Cybersecurity in the CAN Protocol: A Systematic Mapping of Attacks and Vulnerabilities in Practical Scenarios
Resumo
The technological evolution of vehicles has expanded their attack surface, exposing the CAN (Controller Area Network) protocol to critical vulnerabilities. This paper presents a Systematic Literature Mapping (SLM) analyzing 196 studies focused on practical experiments. Results highlight the prevalence of Spoofing and Injection attacks targeting critical functions like braking and steering. The study identifies a significant lack of standardized attack taxonomy and risk classification in the literature. Furthermore, it distinguishes between legacy architectures and emerging UN R155-compliant vehicles, which implement defenses such as Security Gateways, marking a transition towards secure-by-design automotive ecosystems.Referências
Bajpai, P. and Enbody, R. (2020). Towards effective identification and rating of automotive vulnerabilities. In Proceedings of the Second ACM Workshop on Automotive and Aerial Vehicle Security, AutoSec ’20, page 37–44, New York, NY, USA. Association for Computing Machinery.
Fakhfakh, F., Tounsi, M., and Mosbah, M. (2021). Cybersecurity attacks on can bus based vehicles: a review and open challenges. Library Hi Tech, 40(5):1179–1203.
Fernandez de Arroyabe, I., Watson, T., and Angelopoulou, O. (2022). Cybersecurity in the automotive industry: A systematic literature review (slr). Journal of Computer Information Systems.
Kaspersky (2015). Black hat usa 2015: The full story of how miller and valasek hacked a jeep. [link]. Accessed: 29 jan. 2026.
Kifor, C. V. and Popescu, A. (2024). Automotive cybersecurity: A survey on frameworks, standards, and testing and monitoring technologies. Sensors, 24(18).
Luo, F., Zhang, X., Yang, Z., Jiang, Y., Wang, J., Wu, M., and Feng, W. (2022). Cybersecurity testing for automotive domain: A survey. Sensors, 22(23).
Nilsson, D., Phung, P., and Larson, U. Vehicle ECU classification based on safety-security characteristics, page 102.
O Tempo (2024). Frota brasileira fecha 2023 em 119.227.657; um veículo para cada 1,7 habitante. Accessed: 29 jan. 2026.
Song, H. M., Woo, J., and Kim, H. K. (2020). In-vehicle network intrusion detection using deep convolutional neural networks. In Proceedings of the 7th ACM International Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications (DIVANet), pages 10–17, New York, NY, USA. Association for Computing Machinery.
Tanenbaum, A. S. and Wetherall, D. J. (2011). Redes de computadores. Pearson Prentice Hall, São Paulo, 5 edition.
United Nations Economic Commission for Europe (2021). UN Regulation No. 155: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system. Regulation 155, UNECE.
Verma, M. E., Iannaccone, M. D., Bridges, R. A., Hollifield, S. C., Kay, B., and Combs, F. L. (2021). ROAD: The real open automotive datasets for modern vehicles. In Proceedings of the 3rd ACM Workshop on Automotive and Autonomous Vehicle Security (AutoSec ’21), New York, NY, USA. Association for Computing Machinery.
Wang, W., Guo, K., Cao, W., et al. (2024). Review of electrical and electronic architectures for autonomous vehicles: Topologies, networking and simulators. Automotive Innovation, 7:82–101.
Xin, Y., Wang, X., Lu, L., Zhuo, S., Jiang, Y., Singh, A. K., Ren, K., Yang, M., and Wu, K. (2025). LUFT-CAN: A lightweight unsupervised learning based intrusion detection system with frequency-time analysis for vehicular CAN bus. Journal of Systems Architecture.
Fakhfakh, F., Tounsi, M., and Mosbah, M. (2021). Cybersecurity attacks on can bus based vehicles: a review and open challenges. Library Hi Tech, 40(5):1179–1203.
Fernandez de Arroyabe, I., Watson, T., and Angelopoulou, O. (2022). Cybersecurity in the automotive industry: A systematic literature review (slr). Journal of Computer Information Systems.
Kaspersky (2015). Black hat usa 2015: The full story of how miller and valasek hacked a jeep. [link]. Accessed: 29 jan. 2026.
Kifor, C. V. and Popescu, A. (2024). Automotive cybersecurity: A survey on frameworks, standards, and testing and monitoring technologies. Sensors, 24(18).
Luo, F., Zhang, X., Yang, Z., Jiang, Y., Wang, J., Wu, M., and Feng, W. (2022). Cybersecurity testing for automotive domain: A survey. Sensors, 22(23).
Nilsson, D., Phung, P., and Larson, U. Vehicle ECU classification based on safety-security characteristics, page 102.
O Tempo (2024). Frota brasileira fecha 2023 em 119.227.657; um veículo para cada 1,7 habitante. Accessed: 29 jan. 2026.
Song, H. M., Woo, J., and Kim, H. K. (2020). In-vehicle network intrusion detection using deep convolutional neural networks. In Proceedings of the 7th ACM International Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications (DIVANet), pages 10–17, New York, NY, USA. Association for Computing Machinery.
Tanenbaum, A. S. and Wetherall, D. J. (2011). Redes de computadores. Pearson Prentice Hall, São Paulo, 5 edition.
United Nations Economic Commission for Europe (2021). UN Regulation No. 155: Uniform provisions concerning the approval of vehicles with regards to cyber security and cyber security management system. Regulation 155, UNECE.
Verma, M. E., Iannaccone, M. D., Bridges, R. A., Hollifield, S. C., Kay, B., and Combs, F. L. (2021). ROAD: The real open automotive datasets for modern vehicles. In Proceedings of the 3rd ACM Workshop on Automotive and Autonomous Vehicle Security (AutoSec ’21), New York, NY, USA. Association for Computing Machinery.
Wang, W., Guo, K., Cao, W., et al. (2024). Review of electrical and electronic architectures for autonomous vehicles: Topologies, networking and simulators. Automotive Innovation, 7:82–101.
Xin, Y., Wang, X., Lu, L., Zhuo, S., Jiang, Y., Singh, A. K., Ren, K., Yang, M., and Wu, K. (2025). LUFT-CAN: A lightweight unsupervised learning based intrusion detection system with frequency-time analysis for vehicular CAN bus. Journal of Systems Architecture.
Publicado
25/05/2026
Como Citar
BALTOR, Amanda Kasat; CASTELO BRANCO, Kalinka.
Cybersecurity in the CAN Protocol: A Systematic Mapping of Attacks and Vulnerabilities in Practical Scenarios. In: SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 44. , 2026, Praia do Forte/BA.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2026
.
p. 505-518.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2026.19790.
