Article 1
Archive 1
A black sedan cruises silently down a quiet suburban road, driver humming Christmas carols quietly while the car’s autopilot handles the driving. Suddenly, red flashing lights and audible warnings blare to life, snapping the driver from their peaceful reprieve. They look at the dashboard screen and see the outline of a car speeding toward them for a head-on collision, yet the headlights reveal nothing ahead through the windshield.
Despite the incongruity, the car’s autopilot grabs control and swerves into a ditch. Exasperated, the driver looks around the vicinity, finding no other vehicles as the incoming danger disappears from the screen. Moments later, the real threat emerges — a group of hijackers jogging toward the immobilized vehicle.
This scene seems destined to become a common plot point in Hollywood films for decades to come. But due to the complexities of modern automotive detection systems, it remains firmly in the realm of science fiction. At least for the moment.
The technology can hide the approach of an existing car, create a phantom car where none exists or even trick the radar into thinking a real car has quickly deviated from its actual course. And it can achieve this feat in the blink of an eye without having any prior knowledge about the specific settings of the victim’s radar, making it the most troublesome threat to radar security to date.
The researchers say MadRadar shows that manufacturers should immediately begin taking steps to better safeguard their products.
The research will be published in 2024 Network and Distributed System Security Symposium, taking place February 26 – March 1 in San Diego, California.
“Without knowing much about the targeted car’s radar system, we can make a fake vehicle appear out of nowhere or make an actual vehicle disappear in real-world experiments,” Pajic said. “We’re not building these systems to hurt anyone, we’re demonstrating the existing problems with current radar systems to show that we need to fundamentally change how we design them.”
In modern cars that feature assistive and autonomous driving systems, radar is typically used to detect moving vehicles in front of and around the vehicle. It also helps to augment visual and laser-based systems to detect vehicles moving in front of or behind the car.
Because there are now so many different cars using radar on a typical highway, it is unlikely that any two vehicles will have the exact same operating parameters, even if they share a make and model. For example, they might use slightly different operating frequencies or take measurements at slightly different intervals. Because of this, previous demonstrations of radar-spoofing systems have needed to know the specific parameters being used.
“Think of it like trying to stop someone from listening to the radio,” explained Pajic. “To block the signal or to hijack it with your own broadcast, you’d need to know what station they were listening to first.”
In the MadRadar demonstration, the team from Duke showed off the capabilities of a radar-spoofing system they’ve built that can accurately detect a car’s radar parameters in less than a quarter of a second. Once they’ve been discovered, the system can send out its own radar signals to fool the target’s radar.
In one demonstration, MadRadar sends signals to the target car to make it perceive another car where none actually exist. This involves modifying the signal’s characteristics based on time and velocity in such a way that it mimics what a real contact would look like.
In a second and much more complicated example, it fools the target’s radar into thinking the opposite — that there is no passing car when one actually does exist. It achieves this by delicately adding masking signals around the car’s true location to create a sort of bright spot that confuses the radar system.
“You have to be judicious about adding signals to the radar system, because if you simply flooded the entire field of vision, it’d immediately know something was wrong,” said David Hunt, a PhD student working in Pajic’s lab.
In a third kind of attack, the researchers mix the two approaches to make it seem as though an existing car has suddenly changed course. The researchers recommend that carmakers try randomizing a radar system’s operating parameters over time and adding safeguards to the processing algorithms to spot similar attacks.
“Imagine adaptive cruise control, which uses radar, believing that the car in front of me was speeding up, causing your own car to speed up, when in reality it wasn’t changing speed at all,” said Pajic. “If this were done at night, by the time your car’s cameras figured it out you’d be in trouble.”
Each of these attack demonstrations, the researchers emphasize, were done on real-world radar systems in actual cars moving at roadway speeds. It’s an impressive feat, given that if the spoofing radar signals are even a microsecond off the mark, the fake datapoint would be misplaced by the length of a football field.
“These lessons go far beyond radar systems in cars as well,” Pajic said. “If you want to build drones that can explore dark environments, like in search and rescue or reconnaissance operations, that don’t cost thousands of dollars, radar is the way to go.”
Article 2
Archive 2
The MadRadar hack bypasses the anti-spoofing protections in the radars of self-driving cars and can trick targets into imagining vehicles that aren't there — or hiding other ones that are.
Scientists demonstrated three attack methods using MadRadar and urged automakers to rethink how they protect self-driving cars and their inhabitants.
A malicious technology can trick self-driving cars into "hallucinating" phantom vehicles and veering dangerously off-course to get out of their way, researchers have discovered.
The new hack, dubbed "MadRadar," can also hide real cars from on-vehicle radar sensors and fool a self-driving car into thinking a real car has jerked off course. The scientists reported their findings in a peer-reviewed paper, which will be presented Feb. 26 at the Network and Distributed System Security (NDSS) Symposium 2024 in San Diego.
"Without knowing much about the targeted car's radar system, we can make a fake vehicle appear out of nowhere or make an actual vehicle disappear in real-world experiments," lead author Miroslav Pajic, a professor of electrical and computer engineering at Duke University in North Carolina, said in a statement. "We're not building these systems to hurt anyone, we're demonstrating the existing problems with current radar systems to show that we need to fundamentally change how we design them."
Self-driving cars will increasingly take to U.S. roads over the next few years. Mercedes Benz became the first automaker in the U.S. to receive approval for Level 3 self-driving cars in January 2023 — meaning vehicles can perform all the driving under certain conditions. Approval was granted by Nevada state regulators for use on U.S. public freeways. Many electric vehicles, including Tesla's, are fitted with automation or autopilot systems.
Different cars use different systems by design, so it's unlikely any two vehicles will use the same operating parameters even if they are the same make and model of car, the scientists said in the statement. They may, for example, use different operating frequencies or take measurements at marginally different intervals — measures that are built in to protect against radar-spoofing attacks.
MadRadar, however, can accurately detect a car's radar parameters in less than a quarter of a second from a remote position and then send out its own radar signals to fool the target's radar. The scientists did not reveal the specific mechanisms of the attack ahead of their paper's publication at NDSS.
They did, however, demonstrate three attack types on real-world radar systems in moving cars. In one attack, MadRadar sent signals to the target car to fool it into thinking another vehicle was in its way. It did this by changing the signal so it mimicked what the expected contact might look like.
A second attack fooled a target's radar into thinking there was no passing car, when in reality there was one. MadRadar did this by adding masking signals around the passing car's location to create a "bright spot" and confuse the radar system.
In the third attack, the researchers combined these two attacks and fooled a car into thinking a real car had suddenly changed course. "Imagine adaptive cruise control, which uses radar, believing that the car in front of me was speeding up, causing your own car to speed up, when in reality it wasn't changing speed at all," Pajic said. "If this were done at night, by the time your car's cameras figured it out you'd be in trouble."
The results, the scientists said, reveal that car manufacturers need to rethink how they implement anti-radar-spoofing protections in their vehicles. Manufacturers should take steps to better safeguard vehicles and their inhabitants, they added, though the team didn't specify how.
Archive 1
Engineers Develop Hack to Make Automotive Radar Hallucinate
Demonstration reveals potential vulnerability of our increasingly automated carsA black sedan cruises silently down a quiet suburban road, driver humming Christmas carols quietly while the car’s autopilot handles the driving. Suddenly, red flashing lights and audible warnings blare to life, snapping the driver from their peaceful reprieve. They look at the dashboard screen and see the outline of a car speeding toward them for a head-on collision, yet the headlights reveal nothing ahead through the windshield.
Despite the incongruity, the car’s autopilot grabs control and swerves into a ditch. Exasperated, the driver looks around the vicinity, finding no other vehicles as the incoming danger disappears from the screen. Moments later, the real threat emerges — a group of hijackers jogging toward the immobilized vehicle.
This scene seems destined to become a common plot point in Hollywood films for decades to come. But due to the complexities of modern automotive detection systems, it remains firmly in the realm of science fiction. At least for the moment.
The technology can hide the approach of an existing car, create a phantom car where none exists or even trick the radar into thinking a real car has quickly deviated from its actual course. And it can achieve this feat in the blink of an eye without having any prior knowledge about the specific settings of the victim’s radar, making it the most troublesome threat to radar security to date.
The researchers say MadRadar shows that manufacturers should immediately begin taking steps to better safeguard their products.
The research will be published in 2024 Network and Distributed System Security Symposium, taking place February 26 – March 1 in San Diego, California.
“Without knowing much about the targeted car’s radar system, we can make a fake vehicle appear out of nowhere or make an actual vehicle disappear in real-world experiments,” Pajic said. “We’re not building these systems to hurt anyone, we’re demonstrating the existing problems with current radar systems to show that we need to fundamentally change how we design them.”
In modern cars that feature assistive and autonomous driving systems, radar is typically used to detect moving vehicles in front of and around the vehicle. It also helps to augment visual and laser-based systems to detect vehicles moving in front of or behind the car.
Because there are now so many different cars using radar on a typical highway, it is unlikely that any two vehicles will have the exact same operating parameters, even if they share a make and model. For example, they might use slightly different operating frequencies or take measurements at slightly different intervals. Because of this, previous demonstrations of radar-spoofing systems have needed to know the specific parameters being used.
“Think of it like trying to stop someone from listening to the radio,” explained Pajic. “To block the signal or to hijack it with your own broadcast, you’d need to know what station they were listening to first.”
In the MadRadar demonstration, the team from Duke showed off the capabilities of a radar-spoofing system they’ve built that can accurately detect a car’s radar parameters in less than a quarter of a second. Once they’ve been discovered, the system can send out its own radar signals to fool the target’s radar.
In one demonstration, MadRadar sends signals to the target car to make it perceive another car where none actually exist. This involves modifying the signal’s characteristics based on time and velocity in such a way that it mimics what a real contact would look like.
In a second and much more complicated example, it fools the target’s radar into thinking the opposite — that there is no passing car when one actually does exist. It achieves this by delicately adding masking signals around the car’s true location to create a sort of bright spot that confuses the radar system.
“You have to be judicious about adding signals to the radar system, because if you simply flooded the entire field of vision, it’d immediately know something was wrong,” said David Hunt, a PhD student working in Pajic’s lab.
In a third kind of attack, the researchers mix the two approaches to make it seem as though an existing car has suddenly changed course. The researchers recommend that carmakers try randomizing a radar system’s operating parameters over time and adding safeguards to the processing algorithms to spot similar attacks.
“Imagine adaptive cruise control, which uses radar, believing that the car in front of me was speeding up, causing your own car to speed up, when in reality it wasn’t changing speed at all,” said Pajic. “If this were done at night, by the time your car’s cameras figured it out you’d be in trouble.”
Each of these attack demonstrations, the researchers emphasize, were done on real-world radar systems in actual cars moving at roadway speeds. It’s an impressive feat, given that if the spoofing radar signals are even a microsecond off the mark, the fake datapoint would be misplaced by the length of a football field.
“These lessons go far beyond radar systems in cars as well,” Pajic said. “If you want to build drones that can explore dark environments, like in search and rescue or reconnaissance operations, that don’t cost thousands of dollars, radar is the way to go.”
Article 2
Archive 2
MadRadar hack can make self-driving cars 'hallucinate' imaginary vehicles and veer dangerously off course
The MadRadar hack bypasses the anti-spoofing protections in the radars of self-driving cars and can trick targets into imagining vehicles that aren't there — or hiding other ones that are.
Scientists demonstrated three attack methods using MadRadar and urged automakers to rethink how they protect self-driving cars and their inhabitants.
A malicious technology can trick self-driving cars into "hallucinating" phantom vehicles and veering dangerously off-course to get out of their way, researchers have discovered.
The new hack, dubbed "MadRadar," can also hide real cars from on-vehicle radar sensors and fool a self-driving car into thinking a real car has jerked off course. The scientists reported their findings in a peer-reviewed paper, which will be presented Feb. 26 at the Network and Distributed System Security (NDSS) Symposium 2024 in San Diego.
"Without knowing much about the targeted car's radar system, we can make a fake vehicle appear out of nowhere or make an actual vehicle disappear in real-world experiments," lead author Miroslav Pajic, a professor of electrical and computer engineering at Duke University in North Carolina, said in a statement. "We're not building these systems to hurt anyone, we're demonstrating the existing problems with current radar systems to show that we need to fundamentally change how we design them."
Self-driving cars will increasingly take to U.S. roads over the next few years. Mercedes Benz became the first automaker in the U.S. to receive approval for Level 3 self-driving cars in January 2023 — meaning vehicles can perform all the driving under certain conditions. Approval was granted by Nevada state regulators for use on U.S. public freeways. Many electric vehicles, including Tesla's, are fitted with automation or autopilot systems.
Different cars use different systems by design, so it's unlikely any two vehicles will use the same operating parameters even if they are the same make and model of car, the scientists said in the statement. They may, for example, use different operating frequencies or take measurements at marginally different intervals — measures that are built in to protect against radar-spoofing attacks.
MadRadar, however, can accurately detect a car's radar parameters in less than a quarter of a second from a remote position and then send out its own radar signals to fool the target's radar. The scientists did not reveal the specific mechanisms of the attack ahead of their paper's publication at NDSS.
They did, however, demonstrate three attack types on real-world radar systems in moving cars. In one attack, MadRadar sent signals to the target car to fool it into thinking another vehicle was in its way. It did this by changing the signal so it mimicked what the expected contact might look like.
A second attack fooled a target's radar into thinking there was no passing car, when in reality there was one. MadRadar did this by adding masking signals around the passing car's location to create a "bright spot" and confuse the radar system.
In the third attack, the researchers combined these two attacks and fooled a car into thinking a real car had suddenly changed course. "Imagine adaptive cruise control, which uses radar, believing that the car in front of me was speeding up, causing your own car to speed up, when in reality it wasn't changing speed at all," Pajic said. "If this were done at night, by the time your car's cameras figured it out you'd be in trouble."
The results, the scientists said, reveal that car manufacturers need to rethink how they implement anti-radar-spoofing protections in their vehicles. Manufacturers should take steps to better safeguard vehicles and their inhabitants, they added, though the team didn't specify how.
