• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackey

CLEVER TOOL SHIELDS YOUR CAR FROM HACKS BY WATCHING ITS INTERNAL CLOCKS

October 17, 2018 by Raaghav Sharma 2 Comments

In a paper they plan to present at the Usenix security conference next month, University of Michigan researchers Kyong-Tak Cho and Kang Shin describe an easy-to-assemble tool they call the Clock-based Intrusion Detection System, or CIDS. It’s designed to spot the malicious messages car hackers use to take control of vehicle components like brakes and transmission. The CIDS prototype uses a new technique to spot attack messages: It records the communications on a car’s internal network known as a CAN bus and—in just seconds—creates “fingerprints” for every digital component of a vehicle, the so-called Electronic Control Units or ECUs that allow everything from brakes to windshield wipers to communicate.

To perform that fingerprinting, they use a weird characteristic of all computers: tiny timing errors known as “clock skew.” Taking advantage of the fact that those errors are different in every computer—including every computer inside a car—the researchers were able to assign a fingerprint to each ECU based on its specific clock skew. The CIDS’ device then uses those fingerprints to differentiate between the ECUs, and to spot when one ECU impersonates another, like when a hacker corrupts the vehicle’s radio system to spoof messages that are meant to come from a brake pedal or steering system.

That sort of impersonation is key to how white hat hackers previously managed to remotely mess with vehicles’ brakes, transmission and steering systems.

 

https://www.wired.com/2016/07/clever-tool-shields-car-hacks-watching-internal-clocks/

Filed Under: Week 07: NetCat and HellCat Tagged With:

Reader Interactions

Comments

  1. Connor Fairman says

    October 17, 2018 at 3:25 pm

    This seems really clever, leveraging the reality of disparities between the time on different components in a car. It seems as if the clock skew method as been around for quite a long time, but what really is interesting to me is that these researches built a proof-of-concept with an Arduino board! Those things are super cheap and can do a lot of computing. I’m curious to see what kind of product can come out of this. It could probably be made relatively cheaply since a proof of concept cost only the price of the Arduino and the time to load fingerprinting software onto it.

    Log in to Reply
  2. Nishit Darade says

    December 16, 2018 at 8:48 pm

    Wow thats a great tool to have! Would definitely check it out.

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Uncategorized (14)
  • Week 01: Overview (7)
  • Week 02: TCP/IP and Network Architecture (18)
  • Week 03: Reconnaisance (17)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (17)
  • Week 06: Sniffers (17)
  • Week 07: NetCat and HellCat (15)
  • Week 08: Social Engineering, Encoding and Encryption (21)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (17)
  • Week 11: SQL Injection (15)
  • Week 12: Web Services (25)
  • Week 13: Evasion Techniques (8)
  • Week 14: Review of all topics (15)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in