SoylentNews

cafebabe writes:

Wired reports that:

They built their anti-hacking device for $150 in parts: an mbed NXP micro controller and a simple board. This plugs into a jack underneath a car or truck's dashboard known as the OBD2 port. Power it on for a minute during routine driving, and it captures the vehicle's typical data patterns. Then switch it into detection mode to monitor for anomalies like an unusual flood of signals or a command that should be sent when the car is parked but shows up when you're instead doing 80 on the highway.

If it spots mischief, the device puts the car into what Miller and Valasek call "limp mode," essentially shutting down its network and disabling higher-level functions like power steering and lane assist until the vehicle restarts. "You just plug it in, it learns, then it stops attacks," says Valasek, the director of vehicle security research at security consultancy IOActive.

Miller and Valasek's gadget may raise fears about false positives that could mistakenly disable your car's computers during rush hour. But in their tests, they say it hasn't misinterpreted any innocent signals in the car's networks as attacks. That's in part, they say, because a car's digital communications are far more predictable than those of a typical computer network. "It's just machines talking to machines," says Valasek. "In the automotive world, the traffic is so normalized that it's very obvious when something happens that's not supposed to happen."

The inventors claim it defeats all previous CANBus attacks. However, when you've got no authentication, no encryption and no source address in your "trusted" network, defense seems like a losing battle.