Cybersecurity student researches how to keep cars safe from hacking

August 22, 2016, University of Arkansas at Little Rock

In 2015, two researchers remotely hacked a Jeep Cherokee being driven by a reporter who documented how the researchers controlled everything from the car's radio and media console to its brakes and steering.

For Dr. Shucheng Yu, an associate professor of computer science at the University of Arkansas at Little Rock, the exercise demonstrated how vulnerable smart cars with GPS, Bluetooth, and internet connections are to cyberattacks.

"These cars have become the trend of the future," Yu said. "There could be some very severe consequences if someone hacked into the car. A car can be fully controlled by the hacker if it is not protected."

So Yu and his student, Zachary King, a junior majoring in computer science at UALR, spent the summer researching how to keep cars safe from cyberattacks. They worked on the project during an intensive eight-week summer research program at UALR.

King was one of 10 college students from across the country recruited through a National Science Foundation grant-funded project, "REU Site: CyberSAFE@UALR: Cyber Security and Forensics Research at the University of Arkansas at Little Rock."

The goal of the program is to decrease cyberattacks on people using mobile technology and , said Dr. Mengjun Xie, an associate professor of computer science and director of the CyberSAFE@UALR program.

"The basic idea is to integrate cybersecurity and cyber forensics research with the latest technology in mobile cloud computing and social media to provide research opportunities to students," Xie said.

More than 130 students applied for 10 spots. Participants included undergraduate with a grade point average of 3.0 or higher who are majoring in , computer engineering, math, physics, or electrical engineering

Those selected spent eight weeks conducting research full time with a faculty mentor at the University of Arkansas at Little Rock. Participants received a $4,000 stipend, on-campus housing, a meal plan, and travel expenses.

How to protect your smart car

In his project, "Investigating and Securing Communications in the Controller Area Network (CAN), King created a security protocol to protect smart cars from hacking. He also built an experimental environment that simulates the communication system in a , which allows the security protocol to be tested through simulations

The research focuses on the development of a security protocol to protect the Controller Area Network (CAN), an internal communications system in vehicles.

"There are many ways that hackers can control CAN," King said. "Once they access it, hackers can pretty easily control your car however they want. We are proposing to add a layer of security, so if an unauthorized person accesses it, they still wouldn't be able to control your vehicle."

The security protocol protects the CAN in two ways. It authenticates messages sent through the network by creating an authentication code. This authentication code allows nodes on the network to differentiate between a valid message and an attacker's message.

The second security feature protects against replay attacks, when a hacker attempts to breach the network by repeatedly sending an old message. The protocol uses a timestamp to calculate when the network last received the message, which verifies the message's "freshness."

Yu and King are continuing their research this fall. In the future, Yu hopes to collaborate with industry and funding agencies to implement the security protocol in commercial vehicles and protect cars from hackers.

As for King, participating in this summer research program has left him considering a career in cybersecurity once he graduates in 2018.

"Three months ago, I wouldn't have been able to tell you much about cybersecurity and what a would look like," he said. "After having completed this program, I am more interested in cybersecurity than I was before, and I may end up going that route."

Explore further: Connected, self-drive cars pose serious new security challenges

Related Stories

Recommended for you

Nanoscale Lamb wave-driven motors in nonliquid environments

March 19, 2019

Light driven movement is challenging in nonliquid environments as micro-sized objects can experience strong dry adhesion to contact surfaces and resist movement. In a recent study, Jinsheng Lu and co-workers at the College ...

OSIRIS-REx reveals asteroid Bennu has big surprises

March 19, 2019

A NASA spacecraft that will return a sample of a near-Earth asteroid named Bennu to Earth in 2023 made the first-ever close-up observations of particle plumes erupting from an asteroid's surface. Bennu also revealed itself ...

The powerful meteor that no one saw (except satellites)

March 19, 2019

At precisely 11:48 am on December 18, 2018, a large space rock heading straight for Earth at a speed of 19 miles per second exploded into a vast ball of fire as it entered the atmosphere, 15.9 miles above the Bering Sea.

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Aug 22, 2016
This seems like it might be a future add-on cost imposed by the dealer. Either that, or it will add to the cost of the vehicle, if it is already embedded in the software. The higher the tech, the more dangerous and more security it needs, along with more expensive repair costs. The higher the tech, the more problems, is coming to age. It is the same as the old adage, more money, more problems! The more higher the tech, the more problems!

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.