부산대학교 도서관

Scalable service-Oriented MiddlewarE over IP (SOME/IP) is a protocol that provides services over the IP stack, targeted at the automobile industry that strive to implement Ethernet in future vehicles as a replacement of Controller Area Network (CAN). However, switching to Ethernet and SOME/IP changes the entire protocol stack and therefore security needs to be reconsidered. With the assumption that a malicious user has access to the in-vehicle network, four different attacks are identified that can be performed on SOME/IP. Knowing how the network and traffic shall behave in the vehicle, a set of features are used as the basis for an Intrusion Detection System (IDS). These attacks along with the respective defences are implemented and tested on a SOME/IP network. The results from the testbed have demonstrated that the proposed attacks can be performed and therefore, additional security outside the SOME/IP protocol is needed. A host-based IDS is proposed, where the detection is based on arrival time, payload values and packet contradictions. Furthermore, suggestions on how to move towards prevention are given. The purpose of this research is to improve overall SOME/IP security for in-vehicle networks.