AutoHack
- HOME
- AutoHack
- AutoHack2024
AutoHack2024
CO-SHOW AutoHack 2024 is Korea’s only competition focused on automotive hacking and defense. It was led and organized by MoSE, the Mobility Cybersecurity Laboratory at Kookmin University, which also prepared the competition challenges. Based on its research expertise in automotive cybersecurity, the MoSE Laboratory provided its own research vehicles to create a hands-on training environment using real vehicles. Through this competition, participants were given the opportunity to experience real-world security threats.
This competition was jointly hosted by the Future Mobility Consortium and the Data Security Utilization Convergence Consortium under the Convergence and Open Sharing System project. A total of 86 students from 21 universities participated in AutoHack 2024. After the preliminary round, 45 students from 14 universities advanced to the final round.
This competition was jointly hosted by the Future Mobility Consortium and the Data Security Utilization Convergence Consortium under the Convergence and Open Sharing System project. A total of 86 students from 21 universities participated in AutoHack 2024. After the preliminary round, 45 students from 14 universities advanced to the final round.
- -Sponsored by AUTOCRYPT and TOSUN
- -Dreamhack and BusinessH4C participated as official sponsors
- -A real vehicle-based automotive hacking and defense competition using vehicles donated by Hyundai Motor Company and Volkswagen Group Korea
1. Preliminary Training for the CTF Round
Preliminary training for the CTF round was provided to competition applicants. Through this training, participants acquired basic knowledge of static analysis, dynamic analysis, and system hacking related to automotive security, and became familiar with the languages and tools required for each type of analysis.
2. Preliminary CTF Round
The preliminary round consisted of a total of 10 CTF challenges. The problems covered various categories, including Pwnable, Misc, and Reversing, as well as automotive-specific challenges, in order to evaluate participants’ hacking and cybersecurity capabilities.
3.Preliminary Training for Final-Round Challenges
Training on the main tracks of the final round was provided to participants who passed the preliminary round. The training covered various communication protocols used in real vehicles, including CAN, RF, and BLE. Through both theory and practice, participants improved their understanding of vehicle hacking and became familiar with the equipment required for automotive hacking.
4. Final Round
The final round addressed advanced real-world security threats, including protocol-based attack scenarios targeting actual vehicles, hardware hacking, and bypassing intrusion detection systems (IDS) using CAN attack data. Participants challenged themselves with more advanced automotive security problems.
Communication Protocol Attack Track
Through the CAN, RF, and BLE attack tracks, final-round participants analyzed the given communication scenarios and solved the assigned challenges. This track evaluated participants’ understanding of communication protocols and their analysis capabilities.
Hardware Attack Track
Through the hardware attack track, final-round participants accessed the input/output ports or shell of the given vehicle infotainment system and solved the assigned challenges. This track evaluated participants’ understanding of the hardware boot process and their shell hacking capabilities.
CAN IDS Attack and Defense Challenge
Through the CAN IDS attack and defense challenge, in which participants attempted to evade detection by a simple IDS model developed by the organizers and deployed on a real vehicle, this track evaluated final-round participants’ CAN packet analysis capabilities and their understanding of IDS operating principles for detection evasion.