公开(公告)号：US20220035916A1

公开(公告)日：2022-02-03

申请号：US17230199

申请日：2021-04-14

Applicant: Hyundai Motor Company ,  Kia Corporation ,  Korea University Research and Business Foundation

Inventor： Dong Hoon Lee ,  Wonsuk Choi ,  Kyungho Joo ,  Seyoung Lee ,  Aram Cho

IPC: G06F21/56 ,  H04L12/40

Abstract: A system and method for identifying a compromised controller using an intentional error are provided. The method, performed by an electronic device in a controller area network (CAN), for identifying a compromised electronic control unit (ECU) that transmits an attack message on a CAN bus in a periodic transmission cycle. The method includes, in response to detecting the attack message, transitioning a first ECU among a plurality of ECUs connected to the CAN bus to a bus-off state intentionally, and determining whether the first ECU is the compromised ECU based at least in part on a time, which is predicted from recovery parameters related to the first ECU, for when the first ECU resumes transmission of a CAN message and a time when the attack message is redetected on the CAN bus.

公开(公告)号：US11032300B2

公开(公告)日：2021-06-08

申请号：US15822471

申请日：2017-11-27

Applicant: Korea University Research and Business Foundation

Inventor： Dong Hoon Lee ,  Wonsuk Choi ,  Kyung Ho Joo ,  Moon Chan Park

IPC: H04L29/06 ,  H04L12/40

Abstract: An example ECU identifying apparatus transmits and receives CAN data to and from a plurality of ECUs. The ECU identifying apparatus measures a power signal of the received CAN data, generates a multi-class classifier with respect to each of the plurality of ECUs and a one-class classifier with respect to all ECUs, acquires identification information of the received CAN data, acquires a signal of a predetermined area from the measured power signal, calculates a predetermined attribute value based on the signal of the predetermined area which is acquired, identifies an ECU based on the identification information of the CAN data which is acquired and the calculated predetermined attribute value, and determines whether an attack is made based on the identified ECU.

公开(公告)号：US12124578B2

公开(公告)日：2024-10-22

申请号：US18215678

申请日：2023-06-28

Applicant: Hyundai Motor Company ,  Kia Corporation ,  Korea University Research and Business Foundation

Inventor： Dong Hoon Lee ,  Wonsuk Choi ,  Kyungho Joo ,  Seyoung Lee ,  Aram Cho

IPC: G06F21/00 ,  G06F21/56 ,  H04L12/40

CPC classification number: G06F21/566 ,  H04L12/40013 ,  G06F2221/034 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: A system and method for identifying a compromised controller using an intentional error are provided. The method, performed by an electronic device in a controller area network (CAN), for identifying a compromised electronic control unit (ECU) that transmits an attack message on a CAN bus in a periodic transmission cycle. The method includes, in response to detecting the attack message, transitioning a first ECU among a plurality of ECUs connected to the CAN bus to a bus-off state intentionally, and determining whether the first ECU is the compromised ECU based at least in part on a time, which is predicted from recovery parameters related to the first ECU, for when the first ECU resumes transmission of a CAN message and a time when the attack message is redetected on the CAN bus.

公开(公告)号：US20230342468A1

公开(公告)日：2023-10-26

申请号：US18215678

申请日：2023-06-28

Applicant: Hyundai Motor Company ,  Kia Corporation ,  Korea University Research and Business Foundation

Inventor： Dong Hoon Lee ,  Wonsuk Choi ,  Kyungho Joo ,  Seyoung Lee ,  Aram Cho

IPC: G06F21/56 ,  H04L12/40

CPC classification number: G06F21/566 ,  H04L12/40013 ,  G06F2221/034 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: A system and method for identifying a compromised controller using an intentional error are provided. The method, performed by an electronic device in a controller area network (CAN), for identifying a compromised electronic control unit (ECU) that transmits an attack message on a CAN bus in a periodic transmission cycle. The method includes, in response to detecting the attack message, transitioning a first ECU among a plurality of ECUs connected to the CAN bus to a bus-off state intentionally, and determining whether the first ECU is the compromised ECU based at least in part on a time, which is predicted from recovery parameters related to the first ECU, for when the first ECU resumes transmission of a CAN message and a time when the attack message is redetected on the CAN bus.

公开(公告)号：US11423720B2

公开(公告)日：2022-08-23

申请号：US17082593

申请日：2020-10-28

Applicant: KOREA UNIVERSITY RESEARCH AND BUSINESS FOUNDATION

Inventor： Dong Hoon Lee ,  Kyungho Joo ,  Wonsuk Choi

IPC: G07C9/00 ,  B60R25/24

Abstract: An apparatus and a method of detecting an attack based on LF fingerprinting are provided. A smart key which is an attack detection apparatus includes a communication interface, a memory storing a classifier, and a processor configured to generate a first signal by removing a carrier frequency of a signal received from a vehicle, demodulate the first signal and extract at least one of a second signal of a preamble region or a third signal of an idle region, extract a feature of at least one of the first signal, the second signal, or the third signal, and detect whether there is a relay attack by using an output value of the classifier for the extracted feature.

公开(公告)号：US11809561B2

公开(公告)日：2023-11-07

申请号：US17230199

申请日：2021-04-14

Applicant: Hyundai Motor Company ,  Kia Corporation ,  Korea University Research and Business Foundation

Inventor： Dong Hoon Lee ,  Wonsuk Choi ,  Kyungho Joo ,  Seyoung Lee ,  Aram Cho

IPC: G06F21/00 ,  G06F21/56 ,  H04L12/40

CPC classification number: G06F21/566 ,  H04L12/40013 ,  G06F2221/034 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: A system and method for identifying a compromised controller using an intentional error are provided. The method, performed by an electronic device in a controller area network (CAN), for identifying a compromised electronic control unit (ECU) that transmits an attack message on a CAN bus in a periodic transmission cycle. The method includes, in response to detecting the attack message, transitioning a first ECU among a plurality of ECUs connected to the CAN bus to a bus-off state intentionally, and determining whether the first ECU is the compromised ECU based at least in part on a time, which is predicted from recovery parameters related to the first ECU, for when the first ECU resumes transmission of a CAN message and a time when the attack message is redetected on the CAN bus.