Abstract
Despite the benefits of the passive keyless entry and start (PKES) system in improving the locking and starting capabilities, it is vulnerable to relay attacks even though the communication is protected using strong cryptographic techniques. In this paper, we propose a data-intensive solution based on machine learning to mitigate relay attacks on PKES Systems. The main contribution of the paper, beyond the novelty of the solution in using machine learning, is in (1) the use of a set of security features that accurately profiles the PKES system, (2) identifying abnormalities in PKES regular behavior, and (3) proposing a countermeasure that guarantees a desired probability of detection with a fixed false alarm rate by trading off the training time and accuracy. We evaluated our method using the last three months log of a PKES system using the Decision Tree, SVM, KNN and ANN and provide the comparative analysis of the relay attack detection results. Our proposed framework leverages the accuracy of supervised learning on known classes with the adaptability of k-fold cross-validation technique for identifying malicious and suspicious activities. Our test results confirm the effectiveness of the proposed solution in distinguishing relayed messages from legitimate transactions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Waraksa, T.J., Fraley, K.D., Kiefer, R.E., Douglas, D.G., Gilbert, L.H.: Passive keyless entry system. Google Patents, US Patent 4,942,393 (1990)
Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2011)
Fu, K., Xu, W.: Risks of trusting the physics of sensors. Commun. ACM 61(2), 20–23 (2018)
Bacchus, M., Coronado, A., Gutierrez, M.A.: The insights into car hacking (2017)
Jolfaei, A., Kant, K.: A lightweight integrity protection scheme for fast communications in smart grid. In: International Conference on Security and Cryptography, pp. 31–42 (2017)
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462 (2010)
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: USENIX Security Symposium (2011)
Choi, W., Seo, M., Lee, D.H.: Sound-proximity: 2-factor authentication against relay attack on passive keyless entry and start system. J. Adv. Transp. (2018)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA, vol. 2015 (2015)
Benadjila, R., Renard, M., Lopes-Esteves, J., Kasmi, C.: One car, two frames: attacks on hitag-2 remote keyless entry systems revisited. In: USENIX Workshop on Offensive Technologies (2017)
Garfinkel, S., Rosenberg, B.: RFID: Applications, Security, and Privacy. Pearson Education India, Chennai (2006)
Van Herrewege, A., Singelee, D., Verbauwhede, I.: CANAuth - a simple, backward compatible broadcast authentication protocol for CAN Bus. In: ECRYPT Workshop on Lightweight Cryptography, vol. 2011 (2011)
Groza, B., Murvay, S., Van Herrewege, A., Verbauwhede, I.: LiBrA-CAN: a lightweight broadcast authentication protocol for controller area networks, pp. 185–200(2012)
Schweppe, H., Roudier, Y., Weyl, B., Apvrille, L., Scheuermann, D.: Car2X communication: securing the last meter-a cost-effective approach for ensuring trust in Car2X applications using in-vehicle symmetric cryptography. In: IEEE Vehicular Technology Conference, pp. 1–5 (2011)
Guan, L., Lin, J., Luo, B., Jing, J., Wang, J.: Protecting private keys against memory disclosure attacks using hardware transactional memory. In: IEEE Symposium on Security and Privacy, pp. 3–19 (2015)
Bruwer, F.: Microchips and remote control devices comprising same. Google Patents, US Patent 6,108,326 (2000)
Brainard, J., Juels, A., Rivest, R.L., Szydlo, M., Yung, M.: Fourth-factor authentication: somebody you know. In: ACM Conference on Computer and Communications Security, pp. 168–178 (2006)
Ranganathan, A., Capkun, S.: Are we really close? Verifying proximity in wireless systems. IEEE Secur. Priv. (2017)
Park, J., et al.: Intelligent vehicle power control based on machine learning of optimal control parameters and prediction of road type and traffic congestion. IEEE Trans. Veh. Technol. 58(9), 4741–4756 (2009)
Sivaraman, S., Trivedi, M.M.: A general active-learning framework for on-road vehicle recognition and tracking. IEEE Trans. Intell. Transp. Syst. 11(2), 267–276 (2010)
Avatefipour, O., Malik, H.: State-of-the-art survey on in-vehicle network communication (CAN-Bus) security and vulnerabilities. arXiv preprint arXiv:1802.01725 (2018)
Weber, M., Klug, S., Sax, E., Zimmer, B.: Embedded hybrid anomaly detection for automotive CAN communication. In: 9th European Congress on Embedded Real Time Software and Systems (2018)
Alazab, A., Hobbs, M., Abawajy, J., Alazab, M.: Using feature selection for intrusion detection system. In: International Symposium on Communications and Information Technologies (ISCIT), pp. 296–301. IEEE (2012)
Tran, K.-N., Alazab, M., Broadhurst, R., et al.: Towards a feature rich model for predicting spam emails containing malicious attachments and URLs. In: 11th Australasian Data Mining Conference, Canberra (2013)
Martinelli, F., Mercaldo, F., Nardone, V., Orlando, A., Santone, A.: Who’s driving my car? A machine learning based approach to driver identification (2018)
Kuwahara, T., et al.: Supervised and unsupervised intrusion detection based on CAN message frequencies for in-vehicle network. J. Inf. Process. 26, 306–313 (2018)
Kang, M.-J., Kang, J.-W.: Intrusion detection system using deep neural network for in-vehicle network security. PloS ONE 11(6), e0155781 (2016)
Breiman, L.: Bagging predictors. Mach. Learn. 24(2), 123–140 (1996)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Ahmad, U., Song, H., Bilal, A., Alazab, M., Jolfaei, A. (2018). Secure Passive Keyless Entry and Start System Using Machine Learning. In: Wang, G., Chen, J., Yang, L. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2018. Lecture Notes in Computer Science(), vol 11342. Springer, Cham. https://doi.org/10.1007/978-3-030-05345-1_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-05345-1_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05344-4
Online ISBN: 978-3-030-05345-1
eBook Packages: Computer ScienceComputer Science (R0)