Car-hacking has become a popular sport in the cyber security community, and recent news stories about Honda, Jeep and numerous other big automotive names being hacked have highlighted the vulnerability of new-age cars. Unsurprisingly, as cases of successful hacks rise so does the effort being put into developing defensive tools and more resilient systems.
Two researchers from the University of Michigan have developed one such tool which goes by the tongue-twisting name of Clock-based Intrusion Detection System, or CIDS. Designed to spot malicious messages used by car hackers to control vehicle components, CIDS aims to identify hack attacks and stop them before they can carry out their objective. In modern cars, every component is controlled by its own mini-computer, each one of which has a unique identifying feature due to the minute timing errors called ‘clock skew’. CIDS assigns an identity to each computer and recognises an external attempt to imitate one computer through the system of another – the method used by hackers to access vehicles’ controls.
CIDS isn’t the first gadget to address automotive hacking, but it is the first one to use the time-keeping method. Whilst the researchers don’t plan on rolling out their CIDS device to consumers any time soon, the hope is that their results and effective proof of concept will spur carmakers to integrating proper defense systems into their vehicles.
Read the full story (including the complicated technical stuff we skipped) at https://www.wired.com/2016/07/clever-tool-shields-car-hacks-watching-internal-clocks/