A Survey of Remote Automotive Attack Surfaces

Explore a comprehensive survey of remote automotive attack surfaces in this 58-minute Black Hat conference talk by Charlie Miller and Chris Valasek. Delve into the security vulnerabilities of modern vehicles, examining potential remote attacks that could enable eavesdropping, manipulate steering, or disable brakes. Analyze automotive networks across various manufacturers to compare security levels, track changes over time, and anticipate future trends. Investigate specific cyber-physical systems, including distance control, adaptive front lighting, and self-parking features. Gain insights into remote compromise methods, CAN injection, and various attack vectors such as Bluetooth and internet-connected apps. Evaluate security measures for different car models, including Audi, Honda, Infiniti, Jeep, Dodge, Chrysler, and Range Rover. Learn strategies for detecting and preventing automotive cyber attacks, and understand the implications for future vehicle security.

Introduction
Remote Compromise
CAN Injection
Remote Attack Surface
Bluetooth
Radio Data System
Internet / Apps
Cyber Physical: 050 Distance Control
Cyber Physical: 050 Adaptive Front Lighting
Cyber Physical: 050 Intelligent Cruise Control
Cyber Physical: 050 Active Lane Control
Cyber Physical: Cherokee Self Parking
Collision prevention
Goals
The internet is hard, let's go shopping
Legend
Audi A8 (2014)
Honda Accord LX (2014)
Infiniti Q50 (2014)
Infiniti G37 (2010)
Jeep Cherokee (2014)
Dodge Ram 3500 (2014)
Chrysler 300 (2014)
Dodge Viper (2014)
Range Rover Sport (2006)
Analysis
Learn, Detect, Prevent
Conclusions