Πλοήγηση ανά Συγγραφέας "Kypraios, Eleftherios"

Τώρα δείχνει 1 - 1 of 1
  • Μικρογραφία εικόνας
    Τεκμήριο
    Security solutions for denial of service attacks in smart vehicles.
    (ΕΛ.ΜΕ.ΠΑ., ΣΧΟΛΗ ΜΗΧΑΝΙΚΩΝ (ΣΜΗΧ), Τμήμα Ηλεκτρολόγων Μηχανικών και Μηχανικών Υπολογιστών, 2022-07-06) Kypraios, Eleftherios; Κυπραίος, Ελευθέριος
    In this thesis, we have developed an open distributed embedded platform prototype that targets traffic monitoring across multiple CAN networks. This ecosystem interconnects multiple Raspberry Pi or AVR devices (e.g., RPI1, RPI2) to an Odroid XU3 device which serves as a gateway node. CAN interconnection is based a) for Raspberry Pi, on Industrial Berry’s CANberry Dual V2.1 device, and b) for Odroid XU3, on two (incoming/outgoing) USB-to-CAN interfaces using Scantool OBD Development Kit. Incoming and outgoing CAN interfaces at the gateway are controlled by different threads. Our embedded software toolchain uses a) for RPI, Linux CAN-utils tools, and b) for Odroid XU3, an extended serial terminal that uses multithreaded code to handle incoming/outgoing connections; configuration and CAN message send/receive functions use appropriate USB-to-serial STN2120's ELM327 AT, and ST commands. During normal operation, RPI2 (CAN2) carries actual engine traffic (based on an actual Korean car dataset [37]), while at the same time RPI1 packet requests related to dashboard display (e.g. engine speed, RPM, temperature etc) departing from RPI1 (CAN1), are received via the Gateway by RPI2 (CAN2), and answered back to RPI1 (making a round trip). In our threat model, we consider a denial-of-service (DoS) from CAN1 and examine different metrics that can be used to detect the attack. At gateway-level, we can detect the DoS attack by using metrics and setting appropriate thresholds related to the Cortex-A15 energy consumption (available from integrated INA231 sensors), and four temperature gradients on the same chipset (available from integrated sensors). In addition, we are able to monitor variations of round-trip time (RTT) by monitoring the sequences of packets that originate from RPI, flow to RPI2 via Odroid XU3 and return back to RPI, in a ping-pong pattern. Our results show tradeoffs in the accuracy and effectiveness of the proposed metrics in detecting actual attacks. Accurate prediction of an attack results in shutting down, throttling down, or sleeping the appropriate outgoing interface, thus safeguarding the engine ECUs.