| PRESENTATION: |
Demonstrating the CANBus Protector
|
|
PRESENTER(S):
|
Corey Thuen, Senior Security Consultant for IOActive
|
|
CONFERENCE:
|
DOT/DHS Automotive Cybersecurity R&D Showcase
|
|
LOCATION:
|
DOT Volpe Center, Cambridge, MA
|
|
DATE:
|
October 19, 2016
|
The CANBus Protector is an open source solution used to address the problem of aftermarket devices, such as insurance OBDII dongles, that provide new avenues for attackers to potentially take over a vehicle. Attackers with access to the OBDII port, which is used by these devices to provide their intended functionality, are able to take control of vehicle functions in potentially catastrophic ways.
The CANBus Protector essentially isolates these aftermarket devices, thwarting an attacker attempting to gain control through them. So the vehicle, and more importantly its occupants, are kept safe from this increasingly prevalent risk, while still being able to realize the intended benefits of the aftermarket device (such as lower insurance rates) being used. In this demonstration, Corey Thuen, Senior Security Consultant for IOActive, will further explore this important tool in an effort to better protect connected vehicles.
About Corey Thuen
Corey Thuen is a Senior Security Consultant at IOActive where he focuses on transportation and industrial control security. He has spent over a decade hacking critical infrastructure systems. Corey’s recent research has been in the realm of vehicle security and remote telemetry dongles.
Before joining IOActive, Corey served as Security Researcher at Digital Bond. Earlier, Corey worked at Southfork Security and Idaho National Laboratory. Thuen is a NSA CyberCorps Scholarship for Service Fellow and received a Master of Science degree in Computer Science from the University of Idaho. He regularly speaks at conferences, teaches hands-on training exercises, and participates in Capture-the-Flag competitions.
About DOT/DHS Automotive Cybersecurity R&D Showcase
The US Department of Transportation (DOT)/Volpe National Transportation Systems Center (Volpe Center) in collaboration with the Department of Homeland Security Science and Technology Directorate Cyber Security Division (DHS S&T CSD), Open Garages/Theia Labs, and Mitre Corporation are conducting an invitation-only Automotive Cybersecurity R&D Showcase on October 18-20, 2016. This event will be hosted at the Volpe Center in Cambridge, MA. The event will bring together key stakeholders and technologists from government, automotive industry, academia, research laboratories, and independent security research working in the automotive cybersecurity sector.
About IOActive
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.