Paper Info
Title
Efficient ECU Analysis Technology Through Structure-Aware CAN Fuzzing
Abstract
Modern vehicles are equipped with a number of electronic control units (ECUs), which control vehicles efficiently by communicating with each other through the controller area network (CAN). However, the CAN is known to be vulnerable to cyber attacks because it does not have any security mechanisms. To find vulnerable CAN messages that can control safety-critical functions in ECUs, researchers have studied CAN fuzzing methods. In existing CAN fuzzing methods, fuzzing input values are generally generated at random without considering the structure of CAN messages, resulting in non-negligible CAN fuzzing time. In addition, existing fuzzing solutions have limited monitoring capabilities of the fuzzing results. In this paper, we propose a Structure-aware CAN Fuzzing protocol, in which the structure of CAN messages is considered and fuzzing input values are systematically generated to locate vulnerable functions in ECUs. Our proposed Structure-aware CAN Fuzzing system takes less time to run than existing solutions, meaning that problematic CAN messages that may have originated from SW implementation errors or CAN DBC (database CAN) design errors can be found quickly and, subsequently, appropriate action can be taken. Finally, we evaluated the performance of our Structure-aware CAN Fuzzing system on two real vehicles. We proved that our proposed method can find CAN messages that control safety-critical functions in ECUs faster than existing fuzzing solutions.
Year
DOI
Venue
2022
10.1109/ACCESS.2022.3151358
IEEE ACCESS
Keywords
DocType
Volume
Fuzzing, Monitoring, Standards, Reverse engineering, Microprogramming, Engines, Codes, ECU, CAN, vehicle hacking, CAN fuzzing, structure-aware CAN fuzzing
Journal
10
ISSN
Citations 
PageRank 
2169-3536
0
0.34
References 
Authors
0
5
Name
Order
Citations
PageRank
Hyunghoon Kim100.34
Yeonseon Jeong200.34
Wonsuk Choi300.34
Doon Hoon Lee400.34
Hyo Jin Jo500.68