PORTO @ Archivio Istituzionale della Ricerca

The Controller Area Network (CAN) protocol, essential for automotive embedded systems, lacks inherent security features, making it vulnerable to cyber threats, especially with the rise of autonomous vehicles. Traditional security measures offer limited protection, such as payload encryption and message authentication. This paper presents a novel Intrusion Detection System (IDS) designed for the CAN environment, utilizing Hardware Performance Counters (HPCs) to detect anomalies indicative of cyber attacks. A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks, which trigger distinct HPC responses. Key HPC features are optimized through data extraction and correlation analysis to enhance classification efficiency. Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.

CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN Bus / Oberti, Franco; Di Carlo, Stefano; Savino, Alessandro. - ELETTRONICO. - (2025), pp. 1-5. ( 31st IEEE International Symposium on On-Line Testing and Robust System Design, IOLTS 2025 Ischia (ITA) 07-09 July 2025) [10.1109/iolts65288.2025.11116886].

CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN Bus

Oberti, Franco;Di Carlo, Stefano;Savino, Alessandro
2025

Abstract

The Controller Area Network (CAN) protocol, essential for automotive embedded systems, lacks inherent security features, making it vulnerable to cyber threats, especially with the rise of autonomous vehicles. Traditional security measures offer limited protection, such as payload encryption and message authentication. This paper presents a novel Intrusion Detection System (IDS) designed for the CAN environment, utilizing Hardware Performance Counters (HPCs) to detect anomalies indicative of cyber attacks. A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks, which trigger distinct HPC responses. Key HPC features are optimized through data extraction and correlation analysis to enhance classification efficiency. Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
2025
979-8-3315-3334-2
979-8-3315-3335-9
4.1 Contributo in Atti di convegno
File in questo prodotto:
File Dimensione Formato  
Paper___IOLTS_2025___CANDoSA.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 895.76 kB
Formato Adobe PDF
Visualizza/Apri
895.76 kB Adobe PDF Visualizza/Apri
CANDoSA_A_Hardware_Performance_Counter-Based_Intrusion_Detection_System_for_DoS_Attacks_on_Automotive_CAN_Bus.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 907.44 kB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
907.44 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3006131