In the beginning of every security analysis or penetration test of a system, information about the target has to be gathered. On IT-Systems a port scan is usually performed as a first step of an investigation. Since the communication protocols differ in automotive systems, generic port scanning tools can’t be used for a security analysis of CANs.
More complex protocols have a higher likelihood of implementation errors and bugs. On CAN networks, such payloads are transferred through International Standard Transport Protocol (ISO-TP) communication. We designed a new methodology to identify ISO-TP endpoints in automotive networks. Every of these endpoints can provide exploitable application layer protocols and therefor has to be considered during penetration testing and security analysis.
We contribute a new scan approach for the automated evaluation of possible attack surfaces in automotive CAN networks which has a higher coverage and multiple advantages than state of the art approaches.
%0 Conference Paper
%1 weiss2020transport
%A Weiss, Nils
%A Renner, Sebastian
%A Mottok, Jürgen
%A Matousek, Vaclav
%B Transport Layer Scanning for Attack Surface Detection in Vehicular Networks
%D 2020
%I ACM Computer Science in Cars Symposium
%K srenn
%N Article No.: 7
%P 1-8
%R 10.1145/3385958.3430476
%T Transport Layer Scanning for Attack Surface Detection in Vehicular
Networks
%X In the beginning of every security analysis or penetration test of a system, information about the target has to be gathered. On IT-Systems a port scan is usually performed as a first step of an investigation. Since the communication protocols differ in automotive systems, generic port scanning tools can’t be used for a security analysis of CANs.
More complex protocols have a higher likelihood of implementation errors and bugs. On CAN networks, such payloads are transferred through International Standard Transport Protocol (ISO-TP) communication. We designed a new methodology to identify ISO-TP endpoints in automotive networks. Every of these endpoints can provide exploitable application layer protocols and therefor has to be considered during penetration testing and security analysis.
We contribute a new scan approach for the automated evaluation of possible attack surfaces in automotive CAN networks which has a higher coverage and multiple advantages than state of the art approaches.
@inproceedings{weiss2020transport,
abstract = {
In the beginning of every security analysis or penetration test of a system, information about the target has to be gathered. On IT-Systems a port scan is usually performed as a first step of an investigation. Since the communication protocols differ in automotive systems, generic port scanning tools can’t be used for a security analysis of CANs.
More complex protocols have a higher likelihood of implementation errors and bugs. On CAN networks, such payloads are transferred through International Standard Transport Protocol (ISO-TP) communication. We designed a new methodology to identify ISO-TP endpoints in automotive networks. Every of these endpoints can provide exploitable application layer protocols and therefor has to be considered during penetration testing and security analysis.
We contribute a new scan approach for the automated evaluation of possible attack surfaces in automotive CAN networks which has a higher coverage and multiple advantages than state of the art approaches.
},
added-at = {2021-02-03T09:42:16.000+0100},
author = {Weiss, Nils and Renner, Sebastian and Mottok, Jürgen and Matousek, Vaclav},
biburl = {https://www.bibsonomy.org/bibtex/291363ab6aa56272c4d7ede57eb190612/baywiss1},
booktitle = {Transport Layer Scanning for Attack Surface Detection in Vehicular Networks},
doi = {10.1145/3385958.3430476},
interhash = {ab1ed7a9d186291f3421202f9547f0a2},
intrahash = {91363ab6aa56272c4d7ede57eb190612},
keywords = {srenn},
month = {Dez},
number = {Article No.: 7},
pages = {1-8},
publisher = {ACM Computer Science in Cars Symposium},
timestamp = {2021-02-03T09:42:16.000+0100},
title = {Transport Layer Scanning for Attack Surface Detection in Vehicular
Networks},
year = 2020
}