-
11.发明申请METHOD FOR DETECTING FRAUDULENT FRAME SENT OVER AN IN-VEHICLE NETWORK SYSTEM 审中-公开用于检测车辆网络系统中的仿真帧的方法公开(公告)号:US20160205194A1
公开(公告)日:2016-07-14
申请号:US15076650
申请日:2016-03-22
Inventor: TAKESHI KISHIKAWA , HIDEKI MATSUSHIMA , TOMOYUKI HAGA , MANABU MAEDA , YUJI UNAGAMI , YOSHIHIRO UJIIE
IPC: H04L29/08 , H04L29/06 , B60R16/023
CPC classification number: H04L67/12 , B60R16/023 , H04L9/3242 , H04L9/3297 , H04L63/08 , H04L63/10 , H04L63/12 , H04L63/20 , H04L2209/84
Abstract: A fraud detection method for use in an in-vehicle network system including a plurality of electronic control units that communicate with one another via a bus in accordance with Controller Area Network (CAN) protocol is provided. The method includes receiving at least one data frame sent to the bus, verifying a specific identifier in the received data frame only if the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state, detecting the received data frame as an authenticated data frame if the verification is successful, and detecting the received data frame as a fraudulent data frame if the verification fails.
Abstract translation: 提供了一种用于车载网络系统中的欺诈检测方法,该系统包括根据控制器局域网(CAN)协议经由总线相互通信的多个电子控制单元。 该方法包括接收发送到总线的至少一个数据帧,仅在接收到的数据帧不遵循关于传输周期的预定规则和具有车载车辆的状态时验证接收到的数据帧中的特定标识符 安装在其中的网络系统是预定状态,如果验证成功则检测接收到的数据帧作为认证数据帧,如果验证失败,则检测接收到的数据帧为欺诈数据帧。
-
12.发明申请公开(公告)号:US20180316680A1
公开(公告)日:2018-11-01
申请号:US16031079
申请日:2018-07-10
Inventor: TAKESHI KISHIKAWA , MANABU MAEDA , TOHRU WAKABAYASHI , TOSHIHISA NAKANO , HIDEKI MATSUSHIMA
IPC: H04L29/06 , B60R16/023 , H04L12/40
CPC classification number: H04L63/10 , B60R16/0231 , H04L12/40 , H04L12/40104 , H04L63/1425 , H04L67/12 , H04L67/125 , H04L2012/40215 , H04L2012/40273
Abstract: An unauthorized control suppression method for use in a network system is provided. The network system includes a plurality of electronic controllers that exchange, via a communication channel, a plurality of frames The plurality of frames includes at least one control frame that instructs predetermined control to an object of control. The method receives, sequentially, the plurality of frames from the communication channel, and determines whether the predetermined control, instructed by the control frame received in the receiving, is to be suppressed, based on a set of frames received in the receiving. The set of frames is received in the receiving within a predetermined period preceding a time of reception of the control frame.
-
13.发明申请公开(公告)号:US20180316584A1
公开(公告)日:2018-11-01
申请号:US16026040
申请日:2018-07-02
Inventor: YOSHIHIRO UJIIE , TOMOYUKI HAGA , MANABU MAEDA , HIDEKI MATSUSHIMA , TAKESHI KISHIKAWA , JUNICHI TSURUMI , HISASHI KASHIMA , YUKINO TORIUMI , TAKUYA KUWAHARA
Abstract: An abnormality detection method is provided. The abnormality detection method is for detecting an abnormality that may be transmitted to a bus in an on-board network system. The on-board network system includes a plurality of electronic controllers that transmit and receive messages via the bus in a vehicle according to a CAN protocol. In the abnormality detection method, for example, a gateway transmits vehicle identification information to a server and receives a response determining a unit time. An operation process is performed using feature information based on a number of messages received from the bus per the determined unit time and using a model indicating a criterion in terms of a message occurrence frequency. A judgment is made as to an abnormality according to a result of the operation process.
-
公开(公告)号:US20180294991A1
公开(公告)日:2018-10-11
申请号:US16002006
申请日:2018-06-07
Inventor: JUNICHI TSURUMI , YOSHIHIRO UJIIE , TOSHIHISA NAKANO , HIDEKI MATSUSHIMA , YUJI UNAGAMI
IPC: H04L12/46 , B60R16/023 , B60R25/00 , G06F11/30
Abstract: A security device connected to at least one bus in a vehicle is provided. The security device determines, with regard to a frame received from the at least one bus, whether predetermined conditions are satisfied to determine whether the frame is a suspect of being an attack frame. The security device transmits, a determination request to an external device outside of the vehicle in a case where the predetermined conditions are satisfied, and obtains determination results from the external device in accordance with the determination request. The security device outputs first presentation information in the case where the predetermined conditions are satisfied, and outputs second presentation information in a case where the determination results are obtained from the external device.
-
15.发明申请IN-VEHICLE NETWORK SYSTEM, FRAUD-DETECTION ELECTRONIC CONTROL UNIT, AND FRAUD-DETECTION METHOD 审中-公开车内网络系统,防盗侦测电子控制单元及防盗方法公开(公告)号:US20170026386A1
公开(公告)日:2017-01-26
申请号:US15285706
申请日:2016-10-05
Inventor: YUJI UNAGAMI , HIDEKI MATSUSHIMA , TOMOYUKI HAGA , MANABU MAEDA , YOSHIHIRO UJIIE , TAKESHI KISHIKAWA
CPC classification number: H04L63/14 , B60R16/023 , G06F21/577 , G06F21/606 , G06F21/71 , G06F21/85 , G06F2221/2101 , H04L12/28 , H04L63/20 , H04L67/12 , H04W4/40
Abstract: In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of buses, a plurality of fraud-detection ECUs each connected to a different one of the buses, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a bus connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The fraud-detection ECU transmits an error message including a message identifier of a message determined to be malicious. The gateway device receives updated rule information transmitted to a first bus among the buses, selects a second bus different from the first bus, and transfers the updated rule information only to the second bus. A fraud-detection ECU connected to the second bus acquires the updated rule information and updates the rule information stored therein by using the updated rule information.
Abstract translation: 在用于车载网络系统的欺诈检测方法中,包括在多个总线上交换消息的多个电子控制单元(ECU),多个欺诈检测ECU,各自连接到不同的总线 以及网关装置,欺诈检测ECU通过使用存储在存储器中的规则信息来判断在与欺诈检测ECU连接的总线上发送的消息是否是恶意的。 欺诈检测ECU发送包括确定为恶意的消息的消息标识符的错误消息。 网关装置接收总线中发送到第一总线的更新的规则信息,选择与第一总线不同的第二总线,并将更新的规则信息传送到第二总线。 连接到第二总线的欺诈检测ECU获取更新的规则信息,并通过使用更新的规则信息来更新其中存储的规则信息。
-
Patent Agency Ranking
16.发明申请METHOD FOR HANDLING CASE OF DETECTING UNAUTHORIZED FRAME TRANSMITTED OVER ONBOARD NETWORK 审中-公开处理通过网络网络传输的未经授权的帧的处理案例的方法公开(公告)号:US20160373449A1
公开(公告)日:2016-12-22
申请号:US15249513
申请日:2016-08-29
Inventor: TOMOYUKI HAGA , HIDEKI MATSUSHIMA , YOSHIHIRO UJIIE , TAKESHI KISHIKAWA
IPC: H04L29/06 , H04L29/08 , B60R16/023
CPC classification number: B60R16/023 , G08G1/162 , G08G1/22 , H04L63/1408 , H04L63/1466 , H04L2012/40273 , H04W4/046 , H04W4/46 , H04W12/00502 , H04W12/12
Abstract: An anomaly handling method that suitably handles a case where the possibility of a vehicle being unauthorizedly controlled so as to suppress the effects thereof is provided. In an anomaly handling method used in one or a plurality of electronic control units installed in one vehicle, an inter-vehicle communication message transmitted from a device installed in the other vehicle is received as an anomaly detection notification, the anomaly detection notification being issued when an unauthorized frame is detected on an onboard network installed in another vehicle, and an anomaly handling processing is selected from a plurality of predetermined anomaly handling processing in accordance with the received content to transition to a safe state for example, and the selected anomaly handling processing is executed.
Abstract translation: 提供了适当地处理非法控制车辆的可能性以抑制其效果的情况的异常处理方法。 在安装在一个车辆中的一个或多个电子控制单元中使用的异常处理方法中,从安装在另一车辆中的装置发送的车辆间通信消息作为异常检测通知被接收,异常检测通知是在 在安装在另一车辆上的车载网络上检测到未授权的帧,并且根据所接收的内容从多个预定异常处理处理中选择异常处理处理,以转换到例如安全状态,并且所选择的异常处理处理 被执行。
-
公开(公告)号:US20160149908A1
公开(公告)日:2016-05-26
申请号:US15012913
申请日:2016-02-02
Inventor: YUJI UNAGAMI , MANABU MAEDA , HIDEKI MATSUSHIMA
IPC: H04L29/06
CPC classification number: H04L63/0869 , H04L9/006 , H04L9/0833 , H04L9/3268 , H04L9/3273 , H04L63/061 , H04L63/062 , H04L63/065 , H04L63/068 , H04L63/0823 , H04L63/0876
Abstract: A system performs mutual authentication between a controller and a first device, creates a group key, shares the group key, and sets the first device as a reference device. The system performs mutual authentication between the controller and a second device, and shares the group key with the second device. Thereafter, the system, performs mutual authentication between the controller and the first device, updates the group key, and shares the updated group key between the controller and the first device. At a group key update timing when the group key is updated, the system performs mutual authentication between the controller and the second device, and shares the updated group key with the second device.
Abstract translation: 系统在控制器和第一设备之间执行相互认证,创建组密钥,共享组密钥,并将第一设备设置为参考设备。 系统在控制器和第二设备之间执行相互认证,并与第二设备共享组密钥。 此后,系统在控制器和第一设备之间执行相互认证,更新组密钥,并且在控制器和第一设备之间共享更新的组密钥。 在组密钥更新时的组密钥更新定时,系统在控制器和第二设备之间执行相互认证,并与第二设备共享更新的组密钥。
-
18.发明申请公开(公告)号:US20190165946A1
公开(公告)日:2019-05-30
申请号:US16264804
申请日:2019-02-01
Inventor: YUJI UNAGAMI , MANABU MAEDA , TOMOYUKI HAGA , HIDEKI MATSUSHIMA , JUN ANZAI
Abstract: A method for verifying content data to be used in a vehicle is provided. The method includes acquiring content data, acquiring, from partial data divided from the content data, a respective plurality of first hash values, acquiring a signature generated by using the first hash values and a key, acquiring state information that indicates a state of a vehicle, determining an integer N that is greater than or equal to one based on the acquired state information, generating, from N pieces of partial data included in the partial data, respective second hash values, verifying the content data by using each of (a) a subset of the plurality of first hash values respectively generated from partial data other than the N pieces of partial data, (b) the second hash values, and (c) the signature, and outputting information that indicates a result of the verifying.
-
公开(公告)号:US20190042726A1
公开(公告)日:2019-02-07
申请号:US16040648
申请日:2018-07-20
Inventor: YUJI UNAGAMI , MOTOJI OHMORI , HIDEKI MATSUSHIMA
Abstract: Provided is a management system including vehicles and authentication servers. A vehicle includes a communication circuit, multiple electronic control units connected to an in-vehicle network, a detection circuit, and a transaction data generating circuit. The detection circuit detects a replacement of one or more electronic control units. The transaction data generating circuit generates transaction data including an identifier that uniquely identifies each of the replaced electronic control units. An authentication server includes a communication circuit, and a verifying circuit that verifies validity of the transaction data obtained by the vehicle. The authentication server also includes a recording circuit that, upon verifying that the first transaction data is valid by the verifying unit, records the transaction data in a recording device.
-
20.发明申请公开(公告)号:US20170126703A1
公开(公告)日:2017-05-04
申请号:US15407738
申请日:2017-01-17
Inventor: YOSHIHIRO UJIIE , JUN ANZAI , YOSHIHIKO KITAMURA , MASATO TANABE , HIDEKI MATSUSHIMA , TOMOYUKI HAGA , TAKESHI KISHIKAWA , RYOTA SUGIYAMA
IPC: H04L29/06 , H04L12/40 , B60R16/023
CPC classification number: H04L63/123 , B60R16/023 , H04L12/40 , H04L63/08 , H04L63/102 , H04L63/20 , H04L67/12 , H04L2012/40215 , H04L2012/40273
Abstract: An electronic control unit is connected to an in-vehicle network bus in an in-vehicle network system including a plurality of apparatuses that perform communication of frames via the bus. The electronic control unit includes a first control circuit and a second control circuit. The first control circuit is connected to the bus via the second control circuit over wired communication and/or wireless communication. The second control circuit performs a first determination process on a received frame received from the bus to determine the conformity with a first rule related to at least a reception interval, and, upon determining that the received frame conforms to the first rule, executes a predetermined process based on the content of the received frame. The first control circuit performs a second determination process on the received frame, received via the second control circuit, to determine the conformity with a second rule different from the first rule.
-
-
-
-
-
-
-
-
-
Search Results
35
records
(took 0.018 seconds)
