62 Learning Resources About Vehicle Security and Car Hacking
Security breaches in the automotive sector have been increasingly difficult to prevent due to increasingly sophisticated attack methods. The risks are constantly evolving, impacting the security of the vehicles’ control systems. Teach yourself how to avoid the cars you drive every day from becoming fodder for cybercriminals. More than 100-million cars on the road will be vulnerable to cyber attacks more than ten years from now. Car technology will continue to advance with automatic braking, blind-spot warnings, night vision, self-parking, phones built into dashboards, and more.
Car hacking has become a mainstream topic over the last few years with popular TV shows documenting the subject. This list will serve as a beginner’s and veteran’s guide to car hacking. It discusses how car hacking works, what you need to get started, the prerequisites and the basics, including articles, presentations, books, research papers, courses and podcasts. Learn what you can do to make sure your vehicle is secure.
Car Hacker’s Handbook
- 2014 Car Hacker’s Handbook
Free guide to hacking vehicles from 2014.
- How to hack a car — a quick crash-course
Car enthusiast Kenny Kuchera illustrates just enough information to get you up and running. An excellent resource for first timers!
- Stopping a Jeep Cherokee on the Highway Remotely
Chris Valasek’s and Charlie Miller’s pivotal research on hacking into Jeep’s presented at DEFCON in 2015.
- Troy Hunt on Controlling Nissans
Troy Hunt goes into controlling Nissan vehicles.
- Tesla hackers explain how they did it at Defcon
Overview of DEFCON 23 presentation on hacking into Tesla cars.
- Anatomy of the Rolljam Wireless Car Hack
Overview of the RollJam rolling code exploitation device.
- IOActive’s Tools and Data
Chris Valasek and Charlie Miller release some of their tools and data for hacking into vehicles in an effort to get more people into vehicle security research.
- Developments in Car Hacking
via the SANS Reading Room, Currie’s paper analyses the risks and perils of smart vehicle technology.
- Car Hacking on the Cheap
A whitepaper from Chris Valasek and IOActive on hacking your car when you don’t have a lot of resources at your disposal.
- Car Hacking: The definitive source
Charlie Miller and Chris Valasek publish all tools, data, research notes, and papers for everyone for free
- Car Hacking on the cheap
Craig Smith wrote a brief article on working with Metasploit’s HWBrige using ELM327 Bluetooth dongle
- Researchers tackle autonomous vehicle security
Texas A&M researchers develop intelligence system prototype.
- How big data will impact car security in the proximate future: Concerns and solutions
Impact of big data on car security.
- Reverse engineering of the Nitro OBD2
Reverse engineering of CAN diagnostic tools.
- Analysis of an old Subaru Impreza – Subaru Select Monitor v1 (SSM1)
Digging into an old ECU through an old protocol and disabling a 1997 Subaru Impreza’s speed limiter.
- Car Hacking in 30 Minutes or Less
Using VirtualBox and Kali Linux, you can start car hacking using completely free open-source software and tools, including can-utils, ICSim, ScanTool, Wireshark, and tcpdump
- Drive It Like You Hacked It from DEFCON 23
A talk and slides from Samy Kamkar’s DEFCON 23/2015 talk that includes hacking garages, exploiting automotive mobile apps, and breaking rolling codes to unlock any vehicle with low cost tools.
- Samy Kamkar on Hacking Vehicles with OnStar
Samy Kamkar, the prolific hacker behind the Samy worm on MySpace, explores hacking into vehicles with OnStar systems.
- Remote Exploitation of an Unaltered Passenger Vehicle
DEFCON 23 talk Chris Valasek and Charlie Miller give their now famous talk on hacking into a Jeep remotely and stopping it dead in its tracks.
- Adventures in Automotive Networks and Control Units
DEFCON 21 talk by Chris Valasek and Charlie Miller on automotive networks.
- Can You Trust Autonomous Vehicles?
DEFCON 24 talk by Jianhao Liu, Chen Yan, Wenyuan Xu
- Ken Munro & Dave Lodge – Hacking the Mitsubishi Outlander & IOT
talk from BSides Manchester 2016 by Ken and Dave of Gateway Internals of Tesla Motors
Zeronights 2016 talk by Nie Seng and Liu Ling
- Car Hacking 101
Bugcrowd LevelUp 2017 by Alan Mond
- State of Automotive Cyber Safety, 2015
State of automotive hacking, policy, industry changes, etc. from I Am The Cavalry track at BSides Las Vegas, 2015.
- State of Automotive Cyber Safety, 2016
State of automotive hacking, policy, industry changes, etc. from I Am The Cavalry track at BSides Las Vegas, 2016.
- How to Hack a Tesla Model S
DEF CON 23 talk by Marc Rogers and Kevin Mahaffey on hacking a Tesla. Tesla Co-Founder and CTO, JB Straubel, joins them to thank them and present a challenge coin.
- Self-Driving and Connected Cars: Fooling Sensors and Tracking Drivers
Black Hat talk by Jonathan Petit. Automated and connected vehicles are the next evolution in transportation and will improve safety, traffic efficiency and driving experience. This talk will be divided in two parts: 1) security of autonomous automated vehicles and 2) privacy of connected vehicles. 2015
- A Survey of Remote Automotive Attack Surfaces
Black Hat talk By Charlie Miller and Chris Valasek. Automotive security concerns have gone from the fringe to the mainstream with security researchers showing the susceptibility of the modern vehicle to local and remote attacks. Discussion of vehicle attack surfaces. 2014.
- Pentesting vehicles with YACHT (Yet Another Car Hacking Tool)
A presentation that discusses different attack surfaces of a vehicle, then continues to describe an approach to car hacking along with tools needed to analyse and gather useful information.
- How to drift with any car
Introduction to CAN hacking, and using a real car as an Xbox controller.
- Car Infotainment Hacking Methodology and Attack Surface Scenario
A guide on how to attack, hunt bugs or hack your IVI by Jay Turla which was presented at the Packet Hacking Village / Wall of Sheep during DEF CON 26.
- TR19: Automotive Penetration Testing with Scapy
Overview on how Scapy can be used for automotive penetration testing at Troopers Conference 2019.
Other Related Posts
- 97 Free Resources, Tips and Tricks to Know Everything About Hackathons – 2021
In this collection of resources, you’ll find 97 high quality articles, stories, tips, tricks, guides and videos on Hackathons catering to beginners, regulars, hackathongoers and hackathon organizers. The majority of the content here are online articles and videos, so very little downloading is required.
- Koscher et al. Experimental Security Analysis of a Modern Automobile, 2010
- Comprehensive Experimental Analyses of Automotive Attack Surfaces, 2011
- Miller and Valasek
Self proclaimed “car hacking the definitive source”.
- Adventures in Automotive Networks and Control Units (aka car hacking)
- Car Hacking for Poories
- A Survey of Remote Automotive Attack Surfaces, 2014
- Remote Compromise of an Unaltered Passenger Vehicle (aka The Jeep Hack), 2015
- Advanced CAN Message Injection, 2016
- 5-Star Automotive Cyber Safety Framework, 2015
- A Vulnerability in Modern Automotive Standards and How We Exploited It
- A Car Hacking Experiment: When Connectivity Meets Vulnerability
- Security issues and vulnerabilities in connected car systems
- Automobile Driver Fingerprinting, 2016
- Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network, 2016
- Modeling Inter-Signal Arrival Times for Accurate Detection of
- Udacity’s Self Driving Car Engineer Course
The content for Udacity’s self driving car software engineer course.
- Keen Security Lab Blog
Blog created by Keen Security Lab of Tencent that posts research on car security.
Provides public access, documentation and tools necessary to understand today’s modern vehicle systems.
- DEFCON Car Hacking Village
Car Hacking exercises from DEFCON 24.
- I Am The Cavalry
Global grassroots (eg. volunteer) initiative focused on the intersection of security and human life/public safety issues, such as cars. Participation from security researchers, OEMs, Tier 1s, and many others. Published Carloop Community
Community of people interested in car hacking and connecting vehicles to the cloud.
- Python Security
A website for browsing and buying python-integrated cars having certain vehicular security features.
- Security Weekly
Excellent podcast covering all ranges of security, with some episodes focusing portions on vehicle security from cars to drones.
- SANS Internet Storm Center
The ISC run a regular podcast going into the latest vulnerabilities and security news.
- Security Ledger
A podcast focusing on interviewing security experts about topics related to security.
- Car Hacking with Craig Smith
Software Engineering Daily did an amazing episode with Craig Smith, author of the Car Hacking Handbook (above), on hacking into vehicles.
- Big Bugs Podcast Episode 1: Auto Bugs – Critical Vulns found in Cars with Jason Haddix
Jason Haddix explores major vulnerabilities found in cars.
- Hacking Under the Hood and Into Your Car
Chris Valasek and Charlie Miller discuss with NPR how they were able to hack into vehicles.
- Hacking Connected Vehicles with Chris Valasek of IOActive
Chris Valasek talks about hacking into connected vehicles.
Watch videos about books, reading and writing. Expect weird, amazing, never known before facts and many more.
INTERNET / DIGITAL MARKETING HUB
Download free Internet Marketing Ebooks, comprehensive tips & tricks and informative infographics.