RIDAS - Real-Time Identification of Attack Sources on Controller Area Networks

Explore a cutting-edge research presentation on RIDAS (Real-time Identification of Attack Sources), a novel method for identifying cyber attack sources on Controller Area Networks (CAN) in vehicles. Delve into the challenges of existing attack source identification technologies and discover how RIDAS overcomes limitations such as environmental sensitivity and vulnerability to identification-aware attackers. Learn about the innovative approach of injecting bit errors into abnormal messages and utilizing CAN's error handling rules to pinpoint attack sources in real-time. Examine the method's effectiveness in dealing with false positives and RIDAS-aware attackers, and review experimental results from both a CAN bus prototype and a real vehicle. Gain insights into this essential technology for developing robust cyber attack response strategies, including node isolation, security patching, and digital forensics in automotive cybersecurity.

USENIX Security '23 - RIDAS: Real-time identification of attack sources on controller area networks