In the past, automobile security meant the prevention of physical access, through locks. As times have changed, the trend of automobiles has switched from physical security to smart intelligent security. Such a change has given hackers a chance to attack the ECU (electronic control unit) system in automobiles. The current automobile communication system adopts the CAN (controller area network) communication method which has some vulnerabilities. The first one is ID (identification) spoofing. The second is service distribution attacks. The third one is Android application attack. Today, automobiles use numerous types of ECUs to control the engine, door locks, and the wheel. Since CAN protocol broadcasts signals, hackers can easily access them. To connect to automobile communication systems, hackers frequently use highly-universal Android or IOS applications. When an owner of a vehicle emits signals through its Bluetooth dongle, hackers are able to access them easily to collect and analyze data, and create specific data to attack the ECU of the vehicle, for control. Therefore, this study proposes a method of preventing such attacks through an authentication system and an Android terminal.

connected car, CAN, security, vulnerability.