Search Icon
Register

The Advantages of Distributed TCAM Firewalls in Automotive Real-Time Switched Zonal Networks (Long)

Evan Allen (Virginia Tech), Zeb Bowden (Virginia Tech Transportation Institute), J. Scot Ransbottom (Virginia Tech)

Attackers have found numerous vulnerabilities in the Electronic Control Units (ECUs) of modern vehicles, enabling them to stop the car, control its brakes, and take other potentially disruptive actions. Many of these attacks were possible because the vehicles had insecure In-Vehicle Networks (IVNs), where ECUs could send any message to each other. For example, an attacker who compromised an infotainment ECU might be able to send a braking message to a wheel. In this work, we introduce a scheme based on distributed firewalls to block these unauthorized messages according to a set “security policy” defining what transmissions each ECU should be able to send and receive. We leverage the topology of new switched, zonal networks to authenticate messages without cryptography, using Ternary Content Addressable Memory (TCAMs) to enforce the policy at wire-speed. Crucially, our approach minimizes the security burden on edge ECUs and places control in a set of hardened zonal gateways. Through an OMNeT++ simulation of a zonal IVN, we demonstrate that our scheme has much lower overhead than modern cryptography-based approaches and allows for realtime, low-latency (​<0.1 ms) traffic.

Paper

View More Papers

coucouArray ( [post_type] => ndss-paper [post_status] => publish [posts_per_page] => 4 [orderby] => rand [tax_query] => Array ( [0] => Array ( [taxonomy] => category [field] => id [terms] => Array ( [0] => 104 [1] => 68 ) ) ) [post__not_in] => Array ( [0] => 17388 ) )

Unus pro omnibus: Multi-Client Searchable Encryption via Access Control

Jiafan Wang (Data61, CSIRO), Sherman S. M. Chow (The Chinese University of Hong Kong)

Read More

Improving the Robustness of Transformer-based Large Language Models with...

Lujia Shen (Zhejiang University), Yuwen Pu (Zhejiang University), Shouling Ji (Zhejiang University), Changjiang Li (Penn State), Xuhong Zhang (Zhejiang University), Chunpeng Ge (Shandong University), Ting Wang (Penn State)

Read More

Merge/Space: A Security Testbed for Satellite Systems

M. Patrick Collins (USC Information Sciences Institute), Alefiya Hussain (USC Information Sciences Institute), J.P. Walters (USC Information Sciences Institute), Calvin Ardi (USC Information Sciences Institute), Chris Tran (USC Information Sciences Institute), Stephen Schwab (USC Information Sciences Institute)

Read More

Secret-Shared Shuffle with Malicious Security

Xiangfu Song (National University of Singapore), Dong Yin (Ant Group), Jianli Bai (The University of Auckland), Changyu Dong (Guangzhou University), Ee-Chien Chang (National University of Singapore)

Read More

Privacy Starts with UI: Privacy Patterns and Designer Perspectives in UI/UX Practice

Anxhela Maloku (Technical University of Munich), Alexandra Klymenko (Technical University of Munich), Stephen Meisenbacher (Technical University of Munich), Florian Matthes (Technical University of Munich)

Vision: Profiling Human Attackers: Personality and Behavioral Patterns in Deceptive Multi-Stage CTF Challenges

Khalid Alasiri (School of Computing and Augmented Intelligence Arizona State University), Rakibul Hasan (School of Computing and Augmented Intelligence Arizona State University)

From Underground to Mainstream Marketplaces: Measuring AI-Enabled NSFW Deepfakes on Fiverr

Mohamed Moustafa Dawoud (University of California, Santa Cruz), Alejandro Cuevas (Princeton University), Ram Sundara Raman (University of California, Santa Cruz)