A Survey of Remote Automotive Attack Surfaces
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a comprehensive survey of remote automotive attack surfaces in this 58-minute Black Hat conference talk by Charlie Miller and Chris Valasek. Delve into the security vulnerabilities of modern vehicles, examining potential remote attacks that could enable eavesdropping, manipulate steering, or disable brakes. Analyze automotive networks across various manufacturers to compare security levels, track changes over time, and anticipate future trends. Investigate specific cyber-physical systems, including distance control, adaptive front lighting, and self-parking features. Gain insights into remote compromise methods, CAN injection, and various attack vectors such as Bluetooth and internet-connected apps. Evaluate security measures for different car models, including Audi, Honda, Infiniti, Jeep, Dodge, Chrysler, and Range Rover. Learn strategies for detecting and preventing automotive cyber attacks, and understand the implications for future vehicle security.
Syllabus
Introduction
Remote Compromise
CAN Injection
Remote Attack Surface
Bluetooth
Radio Data System
Internet / Apps
Cyber Physical: 050 Distance Control
Cyber Physical: 050 Adaptive Front Lighting
Cyber Physical: 050 Intelligent Cruise Control
Cyber Physical: 050 Active Lane Control
Cyber Physical: Cherokee Self Parking
Collision prevention
Goals
The internet is hard, let's go shopping
Legend
Audi A8 (2014)
Honda Accord LX (2014)
Infiniti Q50 (2014)
Infiniti G37 (2010)
Jeep Cherokee (2014)
Dodge Ram 3500 (2014)
Chrysler 300 (2014)
Dodge Viper (2014)
Range Rover Sport (2006)
Analysis
Learn, Detect, Prevent
Conclusions
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube