MichiCAN: Spoofing and Denial-of-Service Protection using Integrated CAN Controllers

The Controller Area Network (CAN) has been the de facto in-vehicle network protocol since the 1980s, despite lacking essential security principles like authenticity, confidentiality, integrity, and availability. CAN is especially vulnerable to Denial-of-Service (DoS) attacks, threatening the availability of safety-critical functions. Existing countermeasures have seen limited adoption due to challenges in real-time detection, prevention, and high overhead on Electronic Control Units (ECUs). To address these issues, we propose MichiCAN, a distributed, backward-compatible, real-time defense against DoS and spoofing attacks. MichiCAN leverages integrated/on-chip CAN controllers in modern MCUs, enabling bit-level access to CAN messages. This allows MichiCAN to detect DoS attacks during the arbitration phase and neutralize them by bussing off the attacker ECU swiftly. Experiments on a CAN bus prototype and a real vehicle demonstrate MichiCAN’s effectiveness in enhancing automotive network security.