Skip to content
/ CANBusAttackGenerator Public

Code used to generate Impersonation, Fuzzing, Replay, Denial-of-Service (DOS), and Frame-Drop attacks

License

GPL-3.0 license
8 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Tompnyx/CANBusAttackGenerator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
include
include
 
 
lib
lib
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
CMakeListsUser.txt
CMakeListsUser.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
platformio.ini
platformio.ini
 
 

Repository files navigation

CANBusAttackGenerator

General Information and Acknowledgements

The following project has been created to perform attacks on a CAN bus, typical of those present in a vehicle. These attacks include:

  • Impersonation,
  • Fuzzing,
  • Replay,
  • Denial-of-Service (DOS), and
  • Frame-Drop attacks.

Inspiration to format the outputted messages is taken from HCRL's work on their CAN Dataset for intrusion detection (OTIDS). It is formatted in the following way:

[If the message was Sent/Received]: Timestamp:  [Time since initialised in milliseconds]    ID: [Arbitration or CAN ID] DLC:    [Length of the data package sent]   [The data package sent]

How to run

The code in this project was developed to run on the Arduino Uno Rev3 and the CAN-BUS Shield V2.0 (which runs on the MCP2515 Chip), but any Arduino and CAN-BUS shield that supports the required libraries should work too.

The libraries used in this project include:

To run on your Arduino, make sure you have set the:

  • baud,
  • SPI_CS pin, and
  • CAN_INT pin.

To perform the different functionality of the program, five different operational modes have been created. These modes are named after the attacks they perform, and can be switched between via setting the op parameter to the different names.

  • Impersonation creates a CAN message crafted around an Electronic Control Unit (ECU) to send periodically (This CAN message needs to be hard coded in the impersonation() function)
  • Fuzzing generates a random CAN message to send periodically
  • Replay periodically listens to the CAN bus until a message is received, then resends that message a set number of times (Determined by the numRepeat variable located in the replay() function)
  • DoS periodically sends an empty CAN message with a high arbitration value (low CAN ID number)
  • FrameDrop injects a message simultaneously with another ECU, exploiting a vulnerability in the arbitration phase of the CAN protocol

Note that the DoS and FrameDrop modes are partially implemented as of now. More information can be found in the ITU-T's Guidelines for an intrusion detection system for in-vehicle networks.

Development Environment

The IDE CLion was used with the plugins PlatformIO for CLion and Serial Port Monitor.

About

Code used to generate Impersonation, Fuzzing, Replay, Denial-of-Service (DOS), and Frame-Drop attacks

Topics

arduino can-bus can-bus-security

Resources

Readme

License

GPL-3.0 license
Activity

Stars

8 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

v1.0 Latest
Oct 2, 2022

Packages

No packages published

Languages