Secure CAN logging and data analysis
| dc.contributor.author | Van, Duy, author | |
| dc.contributor.author | Daily, Jeremy, advisor | |
| dc.contributor.author | Simske, Steve, committee member | |
| dc.contributor.author | Papadopoulos, Christos, committee member | |
| dc.contributor.author | Hayne, Stephen, committee member | |
| dc.date.accessioned | 2021-01-11T11:20:18Z | |
| dc.date.available | 2021-01-11T11:20:18Z | |
| dc.date.issued | 2020 | |
| dc.description.abstract | Controller Area Network (CAN) communications are an essential element of modern vehicles, particularly heavy trucks. However, CAN protocols are vulnerable from a cybersecurity perspective in that they have no mechanism for authentication or authorization. Attacks on vehicle CAN systems present a risk to driver privacy and possibly driver safety. Therefore, developing new tools and techniques to detect cybersecurity threats within CAN networks is a critical research topic. A key component of this research is compiling a large database of representative CAN data from operational vehicles on the road. This database will be used to develop methods for detecting intrusions or other potential threats. In this paper, an open-source CAN logger was developed that used hardware and software following the industry security standards to securely log and transmit heavy vehicle CAN data. A hardware prototype demonstrated the ability to encrypt data at over 6 Megabits per second (Mbps) and successfully log all data at 100% bus load on a 1 Mbps baud CAN network in a laboratory setting. An AES-128 Cipher Block Chaining (CBC) encryption mode was chosen. A Hardware Security Module (HSM) was used to generate and securely store asymmetric key pairs for cryptographic communication with a third-party cloud database. It also implemented Elliptic-Curve Cryptography (ECC) algorithms to perform key exchange and sign the data for integrity verification. This solution ensures secure data collection and transmission because only encrypted data is ever stored or transmitted, and communication with the third-party cloud server uses shared, asymmetric secret keys as well as Transport Layer Security (TLS). | |
| dc.format.medium | born digital | |
| dc.format.medium | masters theses | |
| dc.identifier | Van_colostate_0053N_16358.pdf | |
| dc.identifier.uri | https://hdl.handle.net/10217/219549 | |
| dc.language | English | |
| dc.language.iso | eng | |
| dc.publisher | Colorado State University. Libraries | |
| dc.relation.ispartof | 2020- | |
| dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
| dc.subject | cybersecurity | |
| dc.subject | logging | |
| dc.subject | CAN | |
| dc.subject | secure | |
| dc.subject | heavy vehicle | |
| dc.title | Secure CAN logging and data analysis | |
| dc.type | Text | |
| dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
| thesis.degree.discipline | Systems Engineering | |
| thesis.degree.grantor | Colorado State University | |
| thesis.degree.level | Masters | |
| thesis.degree.name | Master of Science (M.S.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Van_colostate_0053N_16358.pdf
- Size:
- 11.75 MB
- Format:
- Adobe Portable Document Format