M.Eng. Jesus Eduardo Hernandez Soria
Through the years, I have obtained high knowledge about electronic, microcontrollers, programming languages,
networking, advanced persistent threats, advanced attacker methodologies and techniques, as well as frameworks
and standards, wherewith I became a specialist in information security area, where I have strong skills on SIEM logs
analysis, triage of potentially malicious events, analyze and/or escalate cyber security incidents and analyzing
malicious artefacts obtained from network monitoring. Currently I am collaborating with advanced professional
colleagues around the world to ensure that the core business and technological capabilities are always effective and
efficient.
Address: Mexico
networking, advanced persistent threats, advanced attacker methodologies and techniques, as well as frameworks
and standards, wherewith I became a specialist in information security area, where I have strong skills on SIEM logs
analysis, triage of potentially malicious events, analyze and/or escalate cyber security incidents and analyzing
malicious artefacts obtained from network monitoring. Currently I am collaborating with advanced professional
colleagues around the world to ensure that the core business and technological capabilities are always effective and
efficient.
Address: Mexico
less
Related Authors
Interests
Uploads
Papers by M.Eng. Jesus Eduardo Hernandez Soria
In addition to the high cost of oil, global warming and lack of energy resources, forces humanity to seek alternative solutions.
Therefore, this document presents a monitoring system for electrical signals, this can record different parameters of the electric load, in order to display in a web page, the voltage and current parameters that generate the electric charge.
To accomplish all this technology, requires to develop and implement more components and communication protocols. This means that with more technology, more entry points are going to able to launch an attack, increasing the risk of hack a vehicle, because in many cases cars doesn’t have security to prevent or mitigate attacks.
The purpose of this paper is the analysis of the key vulnerabilities of ECU (Electronic Control Unit), which reads data from all different automotive sensors and depending of this information it does an specific action. For that reason, ECUs are the most critical components.
Four test scenarios were developed to collect and compare data. The first scenario is about interaction between a car Chevy C2 2008 and a Laptop with Windows 10, connected through ELM327 Bluetooth. It was achieved to get vehicle information and reset fault codes.
The second test scenario uses a device named ValueCAN3 connected to OBD-II port of a car Seat Ibiza 2013. With this device and its demo version Software, we managed to read CAN bus traffic. Due to the expensive full version Software, we bought an Open Source device named CANtact, which is used in the test scenario three and four.
The scenario three read and analyze CAN bus data, to do a frame injection attack and control some vehicle features like enable door open warning light, parking brake warning light and seat-belt warning light.
The last test scenario consists in vulnerability assessment to ECUs, for this, we used a device CANtact, which connected to OBD-II port of a Suzuki Swift 2013 to analyze the CAN bus data and inject frames. We rely on the test methodology of Pentest NIST 800-115 and the rules behavior guide of SANS Institute, to establish four phases. Through analysis phases we found vulnerabilities that allow to read data from CAN bus, frame injection attacks and Fuzzing, with which it was possible to control the instrument panel light, lock doors, among others.
The fuzzing attacks have the highest risk for users, because it could get unexpected behaviors of the car systems. The frame injection attacks also have high-level risk, due to its behavior control and some more malicious actions.
Because of this, we propose to implement some kind of encrypt, without affecting data communication features and keep on network security. Likewise, it is recommended to implement a kind of IDS/IPS, to read and analyze the incoming traffic, in order to detect attacks or unexpected behaviors, and thus prevent with the right action.
In addition to the high cost of oil, global warming and lack of energy resources, forces humanity to seek alternative solutions.
Therefore, this document presents a monitoring system for electrical signals, this can record different parameters of the electric load, in order to display in a web page, the voltage and current parameters that generate the electric charge.
To accomplish all this technology, requires to develop and implement more components and communication protocols. This means that with more technology, more entry points are going to able to launch an attack, increasing the risk of hack a vehicle, because in many cases cars doesn’t have security to prevent or mitigate attacks.
The purpose of this paper is the analysis of the key vulnerabilities of ECU (Electronic Control Unit), which reads data from all different automotive sensors and depending of this information it does an specific action. For that reason, ECUs are the most critical components.
Four test scenarios were developed to collect and compare data. The first scenario is about interaction between a car Chevy C2 2008 and a Laptop with Windows 10, connected through ELM327 Bluetooth. It was achieved to get vehicle information and reset fault codes.
The second test scenario uses a device named ValueCAN3 connected to OBD-II port of a car Seat Ibiza 2013. With this device and its demo version Software, we managed to read CAN bus traffic. Due to the expensive full version Software, we bought an Open Source device named CANtact, which is used in the test scenario three and four.
The scenario three read and analyze CAN bus data, to do a frame injection attack and control some vehicle features like enable door open warning light, parking brake warning light and seat-belt warning light.
The last test scenario consists in vulnerability assessment to ECUs, for this, we used a device CANtact, which connected to OBD-II port of a Suzuki Swift 2013 to analyze the CAN bus data and inject frames. We rely on the test methodology of Pentest NIST 800-115 and the rules behavior guide of SANS Institute, to establish four phases. Through analysis phases we found vulnerabilities that allow to read data from CAN bus, frame injection attacks and Fuzzing, with which it was possible to control the instrument panel light, lock doors, among others.
The fuzzing attacks have the highest risk for users, because it could get unexpected behaviors of the car systems. The frame injection attacks also have high-level risk, due to its behavior control and some more malicious actions.
Because of this, we propose to implement some kind of encrypt, without affecting data communication features and keep on network security. Likewise, it is recommended to implement a kind of IDS/IPS, to read and analyze the incoming traffic, in order to detect attacks or unexpected behaviors, and thus prevent with the right action.