CAN Reverse Engineering
Automated payload reverse engineering pipeline for the Controller Area Network (CAN) protocol using machine learning
Overview
This project provides Python and R scripts for automated reverse engineering of Controller Area Network (CAN) payloads observed from passenger vehicles. Originally developed by Dr. Brent Stone at the Air Force Institute of Technology, this research tool uses machine learning techniques to analyze and decode proprietary CAN bus signals.Get Started
Install and run your first CAN analysis in minutes
Pipeline Overview
Understand the three-phase reverse engineering process
API Reference
Explore the core classes and modules
Advanced Features
Multi-file batch processing and validation
Key Features
Lexical Analysis
Bit-level tokenization and signal extraction from CAN payloads
Semantic Analysis
Correlation-based clustering to identify related signals
J1979 Detection
Automatic identification of SAE J1979 standard signals
Time Series Visualization
Plot and analyze signal behavior over time
Multi-File Processing
Batch process multiple CAN log files automatically
EDM Integration
Empirical Dynamic Modeling with R scripts
Quick Example
Main.py
- Pre-processes CAN data and identifies J1979 signals
- Tokenizes payloads to extract individual signals
- Clusters signals by correlation
- Generates visualizations and reports
Research Foundation
This code was developed in pursuit of a Ph.D. in Computer Science. For details about the methods and algorithms used, see the included dissertation: “Enabling Auditing and Intrusion Detection for Proprietary Controller Area Networks” (AFIT-END-DS-18-D-003.pdf).The views expressed in this project are those of the author and do not reflect the official policy or position of the United States Air Force, Department of Defense, or United States Government.