Attacker Identification and Intrusion Detection for In-Vehicle Networks

As the most wide-spread in-vehicle data bus protocol, CAN (Controller Area Network) has attracted more and more attention due to its lack of security protection mechanism. A variety of attacks against CAN bus have emerged, posing serious threat to vehicle safety. Accordingly, some methods have been...

Full description

Saved in:
Bibliographic Details
Published inIEEE communications letters Vol. 23; no. 11; pp. 1927 - 1930
Main Authors Ning, Jing, Wang, Jiadai, Liu, Jiajia, Kato, Nei
Format Journal Article
LanguageEnglish
Published New York IEEE 01.11.2019
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Anomaly detection
Automobile safety
Buses (vehicles)
Controller area network
Data analysis
Dimensionality reduction
Feature extraction
In vehicle
Intrusion
Intrusion detection
local outlier factor
Outliers (statistics)
Physical properties
Product development
Protocols
Vehicle safety
Voltage measurement
Online AccessGet full text

Cover

More Information
Summary:As the most wide-spread in-vehicle data bus protocol, CAN (Controller Area Network) has attracted more and more attention due to its lack of security protection mechanism. A variety of attacks against CAN bus have emerged, posing serious threat to vehicle safety. Accordingly, some methods have been proposed to detect CAN bus attacks, however, they have certain shortcomings such as additional computing burden and obvious false detection rate. Therefore, using the physical characteristics of voltage signal on CAN bus, we propose an LOF (Local Outlier Factor)-based intrusion detection method, which can greatly reduce the false detection rate as well as improve the detection accuracy. The modification of CAN protocol and the additional computation burden can also be avoided. In addition, to the best of our knowledge, we are the first to implement bus-off intrusion detection on real vehicles.
ISSN:1089-7798
1558-2558
DOI:10.1109/LCOMM.2019.2937097