An Approach to using Honeypots in In-Vehicle Networks

Paper in proceeding, 2008

An emerging trend among automobile manufacturers is to introduce wireless technology in the vehicles. By allowing wireless communication, real-time information exchange between vehicles as well as between infrastructure and vehicles becomes a reality. This communication allows for road condition reporting, decision making, and remote diagnostics and firmware updates over-the-air, creating a complex critical infrastructure involving vehicles, road-side equipment, and firmware issuers. Allowing external parties wireless access to the vehicle creates a potential entry-point for cyber attacks. Since the safety of the driver depends on correct vehicle operation it is of utmost importance that the in-vehicle network is sufficiently protected against attacks. If we can learn the attackers' preferences, techniques, and weaknesses in existing systems, we can use this information to design security solutions for the in-vehicle network. In this paper, we present and discuss the use of honeypots as a means of collecting such attacker information. We show how to design a vehicle honeypot, how to gather data from attackers, and discuss how to process and analyze the gathered data. Furthermore, we provide a discussion where we highlight important issues related to using honeypots in vehicles.