Error Handling

ZBCAN: A Zero-Byte CAN Defense System

We introduce a defense system that uses zero bytes of the automotive controller area network (CAN) frame to secure against the most common CAN attacks, including message injection, replay, fuzzing, impersonation, flooding, collision injection, bus-off, and network mapping attacks, without using message authentication codes.

Demo: Attacks on CAN Error Handling Mechanism

We discuss the security vulnerabilities of automotive controller area network (CAN) and present three attacks which exploit them.

Exposing new vulnerabilities of error handling mechanism in CAN

We discover three major vulnerabilities in the error handling mechanism of the automotive controller area network that could be exploited to launch a variety of attacks including a denial-of-service attack against benign electronic control units.