VehicleSec '25 Technical Sessions

A decade has passed since Miller and Valasek remotely hacked a Jeep to gain control over the computer systems of the vehicle, highlighting the vulnerabilities of connected cars and the potential dangers of cyberattacks on vehicles. This keynote will look back into how the vehicle compromise occurred and what has changed in the auto industry since this research was presented. It will also detail the trials and tribulations of the current automotive security ecosystem and finish off with a prediction of where Miller and Valasek see the industry going in the future, given the changing threat landscapes of the automotive world. You probably want to wear shoes, because this keynote is about to blow your socks off.

As cars are turning into computers with wheels, or "software-defined vehicles", computer security concerns are becoming increasingly critical. In this paper, we focus on the security of vehicle communication networks consisting of Electronic Control Units (ECUs) connected via a Controller Area Network (CAN) bus. We present a framework that consists of a behavior inference technique for capturing the expected behavior of vehicles during specific scenarios (modes) as state machines, a hierarchical state machine model for monitoring multiple scenarios, and a state-machine-based runtime behavior enforcement mechanism that uses ECU fingerprinting to authenticate messages. We then present a threat model, a characterization of different types of attacks, and a security analysis based on fuzzing. We have implemented and evaluated our framework on a Toyota Prius, and the BeamNG.tech simulator.

The data formats used by controller area networks (CAN) to transmit information are not strictly defined and vary across vehicle manufacturers; the same information differs in how it is encoded between vehicles. Understanding how these implementations vary requires access to various different examples of real CAN data. While publicly accessible CAN datasets do exist, each set has practical limitations when trying to use such data to examine the landscape of real-world CAN. With limited information of a vehicle's actions available, and with datasets in many cases only featuring a single vehicle, using such data to obtain a broad understanding of CAN is challenging. In this paper we present CANdid, a publicly available set of CAN data captured from ten individual vehicles. The data presented demonstrates vehicles operating in real world conditions, as well as under carefully controlled conditions with clearly labelled actions. The data also includes video footage of the driver's actions, as well as GPS information, from which a detailed understanding of the vehicle's actions during capture may be derived. We demonstrate two case studies using the data. The first uses the provided labels for actions to automatically identify vehicle components in the CAN data, and the second study uses the GPS information in the training of a machine-learning model to identify a vehicle turning from raw CAN data. With this dataset available, researchers may gain a more comprehensive understanding of CAN's various implementations across manufacturers, and how information may differ in presentation between vehicles.

Cyberstalking poses a significant international threat due to the large number of individuals affected worldwide and the severe nature of many incidents, which can be violent. Perpetrators often employ cellular GPS tracking devices to follow drivers or passengers in transit, exploiting the fact that these vehicles aren't linked to Wi-Fi or Bluetooth networks. Adding to the issue are factors such as the low initial cost of these devices, their easy availability online, and their small size which allows them to be concealed in a target's vehicle. To our knowledge, no previous research addresses the detection of clandestine cellular devices, making this study the first to introduce an affordable and practical solution for would-be victims. Our research is specifically dedicated to identifying hidden 4G LTE IoT cellular GPS tracking devices on or in a vehicle. We present an innovative algorithm designed for effective uplink frequency analysis, enabling dependable detection within a three-foot range when utilizing standard commercial hardware. This study aims to improve the privacy and security within the vehicular community.

The safety of Connected and Autonomous Vehicles (CAVs), Micromobility devices (e-scooter, e-bikes) and smartphone users rely on trusting the trajectory data they generate for navigation around each other. Real-time verification of mobility data from these devices without compromising privacy is needed as malicious data used for navigation could be deadly, especially for vulnerable road users. In this paper, we propose Secure-FLOATING, a scalable framework leveraging federated learning and blockchain for nearby nodes to coordinate and learn to trust mobility data from nearby devices and store this information via consensus on a tamper-proof distributed ledger. We employ lightweight Secure Multi-party computation (SMPC) with reduced messages exchanges to preserve privacy of the users and ensure data validation in real-time. Secure-FLOATING is evaluated using realistic trajectories for up to 8, 000 nodes (vehicles, micromobility devices, and pedestrians) in New York City, and it shows to achieve lower delays and overhead, thereby accurately validating each others' mobility data in a scalable manner, with up to 75% successful endorsement for as high as 50% attacker penetration.

Modern vehicles offer extensive functionality through smartphone integration, enabling users to stream music, make calls, and access various applications. Some features, such as navigation, require a direct connection between the vehicle and the smartphone via Bluetooth or a USB cable. Android devices utilize Android Auto for this connection, while iOS devices rely on Apple CarPlay. For safety reasons, certain functions, such as playing live videos while driving, are deliberately restricted. However, aftermarket in-vehicle adapters have emerged that bypass these restrictions, enabling video playback on the in-vehicle infotainment (IVI) system. Notably, some adapters can establish CarPlay connections despite not running the iOS operating systems. To understand these mechanisms, we conducted a reverse engineering analysis of one such adapter to investigate how non-iOS devices exploit CarPlay compatibility. Additionally, we performed a differential analysis comparing this unauthorized connection with legitimate CarPlay connections between an iPhone and an IVI system. This paper examines the technical aspects of unauthorized device integration with CarPlay, identifies potential security threats, and proposes mitigation strategies to enhance the security of future CarPlay implementations.

In-vehicle infotainment (IVI) systems have served as central consoles that offer a variety of convenient features and facilitate comprehensive vehicle management. These systems have evolved to handle privacy-sensitive data. This study investigates cybersecurity risks associated with IVI systems, which can be exploited by malicious actors to target vulnerabilities in automotive cyber-physical systems. The expansion of the IVI attack surface due to vehicle connections to external networks, inherent vulnerabilities in certain IVI systems, and the potential catastrophic consequences of IVI breaches amplify these risks. This study examines 11 distinct attack scenarios that could be executed on Automotive Grade Linux (AGL), a predominant operating system utilized in IVI systems. The proposed attack scenarios are mapped to the tactics, techniques, and procedures (TTPs) defined in the MITRE ATT&CK framework and are categorized into five classifications based on the attacker's intent and the level of impact on the system. To further enhance our understanding of potential threats, we developed multi-phase attack sequences by integrating three to four attack scenarios targeting specific applications. Lastly, we propose a methodology for detecting four selected attack scenarios using Suricata, a network-based IDS. This study informs IVI defense development and security response strategies while analyzing real-world threats to support vehicle security certification and compliance.

This tutorial provides a hands-on introduction to SAE J1939 and NMEA 2000 communication standards, foundational to networking in commercial vehicles and marine platforms. Participants will explore protocol architecture, including frame formats, addressing, arbitration, and multi-packet transport, through guided decoding exercises using real network traces. The session then shifts to protocol-level vulnerabilities rooted in design flaws—such as spoofing, denial-of-service, and control flow disruption—with live demonstrations on a virtual platform. Attendees will gain practical experience using open-source tools to assess vulnerabilities and inform safer protocol implementation.

Autonomous driving (AD) systems rely heavily on accurate lane marker detection for safe navigation, particularly during nighttime or low-light conditions. While luminescent lane markers have been introduced to improve visibility and enhance road safety in these scenarios, they also introduce potential vulnerabilities. This paper investigates these risks by introducing novel luminescent adversarial attacks that exploit the lane detection models used in autonomous vehicles (AVs). We demonstrate how these attacks, targeting deep neural network-based perception models, can manipulate the textural properties of the markers to cause misdetection of lanes, leading to safety violations. Through comprehensive experiments in both digital and physical domains, we systematically expose the vulnerabilities of state-of-the-art lane detection models to adversarial luminescent markers. In our digital experiments, we observe complete model failure in the worst cases and a failure rate of approximately 33% in the best cases. Physical experiments using a device running Openpilot further confirm these risks, underscoring a significant safety threat posed by luminescent adversarial attacks. Our findings emphasize the need for robust defenses to protect AVs from such adversarial threats.

With the rise of smart vehicles, increasingly intelligent in-vehicle systems are also exposing security issues, where traditional software vulnerabilities are demonstrating greater harm. Fuzzing is still an effective means to mitigate the risks of system software vulnerabilities. However, due to the fact that in-vehicle commercial off-the-shelf (COTS) system software is typically closed-source, conducting fuzzing on it presents significant challenges. The lack of information and the difficulty of modifying the system make it hard to implement effective fuzzing oracles.

To address these issues, we propose QKSAN, a sanitizer framework suitable for binary-only kernels. QKSAN innovatively combines multiple types of sanitizers and employs an efficient hypervisor-level instrumentation method to detect memory violation bugs such as out-of-bound accesses and the use of uninitialized variables. Experiments have demonstrated that QKSAN can successfully detect various vulnerabilities in binary kernels like Linux and QNX and feasibly be applied to real-world systems fuzzing.

Modern vehicles through increased connectivity are growingly susceptible to cybersecurity threats. Research has demonstrated vulnerabilities exploitable via infotainment systems, underscoring the need for robust automotive digital forensics. However, automotive digital forensic lags behind mature computer forensics, facing challenges such as lack of standardized guidelines, specialized tools, and technical limitations in current logging systems. These limitations, such as trigger-based recording, inadequate time synchronization, and insufficient trust preservation, compromise the reliability and legal admissibility of digital evidence. This paper presents a novel black box system designed to overcome these challenges by integrating GPS-based time synchronization and continuous Electronic Control Unit authentication leveraging Unified Diagnostic Services. Extending beyond traditional vehicle logging, Event Data Recorder, the proposed system features expanded memory capacity and data collection. Rigorous testing, including continuous authentication, stress tests, and functional analyses, demonstrates the enhanced capabilities of our black box in ensuring data integrity and credibility. These improvements strengthens the credibility of forensic evidence for legal proceedings involving connected vehicles.

High-definition (HD) maps are essential for autonomous vehicle (AV) navigation, providing detailed road and lane structure information. However, their static nature makes them vulnerable to tampering, posing significant security risks. This study systematically categorizes HD map tampering threats and evaluates their impact through an end-to-end autonomous driving simulation using Autoware and AWSIM. By modifying lane widths in HD maps, we demonstrate how small modifications can cause AVs to deviate from safe trajectories, affecting both planning and control. Our findings demonstrate the need for robust HD map verification, cryptographic validation of map updates, and a balance between HD map reliance and real-time perception. The study demonstrates the importance of securing HD maps to ensure safe and reliable AV operations.

Modern heavy vehicles rely on insecure protocols (CAN and SAE-J1939) to facilitate communication between the embedded devices that control their various subsystems. Due to the growing integration of wireless-enabled embedded devices, vehicles are becoming increasingly vulnerable to remote cyberattacks against their embedded networks. We propose an efficient deep-learning-based approach for mitigating such attacks through real-time J1939 signal reconstruction. Our approach uses random feature masking during training to build a generalized model of a vehicle's network. To reduce the computational and storage burden of the model, we employ 8-bit Quantization-Aware Training (QAT), enabling its deployment on resource-constrained embedded devices while maintaining high performance. We evaluate Transformer and LSTM-based architectures, demonstrating that both effectively reconstruct signals with minimal computational and storage overhead. Our approach achieves signal reconstruction with error levels below 1% of their operating range while maintaining a very low storage footprint of under 1 MB, demonstrating that lightweight deep-learning models can enhance resiliency against real-time attacks in heavy vehicles.

This tutorial explores how physical sensor attacks compromise the safety and control of Robotic Autonomous Vehicles (RAVs), with a focus on state estimation failures. It will present and compare attack recovery techniques for both traditional PID-based and deep reinforcement learning (Deep-RL) controlled RAVs, including software sensors, feed-forward control, and multi-objective adversarial training. Through a mix of lectures and hands-on virtual activities, participants will learn to analyze attacks and apply resilient control strategies across different RAV architectures.