MARC details
| 000 -LEADER |
|---|
| fixed length control field |
09840nam a22002537a 4500 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
210117b2018 |||f mb|| 00| 0 eng d |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
EG-CaNU |
| Transcribing agency |
EG-CaNU |
| 041 0# - Language Code |
|---|
| Language code of text |
eng |
| Language code of abstract |
eng |
| 082 ## - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
658 |
| 100 0# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Pakinam Noureldeen |
| 245 1# - TITLE STATEMENT |
|---|
| Title |
Security Evaluation for Lightweight CAN Authentication Protocol / |
| Statement of responsibility, etc. |
Pakinam Noureldeen |
| 260 ## - PUBLICATION, DISTRIBUTION, ETC. |
|---|
| Date of publication, distribution, etc. |
2018 |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
89 p. |
| Other physical details |
ill. |
| Dimensions |
21 cm. |
| 500 ## - GENERAL NOTE |
|---|
| Materials specified |
Supervisor: Mahmoud Allam, Marianne Azer |
| 502 ## - Dissertation Note |
|---|
| Dissertation type |
Thesis (M.A.)—Nile University, Egypt, 2018 . |
| 504 ## - Bibliography |
|---|
| Bibliography |
"Includes bibliographical references" |
| 505 0# - Contents |
|---|
| Formatted contents note |
Contents:<br/>Chapter 1 Introduction ................................ ................................ ........................... 1<br/>1.2 Scope ................................ ................................ ................................ .................... 3<br/>1.3 Objectives ................................ ................................ ................................ ............ 3<br/>1.4 Limitations ................................ ................................ ................................ ........... 3<br/>1.5 Methodology ................................ ................................ ................................ ........ 3<br/>1.6 Thesis Structure ................................ ................................ ................................ ... 4<br/>Chapter 2 Automotive Internal Networks ................................ ............................. 5<br/>2.1 Types of Automotive Internal Networks ................................ ............................. 5<br/>2.2 Types of ECUs and their Applications ................................ ................................ 8<br/>2.3 Controller Area Network (CAN) in details ................................ ........................ 10<br/>2.3.1 CAN History ................................ ................................ ................................ ................... 10<br/>2.3.2 Communication structure of CAN Bus ................................ ................................ ........... 10<br/>2.3.3 CAN in the OSI Layers ................................ ................................ ................................ ... 11<br/>2.5 CAN Features and Benefits ................................ ................................ ............... 14<br/>2.6 In-Vehicle Interfaces ................................ ................................ .......................... 17<br/>2.7 Security Concerns ................................ ................................ .............................. 18<br/>2.7.1 Security Assets ................................ ................................ ................................ ................ 19<br/>2.7.2 Automotive Network challenges ................................ ................................ ..................... 19<br/>2.8 Automobiles incidents classification ................................ ................................ . 22<br/>2.8.1 Logical attack scenarios ................................ ................................ ................................ .. 22<br/>2.8.2 Possible Examined Attacks ................................ ................................ ............................. 29<br/>Chapter 3 Related work ................................ ................................ ........................ 33<br/>3.1 EVITA project ................................ ................................ ................................ ... 33<br/>3.1.1 Committed security module ................................ ................................ ............................ 34<br/>3.1.2 Key distribution protocol over CAN ................................ ................................ ............... 34<br/>3.1.3 EVITA conclusion ................................ ................................ ................................ ........... 34<br/>3.2 Message/frame authentication protocol ................................ ............................. 35<br/>3.3 Multi-MAC Per receiver ................................ ................................ .................... 38<br/>3.4 Tesla security protocol and its evaluation ................................ .......................... 38<br/>Chapter 4 ................................ ................................ ................................ ................ 40<br/>Light Weight CAN Authentication Protocol ................................ ....................... 40<br/>4.1 Threat Model and Security Requirements ................................ ......................... 40<br/>4.2 The CAN Authentication Protocol................................ ................................ ..... 41<br/>4.3 Protocol Details ................................ ................................ ................................ .. 42<br/>4.4 Protocol Phases ................................ ................................ ................................ .. 43<br/>4.5. Cryptography ................................ ................................ ................................ .... 47<br/>4.6 Disadvantage of LCAP ................................ ................................ ...................... 47<br/>Chapter 5 LCAP Security Evaluation ................................ ................................ . 49<br/>5.1 CANoe Simulation Setup ................................ ................................ ................... 49<br/>5.2 Overview of a CANoe Application ................................ ................................ ... 50<br/>5.3 LCAP Penetration Testing ................................ ................................ ................. 54<br/>5.3.1 Attacks on CAN bus related to CIA ................................ ................................ ................ 54<br/>5.4 LCAP deployment over the CANoe ................................ ................................ .. 58<br/>5.4.1 Attacks after implementing LCAP ................................ ................................ .................. 61<br/>5.4 Successful critical attack over LCAP ................................ ................................ 63<br/>5.4.1 Replay Attack scenario: ................................ ................................ ................................ .. 64<br/>5.4.2 Attack implementation in CANoe tool ................................ ................................ ............ 66<br/>5.4.2.1 Proposed replays attack simulation setup ................................ ................................ ..... 67<br/>5.5 Proposed Solution for Replay attack over LCAP ................................ .............. 70<br/>5.5.1 Control messages re-formatting: ................................ ................................ ..................... 70<br/>5.5.2 Node History configuration ................................ ................................ ............................. 70<br/>5.5.3 Receiver Challenge-Response procedure ................................ ................................ ........ 71<br/>Chapter 6 Conclusion and Future Work ................................ ............................. 74<br/>6.1 Conclusion ................................ ................................ ................................ ......... 74<br/>6.2 Future work ................................ ................................ ................................ ........ 75<br/>References ................................ |
| 520 3# - Abstract |
|---|
| Abstract |
Abstract:<br/>Nowadays, leading automotive companies are trying to push the market towards customer satisfaction and to control their industry remotely. This approach helps automotive companies solve some of the software bugs as soon as the happen, also it helps in updating or adding new software features without requiring the customer to go to the car service station to receive the new software updates or the newly added feature. This approach offers several advantages to both the manufacturing companies and the customer.<br/>Remote diagnosis and firmware updated over the air (FOTA) is the solution that automotive companies found to decrease software bugs, to update and to add new features in order to decrease the number of customer visits to car service stations.<br/>As a result, the security of automotive applications using Controller Area Network (CAN) has become one of the most important concerns for maintaining safety and quality of the driving experience.<br/>In order to practice (FOTA) approach, we need to take into consideration the security of the vehicle networks. To use this approach, we must connect automotive networks to external networksthus exposing them to severe and dangerous cyber crimes and attacks.<br/>Vehicles have different types of networks, each network controls a different mechanism of the vehicle. Automotive networks are (MOST), (CAN), (LIN), and (FlexRay). Several ECUs are connected to each network and work differently. For example, LIN (Local Interconnected Network) is responsible for windows opening and closing, it also controls the door locking mechanism. CAN (Controller Area Network) is used in serious automotive functions such as engine control. For multimedia the MOST (Media Oriented System Transport) is typically used. FlexRay is fault-tolerant and high-speed bus system used in High-Performance Powertrain Safety (Drive-by-wire, active suspension, adaptive cruise control)<br/>The purpose of this thesis is to improve the CAN resistance against attacks. Also, the thesis focuses on the lightweight CAN authentication protocol, examines the protocol immunity against denial of service attacks, and suggests a solution for such attacks. Consequently, a security protocol that is appropriate for all security characteristics is accomplished. |
| 546 ## - Language Note |
|---|
| Language Note |
Text in English, abstracts in English. |
| 650 #4 - Subject |
|---|
| Subject |
Information Security |
| 655 #7 - Index Term-Genre/Form |
|---|
| Source of term |
NULIB |
| focus term |
Dissertation, Academic |
| 690 ## - Subject |
|---|
| School |
Information Security |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
Dewey Decimal Classification |
| Koha item type |
Thesis |
| 650 #4 - Subject |
|---|
| -- |
294 |
| 655 #7 - Index Term-Genre/Form |
|---|
| -- |
187 |
| 690 ## - Subject |
|---|
| -- |
294 |