Armin Wasicek1

Mert D.Pesé2, André Weimerskirch2, Yelizaveta Burakova2, Karan Singh2

1Technical University Vienna, Austria2University of Michigan

ESCAR USAJune 21, 2017

Context-aware Automotive Intrusion Detection

Motivation for Security

Dominant motives of organizations for security:

• Avoiding and mitigating loss

• Avoiding negligence

• Enhancing strategic business values

► Security is the enabler of business models

2Armin Wasicek

Who is willing to pay for Security?

Incentives for investment in security are lacking

• Making a strong business case for security is hard:

– Quantifying risk in a dynamic environment

– Rapidly changing, unpredictable threats

– Demonstrating consequences of attacks

►Who is willing to pay for security?

3Armin Wasicek

Vulnerability Black Market

Zero-day exploits are a tradable asset

• Full disclosure to improve software is utopia

• New professionalism in security market

• Cost of exploit: $ 1k-5k (2k), good >10 month

• “Realistically, we’re selling cyberweaponry”

► There is already a market for security!

4Armin Wasicek

Rising need for Security

Automotive security requirements

• Cost effective

• Reusable

• Adaptive

• Cyber-Physical nature

►Raise the bar to prevent (simple) attacks

Armin Wasicek 5

Security toolkit

ECU security

Secure On-board Comm.

Perimeter security

Intrusion detection

What is Intrusion Detection?

Gathers and analyzes information

• Identifies potential security breaches

– Intrusions

– Misuse/Fraud

► Reports to users

6

System

Perimeter

Users

Sensor

IDS

Armin Wasicek

Manipulation and Fault tolerance

7

• Triggering unsafe states will stop the system

• Manipulations are subtle

• Stay within safe states, but modified behavior

• Recognition and Recovery

Armin Wasicek

NTHSA: Misbehavior Detection [DOT HS 812 014]

Development of the processes, algorithms, reporting requirements, and data requirements for both local and global detection functions;

Types of IDS

• Knowledge-based IDS– Patterns/Signatures of malicious activities

– Low false positive rate, needs frequent updates

• Heuristic-based IDS– Look for abnormal behavior, e.g., higher entropy

– Detect new attack patterns

• Context-aware IDS– Compare to reference model, include semantics

– Check against specifications and regulations

8Armin Wasicek

IDSS

Automotive System Architecture

Armin Wasicek 9

ECU

Switch

BackboneCloud

Eth

GW

• Host-based IDS monitors ECU– CPU & memory usage, syscalls, # processes, …

• Network IDS monitors communication– Message frequency, patterns, entropy, …

Over-the-air UpdatesEnvironmental info.

Malicious devices

Board computer

External communication

On-board networks

Segregation

Identify anomalies and outliers

Chip tuning

Modify control algorithm parameters in ECU

• Parameters are stored in a table in flash memory

• Reprogram ECU with new values

– Debug interface, 3rd party device

►Messages emitted by ECU seem original!

10Armin Wasicek

Power boxing

Modify commands to ECU

• Replace the ECU in the communication system

• Insert device between the ECU and actuators

► Communication pattern does not change!

11

Improves low end torque. Plug-in installation in less than 30 minutes.

Armin Wasicek

Cyber-Physical Attacks

Automotive systems are Cyber-Physical

• Checking only cyber properties like CAN message frequency might miss important attack vectors

• IDS needs to target attack on the physical part

► Compare actual behavior to reference model enabling misbehavior detection

Armin Wasicek 12

ECU

Switch

Backbone

GW

Automotive System Architecture

Armin Wasicek 13

Cloud

• Integrate firewall, authentication, and detection

• Fuse information from diverse sources

• Use semantics of control msg to reason about manipulation

Threat defenseOver-the-air UpdatesDetect misbehavior

Chip Tuning

Wheel speed

RPM, torque

Road conditions

IDS

Feature Selection

Select parameters capturing engine behavior

Engine control measures many useful parameters

• Speed …velocity of vehicle

• RPM …angular velocity of engine

• Torque…turning force

►We want to detect modifications, like going around the curve slightly faster, having more torque on a slope, etc.

14

Intrusion Detection Layer

Compares current to reference behavior

• Trained model reconstructs some features poorly

• These are considered as outliers

►Manipulation, if num. of outliers exceeds threshold

15Armin Wasicek

Feature Extraction

Convert a time series to a feature vectorProcessing pipeline works on a time slice

• Use original signal and its differentiation

• Use statistical moments to expand features

• Normalize feature vector16Armin Wasicek

Solve a one-class classification problem

Autoencoder Neural Network:

• Hidden layer generalizes ratio between features

• Stores the typical behavior of an engine

• Trained using same vector for input X, output Y

• Anomaly score is error between input and output

Artificial Neural Networks

17Armin Wasicek

Evaluation

• Racing car simulation TORCS

• Car model ‘p406’ simulating a Peugeot 406

• Increase engine torque by 10 Nm and 30 Nm

• Let the robot do the driving!

18Armin Wasicek

Engine tuning

Modification

• Modify RPM/Torque ratio

Recognizing manipulation

• Bottleneck ANN

– 8 hidden perceptron

• ROC curve looks promising

Armin Wasicek 19

Note: This is unsupervised learning!

Experimental Setup

Armin Wasicek 20

Power boxing to manipulate engine control Read out

data via OBD II

Perform analytics, detect presence

Urban/Highway driving cycles

Real car data

Data points

0 5 10 15 20 25 30 35 40 45 50 55

Min

/max v

alu

es

0

5

10

15

20

25

30

35

40

45

original

modified

Armin Wasicek 21

Vehicle speed Calculated load valueEngine RPM Absolute throttle positionFuel rate O2 sensor lambda wide range Fuel/Air commanded equivalence Absolute throttle position B Accelerator pedal position D Catalyst temperature

Recognition result

Armin Wasicek 22

Size of subset (% of dataset)

0 10 20 30 40 50 60 70 80 90

Ano

maly

score

106

107

108

109

1010

1011

ANN w. 16 hiddenANN w. 32 hiddenANN w. 43 hidden

Iterations

1 2 3 4 5 6 7 8 9 10 11 12

Ra

tio

an

om

aly

sco

re o

f X

mo

d / X

va

l

0

1

2

3

4

5

6

7

8

9

ANN w. 43 hiddenANN w. 32 hiddenANN w. 16 hidden

ANN with 43 hidden nodes has 6-8 times higher anomaly score than validation set. 16 ~ factor 1.5

Integration options

Armin Wasicek 23

• Software Component (SWC) in AUTOSAR terminology

• Subscribe to relevant data via Virtual Function Bus (VFB)

• CAID integration options

o Standalone: on the CAN bus connecting the Central Gateway (CGW) to the OBD port

o Integrated: Part of the CGW

Related Work

• CAN message statistics [Hoppe et al., 2007]

• Entropy-based IDS [Muter et al., 2011]

• Commercial IDS/IPS: Deep Packet Inspection identifiesabnormal behavior

• Context-aware IDS [Wasicek and Weimerskirch, 2015]

24Armin Wasicek

Conclusion and Outlook

• Automotive systems are Cyber-Physical

• IDS need to recognize cyber and physical attacks

• Integrate with other security mechanisms

• Intelligently use the cloud to recognize attacks

• Faults, ageing, and repair effects are challenging

25Armin Wasicek

Thanks for your attention!

Contact me: armin.wasicek@gmail.com

YelizavetaBurakova

Response and Recovery

What to do after an intrusion has been detected?

• Not yet clear

• Depends on location, current state of vehicle

– Log threat

– Disable/inhibit features

– Service procedure

►What are means to react on intrusions/misuse?

Armin Wasicek 27

Automotive IDS Architecture

Armin Wasicek 28