At the 2nd Cyber Security in CarS Workshop (CSCS), held alongside the 32nd ACM Conference on Computer and Communications Security (CCS) in Taipei, Jannis Hamborg from the Applied Cyber Security Darmstadt (ACSD) research group will present the paper "RollCAN – CAN-bus based RollJam-Attack," co-authored with Timm Lauser and Christoph Krauß, also from ACSD.

The paper adapts the principles of the well-known RollJam wireless attack to in-vehicle networks: RollCAN lets an attacker with physical access intercept, block, and replay Remote Keyless Entry (RKE) messages carried over the Controller Area Network (CAN) bus, enabling unauthorized locking and unlocking of doors. The authors demonstrate the attack’s practicality with two implementations, one using professional automotive-grade tooling and another built from a Raspberry Pi plus a CAN interface, and discuss possible mitigations.

RollCAN highlights how vulnerabilities can cross domains (wireless to in-vehicle bus) and underscores the need for layered defenses in automotive systems, from message authentication to better physical access controls. Attendees at CSCS will be able to see the results and mitigation discussion firsthand during the presentation.

Link to the paper entry on the ACM Digital Library: https://dl.acm.org/doi/10.1145/3736130.3762686

Citation: Jannis Hamborg, Timm Lauser, Christoph Krauß. RollCAN - CAN-bus based RollJam-Attack. In Proceedings of the 2nd Cyber Security in Cars Workshop (CSCS). ACM. 2025. https://doi.org/10.1145/3736130.3762686