| The Controller Area Network(CAN)is the core operating bus in the vehicle network and responsible for the communication between the various electronic control units in vehicle.CAN is based on bus topology,its structure is simple.By using CAN bus in vertical can reduce the complexity of the line and control the transmission cost.However,when designing CAN bus,the safety issues were not taken into consideration too much,so there may be a danger of malicious attacks invading the car,all messages transmitted on the bus have been transmitted in clear and there is no identity authentication mechanism,so there is no protection ability in the face of malicious attacks to invade the in-vehicle system,which may cause huge security risks.Nowadays,the concept of Internet of Everything is rapidly integrated with the automotive industry,the pursuit of networking and intelligence by modern vehicles has caused the vehicle network to interact frequently with external communication interfaces such as Bluetooth,USB,WIFI,3G / 4G and other modules.Meanwhile,with the development of emerging technologies such as 5G and autonomous driving,the vehicle network has become more open,which has also led to the expansion of the attack surface of attackers invading the vehicle network.Attackers can control the electronic control unit on the bus by remote intrusion,causing bad conditions such as brake failure,which cause the vehicle’s brakes out of control,and make life threat to the vehicle and people inside.Therefore,in order to improve the safety protection capability of the CAN bus,this paper conducts the following research from two perspectives: encryption authentication and intrusion detection:(1)A dynamic key generation algorithm—TTAuth is proposed.ECUs obtain their respective transient values when the car is started,the improved IEEE 802.15.6 master key distribution protocol algorithm is used to generate MK,and save the MK digest information encrypted with the transient value to participate in the next key generation.When the vehicle is turned off,all secret keys will be deleted,all of them will be regenerated at next time when the car is turned on,guaranteeing one secret at a time.Finally,analysis shows that the encryption and authentication mechanism can effectively reduce the complexity of key management and improve the security of the key.(2)An alarm gateway model for attack detection is proposed.By Modifying the software of the CAN bus gateway without adding additional authentication data.We judge whether the message is an illegal message by using the ID of the data frame、time of response to other ECUs’ request frames、The maximum and minimum values of the data and cycle of data generation sent by the ECU in the CAN bus protocol.Count and combined with the threshold range to determine whether it is Presence attack.CANoe simulation software was used to simulate the test and the experiment proves that the alarm gateway can effectively detect the intrusion in the bus transmission process and improve the bus transmission security. |
