Fuzzing CAN Packets into Automobiles


There have been many warnings that automobiles are vulnerable to the attacks through the network, CAN which connects the ECUs (Electrical Control Units) embedded in the automobiles. Some previous studies showed that the warnings were actual treats. They analyzed the packets flowing on the network and used the packets constructed based on the analysis. We show that it is possible to attack automobiles without any in-depth knowledge about automobiles and specially designed tools to analyze the packets. Experiments are performed in two phases.

In the first phase, the victims automobiles are attacked with the packets constructed with the CAN IDs gathered from the sniffed packets flowing in the automobiles. It is not a problem at all to gather CANIDs since CAN is an open simple standard protocol and there are many tools to sniff CAN packets in the Internet. In the second phase, the attack packets are constructed in a completely random manner without any previous information such as CAN IDs. The packets are injected into the network via Bluetooth, a wireless channel. Through the experiments, we show the network vulnerability of automobiles.