- Webinar |
- Netherlands 2023 |
- USA 2023 |
- Netherlands 2022 |
- USA 2022 |
- Netherlands 2021 |
- USA 2021 |
- Germany 2021 |
- Berlin 2021 |
- Netherlands 2020 |
- Virtual Con 2020 |
- Berlin 2020 |
- Netherlands 2019 |
- USA 2019 |
- Berlin 2019 |
- Netherlands 2018 |
- Berlin 2018 |
- Netherlands 2017 |
- Netherlands 2016 |
- Netherlands 2015
Talk Title:
It's easier to break than to patch: a stealthy DoS attack against CAN
Abstract:
In this talk, we will first present a selective denial-of-service attack against the CAN standard which does not involve the transmission of any complete frames for its execution. This type of attack is obviously not detectable via frame-level analysis, which makes most currently proposed detection systems useless. As the attack is based on CAN protocol weaknesses, all CAN bus implementations by all manufacturers were, and are, vulnerable.
After showing a proof-of-concept, we will move on to the much harder part of proposing a possible countermeasure for detecting and preventing such an attack, along with our implementation experience and some thoughts around this and other attacks that may arise from the CAN bus protocol itself.
Speaker Bio:
Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching “Computer Security” and “Computer Forensics” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 90 scientific papers and books. He is a Senior Member of the IEEE, the IEEE Computer Society, and a lifetime senior member of the ACM. Stefano. He has been named a Fellow of ISSA (Information System Security Association) and sits in its International Board of Directors. A long time op-ed writer for magazines, Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and in London; a co-founder of 18Months, a cloud-based ticketing solutions provider; and a co-founder of BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.
Stefano Longari received a BSc and an MSc in Computer Engineering from Politecnico di Milano, where he is currently a PhD Student, dedicating his research to automotive security.
