{"id":"https://openalex.org/W4413382401","doi":"https://doi.org/10.1145/3760787","title":"Denial of Service Vulnerabilities in Commercial Vehicles: Exploiting Diagnostic Protocol Flaws","display_name":"Denial of Service Vulnerabilities in Commercial Vehicles: Exploiting Diagnostic Protocol Flaws","publication_year":2025,"publication_date":"2025-08-14","ids":{"openalex":"https://openalex.org/W4413382401","doi":"https://doi.org/10.1145/3760787"},"language":"en","primary_location":{"id":"doi:10.1145/3760787","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3760787","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3760787","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3760787","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5023504003","display_name":"Carson Green","orcid":null},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Carson Green","raw_affiliation_strings":["Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","Colorado State University, USA"],"raw_orcid":"https://orcid.org/0009-0006-5907-8648","affiliations":[{"raw_affiliation_string":"Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","institution_ids":["https://openalex.org/I92446798"]},{"raw_affiliation_string":"Colorado State University, USA","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Rik Chatterjee","orcid":"https://orcid.org/0009-0000-0278-6738"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rik Chatterjee","raw_affiliation_strings":["Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","Colorado State University, USA"],"raw_orcid":"https://orcid.org/0009-0000-0278-6738","affiliations":[{"raw_affiliation_string":"Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","institution_ids":["https://openalex.org/I92446798"]},{"raw_affiliation_string":"Colorado State University, USA","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5029893253","display_name":"Jeremy Daily","orcid":"https://orcid.org/0009-0007-7781-7923"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jeremy Daily","raw_affiliation_strings":["Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","Colorado State University, USA"],"raw_orcid":"https://orcid.org/0009-0007-7781-7923","affiliations":[{"raw_affiliation_string":"Systems Engineering, Colorado State University, Fort Collins, Colorado, USA","institution_ids":["https://openalex.org/I92446798"]},{"raw_affiliation_string":"Colorado State University, USA","institution_ids":["https://openalex.org/I92446798"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5023504003"],"corresponding_institution_ids":["https://openalex.org/I92446798"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.18091179,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"10","issue":"1","first_page":"1","last_page":"25"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10761","display_name":"Vehicular Ad Hoc Networks (VANETs)","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10761","display_name":"Vehicular Ad Hoc Networks (VANETs)","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11099","display_name":"Autonomous Vehicle Technology and Safety","score":0.9907000064849854,"subfield":{"id":"https://openalex.org/subfields/2203","display_name":"Automotive Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.8287810683250427},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6521362662315369},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.6394779682159424},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5005042552947998},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.4879762530326843},{"id":"https://openalex.org/keywords/denial","display_name":"Denial","score":0.48560041189193726},{"id":"https://openalex.org/keywords/ip-traceback","display_name":"IP traceback","score":0.41627052426338196},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.40377509593963623},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3770412504673004},{"id":"https://openalex.org/keywords/medicine","display_name":"Medicine","score":0.1246294379234314},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.11534872651100159},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1077260673046112},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.05212491750717163}],"concepts":[{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.8287810683250427},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6521362662315369},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.6394779682159424},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5005042552947998},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.4879762530326843},{"id":"https://openalex.org/C2780900520","wikidata":"https://www.wikidata.org/wiki/Q100268981","display_name":"Denial","level":2,"score":0.48560041189193726},{"id":"https://openalex.org/C2776059407","wikidata":"https://www.wikidata.org/wiki/Q5973212","display_name":"IP traceback","level":4,"score":0.41627052426338196},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.40377509593963623},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3770412504673004},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.1246294379234314},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.11534872651100159},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1077260673046112},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.05212491750717163},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C11171543","wikidata":"https://www.wikidata.org/wiki/Q41630","display_name":"Psychoanalysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3760787","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3760787","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3760787","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3760787","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3760787","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3760787","source":{"id":"https://openalex.org/S2506189754","display_name":"ACM Transactions on Cyber-Physical Systems","issn_l":"2378-962X","issn":["2378-962X","2378-9638"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Cyber-Physical Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4413382401.pdf","grobid_xml":"https://content.openalex.org/works/W4413382401.grobid-xml"},"referenced_works_count":14,"referenced_works":["https://openalex.org/W220935706","https://openalex.org/W2116520617","https://openalex.org/W2791964896","https://openalex.org/W2982902108","https://openalex.org/W3142157466","https://openalex.org/W3200250341","https://openalex.org/W4323966568","https://openalex.org/W4362660478","https://openalex.org/W4404102733","https://openalex.org/W4407272606","https://openalex.org/W4407272666","https://openalex.org/W4407281621","https://openalex.org/W4407937505","https://openalex.org/W4411672216"],"related_works":["https://openalex.org/W2170470865","https://openalex.org/W2127772962","https://openalex.org/W2167302331","https://openalex.org/W1493760256","https://openalex.org/W2359167911","https://openalex.org/W2122974298","https://openalex.org/W2342208107","https://openalex.org/W2151002785","https://openalex.org/W2353701916","https://openalex.org/W2199179552"],"abstract_inverted_index":{"Commercial":[0],"vehicles":[1,243],"are":[2,25,299],"a":[3,94,158,182,192,198,206,237,247,280],"vital":[4,99,300],"component":[5],"of":[6,13,40,170,223,229,241],"modern":[7],"logistics":[8],"and":[9,17,68,86,116,154,267,303],"transportation,":[10],"forming":[11],"part":[12],"the":[14,38,45,57,112,136,145,152,162,168,221,233,308,316],"critical":[15],"infrastructure":[16,39],"representing":[18],"safety-critical":[19],"cyber-physical":[20],"systems.":[21],"Contemporary":[22],"automotive":[23],"operations":[24],"dominated":[26],"by":[27,97],"embedded":[28],"computing":[29],"systems":[30,50],"that":[31,54,108,250],"engage":[32],"through":[33],"standardized":[34],"protocols,":[35],"which":[36],"constitute":[37],"vehicular":[41],"communication":[42],"networks.":[43,296],"Within":[44],"commercial":[46,129,294],"vehicle":[47,295],"sector,":[48],"these":[49,118,216],"utilize":[51],"high-level":[52],"protocols":[53,218,310],"operate":[55],"over":[56,91],"Controller":[58],"Area":[59],"Network":[60],"(CAN)":[61],"protocol":[62,114,148,165,284],"for":[63,290,301,318],"internal":[64,252],"exchanges":[65],"in":[66,79,111],"medium":[67],"heavy-duty":[69],"vehicles.":[70],"The":[71,209],"Unified":[72],"Diagnostic":[73],"Services":[74],"(UDS)":[75,85],"protocol,":[76],"as":[77,205],"described":[78],"International":[80],"Standards":[81],"Organization":[82],"(ISO)":[83],"14229":[84,147],"ISO":[87,146,163],"15765":[88,164],"(Diagnostic":[89],"Communication":[90],"CAN),":[92],"plays":[93],"pivotal":[95],"role":[96],"providing":[98],"diagnostic":[100,113,255,273,283,309],"capabilities.":[101],"This":[102,275],"research":[103],"introduces":[104,279],"four":[105],"specific":[106,217],"scenarios":[107],"expose":[109],"deficiencies":[110],"standards":[115],"how":[117,213],"can":[119,219],"be":[120],"manipulated":[121],"to":[122,161,181,227,262,282],"initiate":[123],"attacks":[124,214],"on":[125],"in-vehicle":[126],"computers":[127],"within":[128,144,232,293],"vehicles,":[130],"circumventing":[131],"existing":[132],"security":[133,291,320],"frameworks.":[134],"In":[135],"first":[137],"three":[138,142],"scenarios,":[139],"we":[140],"demonstrate":[141,212],"flaws":[143],"standards.":[149,166],"Following":[150],"this,":[151],"fourth":[153],"final":[155],"scenario":[156],"elucidates":[157],"flaw":[159],"unique":[160],"For":[167],"purpose":[169],"demonstration,":[171],"test":[172],"setups":[173],"incorporating":[174],"actual":[175],"Electronic":[176],"Control":[177],"Units":[178],"(ECUs)":[179],"linked":[180],"CAN":[183],"bus":[184],"were":[185,189],"employed.":[186],"Further":[187],"experiments":[188],"performed":[190],"using":[191],"fully":[193],"equipped":[194],"cab":[195],"assembly":[196],"from":[197,254],"2018":[199],"Freightliner":[200,234],"Cascadia":[201,235],"truck,":[202],"set":[203],"up":[204],"testing":[207],"environment.":[208],"experimental":[210],"outcomes":[211],"targeting":[215],"undermine":[220],"integrity":[222],"individual":[224],"ECUs,":[225],"leading":[226],"denial":[228],"service.":[230],"Additionally,":[231],"configuration,":[236],"network":[238,313],"architecture":[239],"typical":[240],"contemporary":[242],"was":[244],"observed,":[245],"featuring":[246],"gateway":[248,259],"unit":[249],"isolates":[251],"ECUs":[253],"interfaces.":[256],"Although":[257],"this":[258],"is":[260],"engineered":[261],"prevent":[263],"conventional":[264],"message":[265],"injection":[266],"spoofing":[268],"attacks,":[269],"it":[270],"permits":[271],"all":[272],"communications.":[274],"selective":[276],"permeability":[277],"inadvertently":[278],"susceptibility":[281],"flaws,":[285],"highlighting":[286],"an":[287],"essential":[288],"area":[289],"improvements":[292],"These":[297],"insights":[298],"engineers":[302],"developers":[304],"tasked":[305],"with":[306],"integrating":[307],"into":[311],"their":[312],"subsystems,":[314],"underscoring":[315],"urgency":[317],"improved":[319],"provisions.":[321]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}