• About SwRI
  • Facts
  • Conferences & Workshops
  • Exhibits
  • Mission Statement
  • Awards & Honors
  • In the Community
  • Map
  • Annual Report
• Technical Divisions
  • Aerospace Electronics, Systems Engineering & Training
    • Avionics & Support Systems
    • Electronics Integration & Cyber Technology
      • Engineering Services
      • Automatic Test Systems
      • Large-scale Database Development
      • Reliability & Maintainability Improvements
      • Program Development & Operations
    • Aerospace Engineering
      • Systems & Sensors
      • Autonomous Systems & Controls
      • Aerospace Systems Engineering
    • Learning Sciences & Systems
  • Applied Physics
    • Electronics Systems & Robotics
      • Hardware Design & Construction
      • Electronic & Electrical Component Analysis
      • Engineering & Logistics Support
      • Small Robotic Vehicle Evaluation & Applications
      • Electromagnetic Modeling
    • Electromechanical & Optical Systems
      • Packaging & Rapid Prototyping
      • Special Mechanical Systems
      • Microelectromechanical Systems
      • Photonic, Optical & Laser Systems
    • Engineering Applications & Systems Development
      • Advanced Systems Engineering
      • Software Development
      • Advanced Electronics Laboratory
    • Earth Characterization & Geophysical Measurements
  • Applied Power
  • Automation & Data Systems
    • Communications & Embedded Systems
      • Advanced Instrumentation & Telemetry Systems
      • High Reliability Software
      • Security & Energy Systems
      • Tactical Networks & Communications
    • Intelligent Systems
      • Intelligent Vehicle Systems
      • Transportation Systems
      • Decision Support Technologies
    • Manufacturing Systems
      • Process Improvement Engineering
      • Robotics & Automation Engineering
  • Chemistry & Chemical Engineering
    • Microencapsulation & Nanomaterials
      • Microencapsulation
      • Materials & Bioengineering
      • Biochemistry
      • Synthesis & Process Chemistry
      • Chemical Defense
      • Analytical & Regulated Projects
    • Analytical & Environmental Chemistry
      • Bioanalytical Chemistry & Environmental Health
      • Organic
      • Inorganics/Radiochemistry
    • Environmental & Demilitarization Technology
      • Environmental Engineering & Monitoring
      • Demilitarization Laboratory Support
    • Fire Technology
      • Fire Testing Services
      • Material Flammability Testing
      • Engineering & Research Services
      • Listing, Labeling, & Follow-Up Inspection Services
    • Chemical Engineering
      • Process Chemistry Laboratory
      • Chemical & Refining Process Development
      • Fuels & Energy Development
  • Engine, Emissions & Vehicle Research
    • Engine & Vehicle R&D
      • Aftertreatment R&D
      • Diesel Technology
      • Powertrain Controls
      • Advanced Vehicle Technology
      • Advanced Combustion & Emissions
    • Emissions R&D
      • Engine Certification & Emission Development
      • Medium Speed Diesel Engines
      • Light-Duty Vehicle Emissions
      • Emissions Chemistry
      • Particle Science & Technology
    • Design & Development
      • Powertrain Design & Analysis
      • Drivetrain Development
      • PTL
  • Fuels & Lubricants Research
    • Engine Lubricants Research
      • Heavy-Duty Engine Oil Evaluations
      • Passenger Car Engine Oil Evaluations
      • International Lubricant Testing
      • Specialized Lubricant Evaluations
    • Fuels & Driveline Lubricants Research
      • Fleet & Field Evaluations
      • Fuels Performance Evaluations
      • Specialty & Driveline Fluid Evaluations
    • Fuels & Lubricants Technology
      • Fluids Filtration & Handling Research
      • Fuels, Lubricants, & Fluids Applications
      • Filtration & Fine Particle Technology
      • Fuel Systems & Contamination Research
    • Petroleum Products Research
      • Fuel Analysis
      • Fuel Conformance
      • Lubricant Analysis
  • Geosciences & Engineering
    • Center for Nuclear Waste Regulatory Analyses
      • Geochemistry
      • Geology
      • Geophysics
      • Hydrology
      • Mining, Geotechnical, & Facility Engineering
      • Corrosion Science & Process Engineering
      • Risk Assessment
    • Earth, Material & Planetary Sciences
      • Geochemistry
      • Geology
      • Geophysics
      • Hydrology
      • Mining, Geotechnical, & Facility Engineering
      • Corrosion Science & Process Engineering
      • Risk Assessment
    • Rockville Office
  • Mechanical Engineering
    • Engineering Dynamics
      • Computational Mechanics
      • Ballistics & Explosives Engineering
      • Ballistics & Explosives Range
    • Structural Engineering
      • Aerospace Structures
      • Ocean Simulation Lab
      • Marine Structures & Engineering
      • Structural Dynamics & Product Assurance
    • Materials Engineering
      • Mechanics & Materials
      • Surface Engineering & Materials Chemistry
      • Environmental Performance of Materials
      • Materials Science & Failure Analysis
      • Musculoskeletal Biomechanics
    • Fluids & Machinery Engineering
      • Fluid Dynamics & Multiphase Flow
      • Machinery
    • Sensor Systems & Nondestructive Evaluation (NDE) Technology
  • Signal Exploitation & Geolocation
    • SIGINT Solutions
      • Signal Exploitation
      • Systems Engineering
      • Electromagnetic Apertures & Radiolocation
      • Program Management
      • SIGINT Solutions Product Highlights
    • Surveillance & Geolocation
      • Mission Systems
      • Tracking Systems
    • Tactical Products
      • Land & Airborne Systems
      • Maritime Systems
      • Program Management
    • Software Engineering
      • Mission Development & Management
      • Information Exploitation
      • Signal Processing
    • Maryland Operations
  • Space Science & Engineering
    • Space Science
      • Science
      • Instrument Systems
      • Data Analysis & Science Support Software
      • Space Support Systems & Software
      • Power Systems
    • Space Systems
      • Electromechanical Systems
      • Avionics Systems
      • Lighter-than-Air Systems
    • Planetary Science Directorate
• Areas of Technology
  • Search Technologies
  • Patents
  • Software
  • Internal Research & Development
• Doing Business
  • Patents
  • GSA Contract Schedules
  • SeaPort-e
  • TARDEC
  • Consortia
  • Subsidiaries & Joint Ventures
  • Quality Programs
• IR&D
• Newsroom
  • News Releases
  • Videos
  • Media Contacts
  • Technology Today^®
  • Publications
  • Annual Report
• Careers
  • Job Opportunities
  • Diversity
  • SwRI & San Antonio
  • SwRI Sites
• Contact Us
  • Map to SwRI

Detection of Malware on Vehicular Networks, 10-R8281

Principal Investigators
Mark J. Brooks
Marisa C. Ramon
Tam T. Do
Nakul Jeirath

Inclusive Dates:  01/01/12 – Current

Background — Computers are becoming increasingly prevalent in modern automobiles. By some estimates, even low-end cars contain anywhere from 30 to 50 of these automobile computers, also known as electronic control units (ECUs). ECUs control everything from the in-car entertainment system to the braking system and the engine fuel-air mixture. Wireless connectivity in these computers is also becoming more common, with some vehicles having capabilities for cellular, Bluetooth, and even Wi-Fi connections. Given this increasing sophistication and connectivity, the modern automobile is fertile ground for the same sort of malware and malicious attacks that are usually associated with traditional computers.

Figure 1. Potential Exploit Vectors and Busses Present on a Vehicle

---

Figure 2. SwRI's Vehicle Security Test Lab

Approach — The primary objective of this investigation is to demonstrate the beginning steps toward a system of vehicular malware detection. As a result of this investigation, it is expected one or more prototype algorithms will be produced that can effectively detect the presence of vehicle malware. This is expected to further SwRI's understanding of vehicle exploitation tools and techniques and position the project team to present their results at a major relevant conference.

Accomplishments — A vehicle security test bed has been established with several Controller Area Network (CAN) analyzer tools, several infotainment ECUs, a vehicle, and an oscilloscope with a CAN-specific analyzer. Several wireless tools were also acquired for the test bed for connecting to vehicle infotainment devices.

Using the test bed, the project team investigated vehicle vulnerabilities, patterns of malware, and detection algorithms.

• Researched vulnerabilities in the ID3 tags in the MP3 files, USB vulnerabilities, Bluetooth vulnerabilities, and Wi-Fi vulnerabilities in the infotainment ECU.
• Investigated various malware pieces running on the infotainment ECU platform. These malware pieces attempt to reach the CAN bus once a vulnerability has been exploited.
• Recorded sample CAN traffic in a variety of scenarios and used this data to begin creating several detection algorithms based upon traffic variations. In order to test the detection algorithms, a prototype detector framework is being developed that will be used to test the detection algorithms on the CAN bus.