When CAN CANT
Offered By: 0xdade via YouTube
Course Description
Overview
Explore the intricacies of the Controller Area Network (CAN) bus and its vulnerabilities in this 47-minute conference talk by Tim Brom and Mitchell Johnson from 0xdade. Delve into the history, basics, and advanced concepts of CAN bus technology, including its mandated use in US vehicles since 2008. Learn about CANT, a software-implemented CAN bus peripheral that enables security researchers to test electrical bus-level error handling capabilities of CAN devices. Discover how CANT can be used to selectively attack specific ECUs without detection by automotive IDS/IPS systems, providing valuable insights for automotive security research. Gain understanding of CAN bus error frames, error counters, and philosophy, while exploring the advantages and limitations of CANT. Witness a demonstration and discuss mitigation strategies for potential vulnerabilities in automotive systems.
Syllabus
Intro
About GRIMM
Overview
CAN BUS history
Why CAN BUS?
CAN BUS Basics
CAN BUS not-so-basics
Other CAN Frames
Error Frames
CAN Error Counters
CAN Philosophy
But that CANT Happen!
CANT advantages
Using CANT to identify attacks
Demonstration
Limitations and mitigations
Further reading
Taught by
0xdade
Related Courses
24-7 CTI - Operationalizing Cyber Threat Intelligence0xdade via YouTube Three Ways DuckDuckGo Protects User Privacy While Getting Things Done - And How You Can Too
0xdade via YouTube 5G Protocol Vulnerabilities and Exploits
0xdade via YouTube A Context Aware Kernel IPC Firewall For Android
0xdade via YouTube A Nickel Tour of the Ad Fraud Ecosystem
0xdade via YouTube