October 2024
·
963 Reads
The Controller Area Network (CAN) is a pivotal communication protocol extensively utilized in vehicles, aircraft, factories, and diverse cyber-physical systems (CPSs). The extensive CAN security literature resulting from decades of wide usage may create an impression of thorough scrutiny. However, a closer look reveals its reliance on a specific threat model with a limited range of abilities. Notably, recent works show that this model is outdated and that a more potent and versatile model could soon become the norm, prompting the need for a new defense paradigm. Unfortunately, the security impact of this emerging model on CAN systems has not received sufficient attention, and the defense systems addressing it are almost nonexistent. In this paper, we introduce ERACAN, the first comprehensive defense system against this new threat model. We first begin with a threat analysis to ensure that ERACAN comprehensively understands this model's capabilities, evasion tactics, and propensity to enable new attacks or enhance existing ones. ERACAN offers versatile protection against this spectrum of threats, providing attack detection, classification, and optional prevention abilities. We implement and evaluate ERACAN on a testbed and a real vehicle's CAN bus to demonstrate its low latency, real-time operation, and protective capabilities. ERACAN achieves detection rates of 100% and 99.7%+ for all attacks launched by the conventional and the enhanced threat models, respectively.