智能网联汽车的安全威胁研究

荀毅杰; 刘家佳; 赵静

doi:10.11959/j.issn.2096-3750.2019.00134

您当前的位置：

首页 >

文章列表页 >

智能网联汽车的安全威胁研究

理论与技术 | 更新时间：2024-06-05

- 智能网联汽车的安全威胁研究
- Research on security threat of intelligent connected vehicle
- 物联网学报 2019年3卷第4期页码：72-81
- 作者机构：
  
  1. 西安电子科技大学网络与信息安全学院，陕西西安 710071
  2. 西北工业大学网络空间安全学院，陕西西安 710072
- 作者简介：
  
  [ "荀毅杰（1994- ），男，山西晋中人，西安电子科技大学博士生，主要研究方向为智能网联汽车安全和机器学习" ]
  [ "刘家佳（1984- ），男，湖北荆州人，西北工业大学网络安全学院教授、副院长，主要研究方向为无线移动通信、Wi-Fi 和物联网等" ]
  [ "赵静（1996- ），女，贵州遵义人，西安电子科技大学硕士生，主要研究方向为智能网联汽车安全" ]
- 基金信息：
  
  国家自然科学基金资助项目;The National Natural Science Foundation of China(61771374);国家自然科学基金资助项目;The National Natural Science Foundation of China(61771373);国家自然科学基金资助项目;The National Natural Science Foundation of China(61801360);国家自然科学基金资助项目;The National Natural Science Foundation of China(61601357);中央高校基本科研业务费资助项目;The Fundamental Research Fund for the Central Universities(3102019PY005);中央高校基本科研业务费资助项目;The Fundamental Research Fund for the Central Universities(JB181506);中央高校基本科研业务费资助项目;The Fundamental Research Fund for the Central Universities(JB181507);中央高校基本科研业务费资助项目;The Fundamental Research Fund for the Central Universities(JB181508);中国“111计划”资助项目;111 Program Subsidized Projects of China(B16037)
- DOI：10.11959/j.issn.2096-3750.2019.00134
  中图分类号： TP393
- 纸质出版日期：2019-12-30，
  
  网络出版日期：2019-09，
- 稿件说明：
移动端阅览
荀毅杰, 刘家佳, 赵静. 智能网联汽车的安全威胁研究[J]. 物联网学报, 2019,3(4):72-81.

YIJIE XUN, JIAJIA LIU, JING ZHAO. Research on security threat of intelligent connected vehicle. [J]. Chinese journal on internet of things, 2019, 3(4): 72-81.
荀毅杰, 刘家佳, 赵静. 智能网联汽车的安全威胁研究[J]. 物联网学报, 2019,3(4):72-81. DOI： 10.11959/j.issn.2096-3750.2019.00134.

YIJIE XUN, JIAJIA LIU, JING ZHAO. Research on security threat of intelligent connected vehicle. [J]. Chinese journal on internet of things, 2019, 3(4): 72-81. DOI： 10.11959/j.issn.2096-3750.2019.00134.

摘要

智能网联汽车正成为未来汽车行业的主流，而汽车安全问题也逐渐成为汽车工业中不可忽视的难题。详细分析了智能网联汽车中存在威胁的攻击面，总结了一些具有代表性的攻击方法。在此基础上，讨论了一个利用控制器局域网络总线和汽车远程服务提供商漏洞对纳智捷U5汽车进行攻击的实际案例。实验结果表明，智能网联汽车中存在很多可以被利用的攻击面。最后，针对智能网联汽车中存在的威胁提出了一些可行的防御措施。

Abstract

Intelligent connected vehicle (ICV) is becoming the mainstream of automotive industry in the future

and automobile safety has gradually become a problem that cannot be ignored in the automotive industry.The threat attack surfaces in ICV were analyzed in detail

and some representative attack methods were summarized.On this basis

a practical case of using the vulnerabilities of controller area network bus and telematics service provider to attack the Luxgen U5 car was discussed.The experimental results show that there are many attack surfaces that can be used in ICV.Finally

some feasible defensive measures against the threats in ICV were put forward.

关键词

智能网联汽车远程服务提供商控制器局域网络总线电子控制单元安全威胁

Keywords

intelligent connected vehicletelematics service providercontroller area network buselectronic control unitsecurity threat

references

XUN Y J, LIU J J, NING J ,et al. An experimental study towards the in-vehicle network of intelligent and connected vehicles[C]// 2018 IEEE Global Communications Conference. IEEE, 2018.

XUN Y J, SUN Y Y, LIU J J . An experimental study towards driver identification for intelligent and connected vehicles[C]// 2019 IEEE International Conference on Communications. IEEE, 2019.

LIU J J, ZHANG S B, SUN W ,et al. In-vehicle network attacks and countermeasures:challenges and future directions[J]. IEEE Network, 2017,31(5): 50-58.

ENEV M, TAKAKUWA A, KOSCHER K ,et al. Automobile driver fingerprinting[J]. Proceedings on Privacy Enhancing Technologies, 2016(1): 34-50.

NIE S, LIU L, DU Y . How we remotely compromised the gateway,BCM,and autopilot ECUS of tesla cars[C]// 2017 Black Hat. 2017.

ZENG K C, LIU S, SHU Y ,et al. All your GPS are belong to us:towards stealthy manipulation of road navigation systems[C]// 27th USENIX Security Symposium. 2018: 1527-1544.

MILLER C, VALASEK C . Remote exploitation of an unaltered passenger vehicle[C]// Defcon, 2015: 1-91.

BOSCH R . CAN Specification Version 20[S] 1991.

程军, 崔继波, 苟凯英 . 车辆控制系统CAN总线通信的实施方法[J]. 汽车工程, 2003(5): 300-305.

CHENG J, CUI J B, GOU K Y . Implementation method of CAN bus communication in vehicle control system[J]. Automobile Engineering, 2003,(5): 300-305.

LI Y S, LUO Q, LIU J J ,et al. TSP security in intelligent and connected vehicles:challenges and solutions[J]. IEEE Wireless Communications, 2019,26(3).

CHECKOWAT S, MCCOY D, KANTOR B ,et al. Comprehensive experimental analyses of automotive attack surfaces[C]// USENIX Security Symposium. 20114: 447-462.

NIE S, LIU L, DU Y . Free-fall:hacking Tesla from wireless to can bus[C]// 2017 Black Hat. 2017: 1-16.

CHENG Q A, YIN Y, FENG Y ,et al. Exposing congestion attack on emerging connected vehicle based traffic signal control[C]// 2018 Network and Distributed Systems Security (NDSS) Symposium. 2018.

LUO Q, CAO Y, LIU J ,et al. Localization and navigation in autonomous driving:threats and countermeasures[J]. IEEE Wireless Communications, 2019,26(4): 38-45.

BENADJILA R, RENARD M, LOPES-ESTEVES J ，et al. One car,two frames:attacks on Hitag-2 remote keyless entry systems revisited[C]// 11th USENIX Workshop on Offensive Technologies (WOOT 17). 2017.

GARCIA F D, OSWALD D, KASPER T ,et al. Lock it and still lose iton the (in)security of automotive remote keyless entry systems[C]// 25th USENIX Security Symposium (USENIX Security 16). 2016.

ISHTIAQ ROUFA R M, MUSTAFAA H, TRAVIS TAVLORA S O ,et al. Security and privacy vulnerabilities of in-car wireless networks:a tire pressure monitoring system case study[C]// 19th USENIX Security Symposium. 2010: 11-13.

SOMANI G, GAUR M S, SANGHI D ,et al. DDoS attacks in cloud computing:issues,taxonomy,and future directions[J]. Computer Communications, 2017,107: 30-48.

RISTENPART T, TROMER E, SHACHAM H ,et al. Hey,you,get off of my cloud:exploring information leakage in third-party compute clouds[C]// Proceedings of the 16th ACM conference on Computer and Communications Security. ACM, 2009: 199-212.

GEORGIEV M, IYENGAR S, JANA S ,et al. The most dangerous code in the world:validating SSL certificates in non-browser software[C]// Proceedings of the 2012 ACM conference on Computer and Communications Security. ACM, 2012: 38-49.

LIANG X, SHETTY S, ZHANG L ,et al. Man in the cloud (MITC) defender:SGX-based user credential protection for synchronization applications in cloud computing platform[C]// 2017 IEEE 10th International Conference on Cloud Computing(CLOUD). IEEE, 2017: 302-309.

GARIP M T, GURSOY M E, REIHER P ,et al. Congestion attacks to autonomous cars using vehicular botnets[C]// NDSS Workshop on Security of Emerging Networking Technologies (SENT). 2015.

张德干, 赵彭真, 高瑾馨 ,等. 面向车联网的智能数据传输新方法[J]. 物联网学报, 2019,3(2): 89-99.

ZHANG D G, ZHAO P Z, GAO J X ,et al. A new intelligent data transmission method for intelligent and connected vehicles[J]. Chinese Journal on Internet of Things, 2019,3(2): 89-99.

余辰, 张丽娟, 金海 . 大数据驱动的智能交通系统研究进展与趋势[J]. 物联网学报, 2018,2(1): 56-63.

YU C, ZHANG L J, JIN H . Research progress and trend of intelligent transportation system driven by big data[J]. Chinese Journal on Internet of Things, 2018,2(1): 56-63.

浏览量

1619

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

暂无数据