{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,2]],"date-time":"2026-07-02T12:56:49Z","timestamp":1782997009280,"version":"3.54.5"},"reference-count":21,"publisher":"MDPI AG","issue":"17","license":[{"start":{"date-parts":[[2020,8,30]],"date-time":"2020-08-30T00:00:00Z","timestamp":1598745600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["NO.61874047"],"award-info":[{"award-number":["NO.61874047"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The Internet of Things (IoT) is an industry-recognized next intelligent life solution that increases the level of comfort, efficiency, and automation for citizens through numerous sensors, smart devices, and cloud stations connected physically. As an important application scenario of IoT, the Internet of Vehicles (IoV) plays an extremely critical role in the intelligent transportation field. In fact, the In-Vehicle Network of smart vehicles that are recognized as the core roles in intelligent transportation is currently the Controller Area Network (CAN). However, the In-Vehicle CAN bus protocol has several vulnerabilities without any encryption, authentication, or integrity checking, which severely threatens the safety of drivers and passengers. Once malicious attackers hack the vehicular gateway and obtain the access right of the CAN, they may control the vehicle based on the vulnerabilities of the CAN bus protocol. Given the severe security risk of CAN, we proposed the CANsec, a practical In-Vehicle CAN security evaluation tool that simulates malicious attacks according to major attack models to evaluate the security risk of the In-Vehicle CAN. We also show a usage case of the CANsec without knowing any information from the vehicle manufacturer.<\/jats:p>","DOI":"10.3390\/s20174900","type":"journal-article","created":{"date-parts":[[2020,8,30]],"date-time":"2020-08-30T06:06:22Z","timestamp":1598767582000},"page":"4900","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":39,"title":["CANsec: A Practical in-Vehicle Controller Area Network Security Evaluation Tool"],"prefix":"10.3390","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4272-7710","authenticated-orcid":false,"given":"Haichun","family":"Zhang","sequence":"first","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology, Wuhan 430074, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xu","family":"Meng","sequence":"additional","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology, Wuhan 430074, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xiong","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology, Wuhan 430074, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Zhenglin","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Optical and Electronic Information, Huazhong University of Science and Technology, Wuhan 430074, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2020,8,30]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"82721","DOI":"10.1109\/ACCESS.2019.2924045","article-title":"A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures","volume":"7","author":"Hassija","year":"2019","journal-title":"IEEE Access"},{"key":"ref_2","unstructured":"Kelarestaghi, K.B., Foruhandeh, M., Heaslip, K., and Gerdes, R. (2019). Intelligent Transportation System Security: Impact-Oriented Risk Assessment of In-Vehicle Networks. IEEE Intell. Transp. Syst. Mag., 1."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Kimm, H., and Ham, H. (2010, January 19\u201321). Integrated fault tolerant system for automotive bus networks. Proceedings of the 2010 Second International Conference on Computer Engineering and Applications, Bali Island, Indonesia.","DOI":"10.1109\/ICCEA.2010.100"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1109\/MNET.2018.1700448","article-title":"In-Vehicle Networking: Protocols, Challenges, and Solutions","volume":"33","author":"Huang","year":"2018","journal-title":"IEEE Netw."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1850082","DOI":"10.1142\/S0218126618500822","article-title":"Macsec-based security for automotive ethernet backbones","volume":"27","author":"Carnevale","year":"2018","journal-title":"J. Circuits Syst. Comput."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1887","DOI":"10.1109\/TII.2016.2571667","article-title":"Using two independent channels with gateway for FlexRay static segment scheduling","volume":"12","year":"2016","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., and Shacham, H. (2010, January 16\u201319). Experimental Security Analysis of a Modern Automobile. Proceedings of the 2010 IEEE Symposium on Security and Privacy, Berkeley\/Oakland, CA, USA.","DOI":"10.1109\/SP.2010.34"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Bozdal, M., Samie, M., Aslam, S., and Jennions, I. (2020). Evaluation of CAN Bus Security Challenges. Sensors, 20.","DOI":"10.3390\/s20082364"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Huang, T., Zhou, J., and Bytes, A. (2018, January 27\u201330). ATG: An attack traffic generation tool for security testing of in-vehicle CAN bus. Proceedings of the 13th International Conference on Availability, Reliability and Security, Hamburg, Germany.","DOI":"10.1145\/3230833.3230843"},{"key":"ref_10","first-page":"42","article-title":"Practical Methodology for In-Vehicle CAN Security Evaluation","volume":"9","author":"Park","year":"2019","journal-title":"J. Internet Serv. Inf. Secur. (JISIS)"},{"key":"ref_11","unstructured":"Cho, K.T., and Shin, K.G. (2016, January 10\u201312). Fingerprinting electronic control units for vehicle intrusion detection. Proceedings of the 25th USENIX Security Symposium (USENIX Security 16), Austin, TX, USA."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Kang, M.J., and Kang, J.W. (2016). Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE, 11.","DOI":"10.1371\/journal.pone.0155781"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Taylor, A., Leblanc, S.P., and Japkowicz, N. (2016, January 17\u201319). Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks. Proceedings of the 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA), Montreal, QC, Canada.","DOI":"10.1109\/DSAA.2016.20"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Di Natale, M., Zeng, H., Giusto, P., and Ghosal, A. (2012). Understanding and Using the Controller Area Network Communication Protocol: Theory and Practice, Springer-Verlag.","DOI":"10.1007\/978-1-4614-0314-2"},{"key":"ref_15","unstructured":"Avatefipour, O., and Malik, H. (2018). State-of-the-art survey on in-vehicle network communication (CAN-Bus) security and vulnerabilities. arXiv."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1109\/MNET.2017.1600257","article-title":"In-Vehicle Network Attacks and Countermeasures: Challenges and Future Directions","volume":"31","author":"Liu","year":"2017","journal-title":"IEEE Netw."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Ying, X., Bernieri, G., Conti, M., and Poovendran, R. (2019, January 16\u201318). TACAN: Transmitter authentication through covert channels in controller area networks. Proceedings of the 10th ACM\/IEEE International Conference on Cyber-Physical Systems, Montreal, QC, Canada.","DOI":"10.1145\/3302509.3313783"},{"key":"ref_18","unstructured":"Hazem, A., and Fahmy, H.A. (2012, January 28\u201329). Lcap-a lightweight can authentication protocol for securing in-vehicle networks. Proceedings of the 10th escar Embedded Security in Cars Conference, Berlin, Germany."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Noureldeen, P., Azer, M.A., Refaat, A., and Alam, M. (2017, January 19\u201320). Replay attack on lightweight CAN authentication protocol. Proceedings of the 2017 12th International Conference on Computer Engineering and Systems (ICCES), Cairo, Egypt.","DOI":"10.1109\/ICCES.2017.8275376"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Lin, C.-W., and Sangiovanni-Vincentelli, A. (2012, January 14\u201316). Cyber-Security for the Controller Area Network (CAN) Communication Protocol. Proceedings of the 2012 International Conference on Cyber Security, Washington, DC, USA.","DOI":"10.1109\/CyberSecurity.2012.7"},{"key":"ref_21","first-page":"159","article-title":"Automotive Security on Abnormal Vehicle Behavior Using Only Fabricated Informative CAN Messages","volume":"27","author":"Takahashi","year":"2019","journal-title":"J. Inf. Process."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/17\/4900\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T10:04:46Z","timestamp":1760177086000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/17\/4900"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,30]]},"references-count":21,"journal-issue":{"issue":"17","published-online":{"date-parts":[[2020,9]]}},"alternative-id":["s20174900"],"URL":"https:\/\/doi.org\/10.3390\/s20174900","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,8,30]]}}}