I Simulated Hacking a Car. Then I Tried to Defend It. Here's What Broke!

So today I'm here to talk about hacking a car like not not real car though and how you can do the simulation to find like what actually we can exploit in terms of how dangerous it is. So it's going to be bit interesting one. Now just a quick introduction about me. I come from a web application security background. I'm a penetration tester and I have four plus years of experience. I'm a recent graduate from the University of Warik. I got three recent published CVs now and yeah just bit background about me. Now imagine your car brakes stop responding. How fun it would be, right? You're on a way to conference today and you're driving a car and when you're trying to

hit your brake, it's not working. It is not just because of any mechanical fault or it's neither an accident but the security system protecting your car. It is drawing out of the signal. What actually happening here? What I'm trying to tell is in the car we'll be having a lot of operations going through and when the network trying to interact with each other and it won't be able to process the command that it needs to be done. So if the command let's say you're going to hit a break and the command is not reaching the signal and that's where the security is going to fail over here. Why it is happening? We have the canvas. So the canis

controller area network. This is something interesting in an internal part of a car. So you have a smartphone, right? So you have multiple applications. Let's say like you use Gmail and you use WhatsApp and you use a call. Every application has its own purpose. Now in the can sorry in the car we have the same like we have multiple components you have a engine you have a brake and you have a steering and you have an infotainment. So all these has small small components collectively called as ECU. They all need to talk to each other. So whenever you are trying to do some operations in the car, let's say you want to hit a brake and you want to

accelerate and you want to use your infotainment, you're doing everything at the same time. The car has to process what the driver instructions or like what is the instructions that you're giving the signal. Right? Now this is car nervous system. So this is where it going to decide like what the user is trying to do. He's asking me to accelerate or he's trying to hit a brake or he's increasing his speed etc. Right now all these modern cars we have like 50 to 100 plus ECUs like these are like approximate numbers on one bus like we have multiple bus architecture involved in the CAN automotive system. Let's say you're going to interact with each other. One one example would be you

have a walkie-talkie and you don't know who is communicating with you unless until they are initiating a conversation. Hey, this is alpha speaking. G, receive, right? But you will be able to figure it out that someone is trying to communicate and you will receive the information. Unless until they say who, you won't be able to identify what exactly the information that you are getting. The same concept here whereas it involves internally inside the automotive which is the canvas and we have like multiple ECUs you can call as engine, brakes, steering and infotainment. The example which I said like you can imagine your smartphone like how it has many applications. Okay. Uh what is the problem here? Now

these early protocols which is these is uh these are developed in 1980s. These are mainly developed for speed and reliability not meant for security. Why exactly we have this problem is there is no encryption or authentication in the base protocol. What you can do then? So that's where the simulation comes. You can start manipulating the messages. You can start manipulating the instructions that you're going to give to your ECU. We saw what the ECU structure look like. The canvas. Now you're going to hit break but the canvas is not reaching its signal. What's going to happen? The system is going to face the problem and that's where the failure is happening. Now we have a concept

any node that can transmit the ECU is going to trust each other. The infotainment going to trust brake mechanism. The brake mechanism going to trust accelerator. Right? So these are internally connected and all these messages are trusted by default. So there are no verification mechanism between each other. But you can ask me like okay if there are no verification mechanism then is it something serious issue? Yes it is but we do have a concept called secure onboard communication which is recently being used by all the OEMs and automotive industry. What this will do is this going to add a message authentication code. With the help of this message authentication code, you can interact with the ECU and

this going to verify what exactly the operation the canvas is receiving. Imagine you are hitting a break command and it gets uh manipulated in terms of it's an accelerator and it's going to be a trouble, right? So it going to verify what exactly the mechanism that you are trying to initiate and it's going to add you can take another example as digital signature. So it going to add who is the sender and the receiver should be able to verify okay this is the person trying to send this message and in my end I have to verify this right now most of these vehicles still rely on the legacy can architecture. So we have millions and millions of cars on road that is

designed and uh in the market from 2015 to 20120 between that area like 2010 to 2020 you can call like millions and millions of car. So those vehicles these are mainly rely on the legacy can architecture and the industry is not ready to adopt the secosi. Why? So all those costs that is on the road now it is highly impossible to give a uh updated secosi communication to the existing vehicles. But few OEMs they are into consideration about how they can integrate into their design and they can take it forward. So the key takeaway here is in the canvas the legacy architectures the security was never part of the original design. So it's meant to be communicated for the speed

and reliability. When you're driving a car, you might have noticed you're going to perform lots and lots of operation. You're going to drive for like 100 miles and in that 100 miles, you're going to take a left turn, right turn, you're going to accelerate and you're going to slow down and you will hit brake. So all these are complicated operations for the architecture automotive architecture the canvas to understand what the user is trying to initiate it and it has to work in such a way that if you are trying to hit a break it should function within a microsconds and it should work if it's not it's going to be in trouble. So what will happen if anything can be

compromised? The milliseconds are very much important over here and you have a legacy internet like back in 2005s and 2010s it will take like 5 minutes or 10 minutes for a song to get download and we have a uh the canvas this is approximate speed. It is eight times faster than the old DSL. But if you ask me this would be enough. No, it is not. Why? Let me tell. Nowadays we have a modern broadband internet connection. You can download GBs of data within like a minute, right? So we have that much speed capability. Now CAN is designed to be made by speed and but for a car operating that 2 in milliseconds it's very tight because I

said like you'll be doing multiple operations together at the same time. Now what will happen? A new CAN message arrives every 125 microsconds. You can't keep accelerating your car and you have to hit brake sometimes and you have to uh operate your infotainment and you have to use your left turn and right turn indicators. You'll be uh doing lots and lots of operations right when you are driving. So all those messages it is happening within a seconds and on top of it that should not be any overhead like such as you'll be having a encryption detection mechanisms and it has to process along. Now these in a system with 125 microcond window 3 milliseconds doesn't just slow

the things down. It can seriously stop safety critical commands from arriving at all. So when you hit a break and the ECU is not getting that command which means you're in a very serious risk. So what I did, this is where things get interesting. I have generated five attack types using instrument cluster simulator. We have a dedicated open-source project which is IC SIM. You can take a note like ICIM. It is available on the GitHub and you can simulate it as well. So I've generated five attack types for a virtual canvas to see how I can manipulate these attacks, manipulate the ECU, manipulate the canvas architecture. So what I did is because there is no authentication.

So that that that is why this uh this is my MSE research project and I wanted to make sure that I'm doing something that can be implemented uh in the industry as well. So but uh no cars are harmed because it's a simulated environment and uh it cannot be done without any funded project or research project as such. So there are two different categories over here. One is loud. So I've generated like five attacks as I said five attack types. One is denail of service. So you know what dos is like it going to hit the bus with garbage frames like I'm going to keep sending multiple request within a matter of time and it

going to affect the canvas and my ID is it going to detect loud okay volume of requests are coming it has to be blocked so that's one of the loud mechanism I mean one of the loud attack type and first thing you send a random message by malforming some of the CAN frames. So that going to also classified under loud and what can be quiet attacks like you do something someone is not noticing that you're sneaking into a hall and no one is noticing that right so those type of attacks are quiet attacks one is poofing you're going to impersonate as another ECU when you hit break again like um you're going to impersonate as

it has accelerator come on that's a serious operation to perform But it will look real because that's why you're going to do the spoofing. Like you might have seen all those fishing emails. It will look like a perfect real mail coming from a recruiter or real mail coming from a employee working in the company but it's a spoof the content. And the replay attacks you can capture and send a real message and stealth injection. You can inject capture the request and you need for doing these type of attacks you need to understand the canvas architecture and mechanisms and packet capture the network how it uh integrates and uh interacts with the canvas. So these injection it will look

like a normal but it is again a serious issue. I'll just quickly show a demo not taking much time.

Well, hope you can see now. Let's quickly launch it. So, this is the opensource simulation which I said you have a live speedometer and also the controller. This looks like a joystick PS4. Now I'll try to control this by giving accelerating. If you can see I'm just pressing the up arrow and the accelerator is rising. And you can left turn this is right turn. We have these basic commands. Now I'll just get into the quick attack part. So oops

yeah can dump one of the mechanism inside this to we can zero is a network that I'm operating this IC simulation now this going to capture all the frames that's going to have the communication over here. Now I'm trying to do the DOS attack with which you can be able to see how these uh critical operations can be manipulated. Let's see this is so what this is can genen is a random can generator for the network which I'm in and I'm manipulating the speed and the direction and if you closely observe the car doors are also opening closing opening closing right so I'm sending multiple request so this particular command which is - Z0 there are no

frames involved till I stop it going to keep uh capturing the request and it going to keep generating a log so this is a part of DOS mechanism I mean DOSS attack which I did so we'll get out of the demo part quickly and this is how all five attacks are generated with large volume of data When you try to classify your approach, you need a large volume of data set, right? All these attacks are simulated in ICM environment with five different attack types. Again, every attack type has its own data set and volumes. Now my mechanism, the approach which I followed is three. One is rule based which got all the loud ones which is we saw what

are all the loud ones dos and replay detector stealth and spoofing it got slipped through so that is why like when there is a flaw I want to make sure I'm working on any other approach as well so that's why my alternative approach which is machine learning only the interesting part in machine learning is it flanked too much it's better quite attacks but 7% percentage of false positives on the legitimate traffic out of 100 commands that you're going to give to ECU seven are real commands that it needs to get involved. So if those legitimate traffics are gets filtered out then again it's a crucial operation. So it needs to get flagged right okay what if we can do the hybrid approach so

that is where the solution comes it's a best of both the rules it handles the obvious the loud attacks and the ML handles the subtle attacks the quiet ones so this is the only approach that I can think of now so this is a number stats when the rule based shows 90%age accuracy FPR is a false positive rate and we have 5 percentage age for rule based and the latency is 0.5 milliseconds and you know the verdict already so this is just a proof of that you can ask like the ML and hybrid it has both 98.7 percentage as accuracy now how am I differentiating us with the help of false positive rate false positive rate is where you need to be

very concerned about rather than your accuracy because those seven percentage of your legimate traffic it should not get filtered out when the real user is performing operations. So that's the best overall balance. So here I have added the data set as a note. Everything is generated in a simulated environment. So the CAN frames which I generated for all those five attacks or 20.6 million labeled frames. I've classified everything under those five attacks out of which I would say like 60%age of the attacks are DOSs because that's where most dominant results are coming in and I want to make sure I'm doing a mixed approach so I can get a better false positive rate because my goal is to get

a better false positive rate not a good accuracy. So this is the key takeaway. A false positive is not just a noise. It can, you know, silence a break command. In IT security, a false positive can be um very boring. Like when you try to find a vulnerability and when you get to know it's a false positive, you'll be disappointed, right? Whereas over here it is very crucial. It has to be addressed. It can literally silence a break command or vice versa. uh when when you try to accelerate and instead of that you're going to hit a break command. Now the bigger picture has a key takeaway for defenders and the industry people and beyond CS we are dealing lot

of critical infrastructure in our day-to-day environment. Accuracy is a wrong metric in this case not for any other simulation or in general false positive rate matters more maybe whenever you're trying to do any other projects you can go with lots and lots of algorithm out there uh when you try to use machine learning or we have um lots and lots of algorithms but you have to see what is your objective and outcome of your project is and for the industry as I said the rules are for obvious threats and I want to get a better hybrid model. And one thing to clarify is my model it not going to prevent any of the attacks. It just

going to detect and it going to stop and it going to give you a better rule or suggestions so that you can try implementing it on a real time based systems. Other OT systems may also face similar tradeoffs but the implementation methodologies may be different whereas the procedural can be same. Why this matters? Today we have UNICE or 155 and some other laws that it from 202021 it has been mandate for all the OEMs to have a very strict laws in terms of connected vehicles. When you ship a connected car now in 2026, it's already vulnerable as in like it can be manipulated. When you ship an autonomous car in 2026, all those driverless cars, it it's very

fascinating, right? Imagine there is no one, no driver to pick you up. You're just going to book a car and it going to come and it going to take you. That vulnerability if it can be exploited, it can kill someone. Any accident can happen. So those are crucial commands. This research demonstrates how to prevent that. Whereas maybe this is the time to implement. Thank you. The car survived finally everything did in a simulated environment. So you can find me on LinkedIn Rakkesh Alamaran and that's my website as well. So this is one such project which I learned personally lot of things when I was working in my dissertation. I come from a web application security

background but I wanted to make sure I'm experimenting something new when you are in a UK where the automotive hub and uh everything is yeah thank you so much open for questions.

So yeah thank you for that. Um so the the canvas is is a an integral to an ECU which essentially runs a rate monotonic system um which assures that the way in which you build the software is safety critical by design and there are many many tens of years of work behind that product development and deployment. So the car industry doesn't want to change any of that stuff and they don't want to touch it. So my understanding of the approach that they're taking is an isolation model um and they're using virtual machines inside uh or at the point of the ECU uh to translate from the control signals from you know the interruptbased nonsafe well pseudoafe uh radar and and video

systems um to provide stimulus that goes into the ECU that may go through the CAM bus to the control systems. So in effect with that privilege escalation minimization and complete isolation, why do we need to fix the lack of security in the CAM bus if it's no longer an accessible part of the car? >> Okay, so that's an interesting question because when you try to uh do privilege escalation or manipulate any other sort of operations, it can be crucial to the en environment that you are in. Like let's say you're trying to perform something and irrespective of what you're trying to perform if it gets something irrelevant and it's trying to execute something as that not meant to

be executed. So that is why that is a secure onboard communication we have. So with the help of that you can add a message authentication confirmation with which like you can able to verify it before you're going to u manipulate anything or like kind of thing that can't be implemented on the existing course uh which is around the market now right did I answer your question okay okay got Yeah.

>> Yeah.

>> Uh I'm not getting that. >> Yeah. Yeah.

Yes. >> Yes. >> Yep.

>> Okay. >> Okay. So you're basically asking like in cars how effective the security can be.

Okay. Yes. Got it. >> Okay. Yeah. So it Yeah, I got it. So it need not to be interconnected to the digital world because like when whenever you are trying to use your infotainment system that's where you will be using your internet and we have a concept called ODA over the air update let's say you you need to push something to your infotainment or push something to your ECU you have to do with that mechanism and that's where you'll be using a realtime data transfer unless until uh if you just want to download application you can just go to your infotainment and then you can just download Right. But uh it can be manipulated as well with the

help of some real-time operations. There are there are few case studies available as well like how uh the infotainment can be hacked with the help of u capturing the you know replay attacks and some other different types of attacks with which you can control the entire automotive uh mechanism involved like your good case study would be Tesla car hack that involved taking control over from the infotainment system. A researcher has breached to that and Tesla awarded a crazy money for that to make sure they are uh fixing that flaw and the researcher has to get what he deserved for this research.