YoVDO

When CAN CANT

Offered By: 0xdade via YouTube

Tags

ShmooCon Courses Reverse Engineering Courses Security Research Courses

Course Description

Overview

Explore the intricacies of the Controller Area Network (CAN) bus and its vulnerabilities in this 47-minute conference talk by Tim Brom and Mitchell Johnson from 0xdade. Delve into the history, basics, and advanced concepts of CAN bus technology, including its mandated use in US vehicles since 2008. Learn about CANT, a software-implemented CAN bus peripheral that enables security researchers to test electrical bus-level error handling capabilities of CAN devices. Discover how CANT can be used to selectively attack specific ECUs without detection by automotive IDS/IPS systems, providing valuable insights for automotive security research. Gain understanding of CAN bus error frames, error counters, and philosophy, while exploring the advantages and limitations of CANT. Witness a demonstration and discuss mitigation strategies for potential vulnerabilities in automotive systems.

Syllabus

Intro
About GRIMM
Overview
CAN BUS history
Why CAN BUS?
CAN BUS Basics
CAN BUS not-so-basics
Other CAN Frames
Error Frames
CAN Error Counters
CAN Philosophy
But that CANT Happen!
CANT advantages
Using CANT to identify attacks
Demonstration
Limitations and mitigations
Further reading


Taught by

0xdade

Related Courses

24-7 CTI - Operationalizing Cyber Threat Intelligence
0xdade via YouTube
Three Ways DuckDuckGo Protects User Privacy While Getting Things Done - And How You Can Too
0xdade via YouTube
5G Protocol Vulnerabilities and Exploits
0xdade via YouTube
A Context Aware Kernel IPC Firewall For Android
0xdade via YouTube
A Nickel Tour of the Ad Fraud Ecosystem
0xdade via YouTube