Abstract

In-vehicle security research is challenging because it is hard for most researchers to get a real vehicle for security evaluation. On the other hand, the existing software solutions are either very expensive or having very limited functionality. There is a high demand for a convenient tool which can generate flexible datasets for in-vehicle attack and defense evaluation. In this work, we design and develop an Attack Traffic Generation (ATG) tool for security testing of in-vehicle CAN bus. It removes the barrier for research in this area by providing an open-source software package which works with a cheap, widely available hardware configuration. ATG provides a free and functional toolkit to automotive security researchers for easy and effective interaction with real or simulated CAN bus. One of the most important features of ATG is automatic generation of attack payloads. The payloads can be preconfigured and used within multiple attack modes. ATG can inject attack packets into CAN bus and record the CAN bus traffic in real time. The replay mode enables effective evaluation of CAN bus security implementations using the pre-classified datasets. In addition, a unified data format for raw re-playable CAN sequences enables different automotive research teams to exchange datasets and preform security testing simultaneously against different vehicles and simulation hardware.