in every frame with response time 78.32% lower than detection time. (d) TEC value 127 with error introduced in every alternate frame with response time 87.73% lower than detection time.
Reconfigurable CAN Intrusion Detection and Response System
  • Article
  • Full-text available

July 2024

·

70 Reads

·

2 Citations

Electronics

Rachit Saini

·

Riadul Islam

The controller area network (CAN) remains the de facto standard for intra-vehicular communication. CAN enables reliable communication between various microcontrollers and vehicle devices without a central computer, which is essential for sustainable transportation systems. However, it poses some serious security threats due to the nature of communication. According to caranddriver.com, there were at least 150 automotive cybersecurity incidents in 2019, a 94% year-over-year increase since 2016, according to a report from Upstream Security. To safeguard vehicles from such attacks, securing CAN communication, which is the most relied-on in-vehicle network (IVN), should be configured with modifications. In this paper, we developed a configurable CAN communication protocol to secure CAN with a hardware prototype for rapidly prototyping attacks, intrusion detection systems, and response systems. We used a field programmable gate array (FPGA) to prototype CAN to improve reconfigurability. This project focuses on attack detection and response in the case of bus-off attacks. This paper introduces two main modules: the multiple generic errors module with the introduction of the error state machine (MGEESM) module and the bus-off attack detection (BOAD) module for a frame size of 111 bits (BOAD111), based on the CAN protocol presenting the introduction of form error, CRC error, and bit error. Our results show that, in the scenario with the transmit error counter (TEC) value 127 for switching between the error-passive state and bus-off state, the detection times for form error, CRC error, and bit error introduced in the MGEESM module are 3.610 ms, 3.550 ms, and 3.280 ms, respectively, with the introduction of error in consecutive frames. The detection time for BOAD111 module in the same scenario is 3.247 ms.

Download

Citations (1)


... Researchers have proposed various solutions to detect and prevent attacks on the CAN protocol for in-vehicle control networks. These methods can be classified into two categories: (i) message authentication code (MAC)-based approaches (Wolf et al., 2004;Hazem and Fahmy, 2012;Wang and Sawhney, 2014;Ueda et al., 2015;Gierlichs and Poschmann, 2016;Sugashima et al., 2016;Doan and Ganesan, 2017;Hafeez et al., 2017;Agrawal and Maiti, 2024); and (ii) intrusion detectionbased approaches Shin, 2016, 2017;Marchetti et al., 2016;Avatefipour et al., 2017;Lee et al., 2017;Marchetti and Stabili, 2017;Rieke et al., 2017;Stabili et al., 2017;Choi et al., 2018a,b;Groza and Murvay, 2018;Hafeez et al., 2018Hafeez et al., , 2019Hafeez et al., , 2020aKneib and Huth, 2018;Sagong et al., 2018a;Wu et al., 2018;Bellaire et al., 2022;Mohammadi and Malik, 2022;Refat et al., 2022;Baldini, 2023;Deng et al., 2023;Gul et al., 2023;Ibrahim and Safa, 2023;Liu et al., 2023;Ahmad et al., 2024;Aloraini et al., 2024;Cao et al., 2024;Elsayed and Zincir-Heywood, 2024;Jeong et al., 2024;Saini and Islam, 2024;Wang et al., 2024). The MAC-based methods achieve security and privacy by encrypting the payload of the CAN packet before transmission (Singh et al., 2024). ...

Reference:

Enhancing ECU identification security in CAN networks using distortion modeling and neural networks
Reconfigurable CAN Intrusion Detection and Response System

Electronics