Skip to main content

[EVENT] Masterclass "Automative Security"

Conférence / Recherche

On October 11, 2023

Saint-Martin-d'Hères - Domaine universitaire

Abstract :

In this seminar we will present an overview of automotive security research conducted by Politecnico di Milano.

First, we will present a selective denial-of-service attack against the CAN standard which does not involve the transmission of any complete frames for its execution. This type of attack is obviously not detectable via frame-level analysis, which makes most currently proposed detection systems useless. As the attack is based on CAN protocol weaknesses, all CAN bus implementations by all manufacturers were, and are, vulnerable

After showing a proof-of-concept, we will move on to the much harder part of proposing a possible countermeasure for detecting and preventing such an attack, along with our implementation experience and some thoughts around this and other attacks that may arise from the CAN bus protocol itself.

During the review of this paper, we originally said that it would be "trivial" to perform such an attack from an unmodified CAN controller. Two years of work later, we actually created a completely new technique called CANflict, that was published at ACM CCS, and which we will also present briefly.

We will also outline our research on anomaly detection for CAN networks based on LSTM autoencoders, as well as our evaluation of the best combination of different IDS techniques to increase detection performances in real world scenarios.

Bio :

Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently a full professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general.

Stefano is a Senior Member of the IEEE and the IEEE Computer Society,which has named him a Distinguished Lecturer and Distinguished Contributor; he is a lifetime senior member of the ACM, which has named him a Distinguished Speaker; and has been named a Fellow of the ISSA (Information System Security Association).

Stefano also co-founded three startups:

  • Secure Network, a leading cybersecurity assessment firm;
  • BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques;
  • 18Months, a mobile ticketing provider for cinemas.

Registration :

Registration is closed. You can watch the entire masterclass on video.





On October 11, 2023


Saint-Martin-d'Hères - Domaine universitaire

Complément lieu

Amphi H, Bâtiment CLV, 180 allée des amphis, 38400 Saint-Martin-d'Hères

Submitted on April 11, 2024

Updated on April 11, 2024