- 강사 : Prof. Kang G. Shin (University of Michigan)
- 일시 : 2018년 5월 29일(화) 오후 4시
- 장소 : 서울대학교 뉴미디어통신공동연구소 1층 대회의실
We have discovered and applied two new practical and important cyber attacks—called Battery-Drain (BD) and Denial-of-Body-control (DoB)—on real vehicles, invalidating the common belief that vehicle cyber attacks are feasible and thus their defenses are required only when the vehicle’s ignition is on. The former can drain the vehicle battery while the latter can prevent the vehicle owner/driver from starting or even opening/entering his car. These attacks will likely delude forensics since their symptoms are very similar to typical mechanical/electronic failures, thus triggering unnecessary repairs, extending service outage, or even blaming wrong parties (vehicle OEMs/suppliers) for the problem.
We first analyze how operation (e.g., normal, sleep, listen) modes of ECUs are defined in various in-vehicle network standards and how they are implemented in real vehicles. From this analysis, we discover that an adversary can exploit the wake-up function of in-vehicle networks—which was originally designed for enhanced user experience/convenience (e.g., remote diagnosis, remote temperature control)—as an attack vector. Ironically, the key battery-saving feature in in-vehicle networks makes it easier for an attacker to wake up ECUs and, therefore, mount BD and/or DoB attacks.
KANG G. SHIN is the Kevin & Nancy O’Connor Professor of Computer Science in the Department of Electrical Engineering and Computer Science, The University of Michigan, Ann Arbor. His current research focuses on QoS-sensitive computing and networking as well as on embedded real-time and cyber-physical systems.
He has supervised the completion of 77 PhDs, and authored/coauthored more than 850 technical articles, one a textbook and more than 30 patents or invention disclosures, and received numerous best paper awards, including the Best Paper Awards from the 2011 ACM International Conference on Mobile Computing and Networking (MobiCom’11), the 2011 IEEE International Conference on Autonomic Computing, the 2010 and 2000 USENIX Annual Technical Conferences, as well as the 2003 IEEE Communications Society William R. Bennett Prize Paper Award and the 1987 Outstanding IEEE Transactions of Automatic Control Paper Award. He has also received several institutional awards, including the Research Excellence Award in 1989, Outstanding Achievement Award in 1999, Distinguished Faculty Achievement Award in 2001, and Stephen Attwood Award in 2004 from The University of Michigan (the highest honor bestowed to Michigan Engineering faculty); a Distinguished Alumni Award of the College of Engineering, Seoul National University in 2002; 2003 IEEE RTC Technical Achievement Award; and 2006 Ho-Am Prize in Engineering (the highest honor bestowed to Korean-origin engineers).