IT security specialist develops Anomaly Detection system to analyse CAN bus communications for potential presence of malicious code.
With a long-established presence in the field of cyber security for home and office systems, Symantec is now giving the automotive industry the benefit of its expertise with the release of its Anomaly Detection product for use in automotive applications.
By learning standard behaviour and expected traffic on communications within the vehicle, the code is able to pick up anomolies that could indicate a so-called “zero day” attack, one which has never been seen before and is of a particularly high threat because it has no established “signature” by which it can be recognised.
Symantec came up with the new product in recognition of the fact that cars are packed with electronic communication, consumer systems, safety and vehicular control systems and future autonomous control devices. With some forecasts estimating the existence of up to 220 million connected cars on the roads of the world by the end of the decade, there is a pressing need to protect drivers and passengers from potential attacks by cyber criminals that could endanger them.
Symantec Anomaly Detection uses machine learning technology to provide passive in-vehicle security analytics that monitor all Controller Area Network (CAN) bus traffic without disrupting vehicle operations, learn what normal behaviour is and flag anomalous activity that may indicate an attack.
According to Christian Christiansen of IDC, security problems with connected cars have already emerged and manufacturers are now creating partnerships with cyber-security experts to secure vehicles in the same way that other consumer electronic products are protected. “Keeping security in the top of the mind will not only help ensure the safety of drivers and passengers but also build trust in the car manufactures and the overall Internet of Things,” he said.
Symantec Anomaly Detection will help automotive manufacturers by enabling them to gain insight into previously unseen attacks without the need to have pre-set rules or policies and have them automatically prioritised based on perceived risk.
Commenting on the fact that cyber security threats to vehicles are no longer just a theoretical possibility but is a reality, Symantec’s Shankar Somasundaram said, “The infrastructure and technology that already helps protect billions of devices and trillions of dollars is now protecting the car as well.”
The Anomaly Detection product is not Symantec’s first venture into the automotive industry with the company already having invested into relevant product development as part of its Internet-of-Things (IoT) protection strategy, which covers cars, smart connected devices and industrial control systems too. The company has created a white paper entitled “Building Comprehensive Security Into Cars” on the subject.