In a paper they plan to present at the Usenix security conference next month, University of Michigan researchers Kyong-Tak Cho and Kang Shin describe an easy-to-assemble tool they call the Clock-based Intrusion Detection System, or CIDS. It’s designed to spot the malicious messages car hackers use to take control of vehicle components like brakes and transmission. The CIDS prototype uses a new technique to spot attack messages: It records the communications on a car’s internal network known as a CAN bus and—in just seconds—creates “fingerprints” for every digital component of a vehicle, the so-called Electronic Control Units or ECUs that allow everything from brakes to windshield wipers to communicate.
To perform that fingerprinting, they use a weird characteristic of all computers: tiny timing errors known as “clock skew.” Taking advantage of the fact that those errors are different in every computer—including every computer inside a car—the researchers were able to assign a fingerprint to each ECU based on its specific clock skew. The CIDS’ device then uses those fingerprints to differentiate between the ECUs, and to spot when one ECU impersonates another, like when a hacker corrupts the vehicle’s radio system to spoof messages that are meant to come from a brake pedal or steering system.
That sort of impersonation is key to how white hat hackers previously managed to remotely mess with vehicles’ brakes, transmission and steering systems.
https://www.wired.com/2016/07/clever-tool-shields-car-hacks-watching-internal-clocks/
This seems really clever, leveraging the reality of disparities between the time on different components in a car. It seems as if the clock skew method as been around for quite a long time, but what really is interesting to me is that these researches built a proof-of-concept with an Arduino board! Those things are super cheap and can do a lot of computing. I’m curious to see what kind of product can come out of this. It could probably be made relatively cheaply since a proof of concept cost only the price of the Arduino and the time to load fingerprinting software onto it.
Wow thats a great tool to have! Would definitely check it out.