智能网联汽车的车载网络攻防技术研究进展  

作　　者：陈博言 沈晴霓[1,2,4] 张晓磊 张鑫 李聪 吴中海 CHEN Bo-Yan;SHEN Qing-Ni;ZHANG Xiao-Lei;ZHANG Xin;LI Cong;WU Zhong-Hai(School of Software and Microelectronics,Peking University,Beijing 102600,China;National Engineering Research Center for Software Engineering(Peking University),Beijing 100871,China;School of Computer Science,Peking University,Beijing 100871,China;High Confidence Software Technology(Peking University),Ministry of Education,Beijing 100871,China)

机构地区：[1]北京大学软件与微电子学院,北京102600 [2]软件工程国家工程研究中心(北京大学),北京100871 [3]北京大学计算机学院,北京100871 [4]高可信软件技术教育部重点实验室(北京大学),北京100871

出　　处：《软件学报》2025年第1期341-370,共30页Journal of Software

基　　金：国家自然科学基金(61672062)。

摘　　要：随着人工智能和5G技术在汽车行业的应用,智能网联汽车应运而生,它是一种由众多来自不同供应商的电子控制单元(ECU)组成的复杂分布式异构系统,通过以CAN为代表的车载网络协议交互协同控制各ECU.然而,攻击者可能通过各种接口攻击智能网联汽车,渗透到车载网络,再攻击车载网络及其各组成部分如ECU.因此,智能网联汽车的车载网络安全成为近些年车辆安全研究的焦点之一.在介绍智能网联汽车整体结构、ECU、CAN总线和车载诊断协议等基础之上,首先总结了目前车载网络协议的逆向工程技术进展,逆向工程的目标是获取汽车行业通常不公开的车载网络协议实现细节,也是实施攻击和防御的前提条件.然后从车载网络攻、防两个角度展开:一方面概括了车载网络攻击向量及主要攻击技术,包括通过物理访问和远程访问方式实施的攻击技术,以及针对ECU和CAN总线实施的攻击技术;另一方面,讨论了车载网络现有的防御技术,包括基于特征工程和机器学习方法的车载网络入侵检测和基于密码学方法的车载网络协议安全增强技术.最后展望了未来的研究方向.As artificial intelligence and 5G technology are applied in the automotive industry,the intelligent connected vehicle came into being.It is a complex distributed heterogeneous system composed of a large number of electronic control units(ECUs)from different suppliers and collaborates to control each ECU through the in-vehicle network protocol represented by CAN.However,an attacker could attack an intelligent connected vehicle through a variety of interfaces to penetrate the in-vehicle network,and then attack the in-vehicle network and its components such as ECU.Therefore,in-vehicle network security for intelligent connected vehicles has become one of the focuses of vehicle security research in recent years.On the basis of introducing the structure of intelligent connected vehicle,ECU,CAN bus and on-board diagnostic protocol,this study first summarizes the research progress of reverse engineering technology for in-vehicle network protocols.The reverse engineering technology aims to obtain the implementation details of in-vehicle network protocols that are usually not disclosed in the automotive industry.It is also a prerequisite for the implementation of in-vehicle network attack and defense.The remaining part is developed from two angles of attack and defense.On the one hand,the attack vectors and main attack technologies of in-vehicle network are summarized,including the attack technologies implemented through physical access and remote access,as well as the attack technologies implemented against ECU and CAN bus.On the other hand,the existing in-vehicle network defense technologies are discussed,including the intrusion detection technology based on feature extraction and machine learning methods,and the security enhancement technology of in-vehicle network protocols based on cryptographic approaches.Finally,the future research direction is prospected.

关 键 词：智能网联汽车 车载网络 逆向工程 入侵检测 协议安全增强 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]