An Intrusion Detection System for In-vehicle CAN Network Based on Sample Entropy

被引：0

作者：

Cui Y. ^{[1
]}

Zhang Y. ^{[1
]}

Wei H. ^{[1
]}

机构：

[1] School of Mechanical Engineering, Beijing Institute of Technology, Beijing

来源：

Qiche Gongcheng/Automotive Engineering | 2023年 / 45卷 / 07期

关键词：

attack simulation; automobile bus network; intrusion detection system; sample entropy;

D O I：

10.19562/j.chinasae.qcgc.2023.07.009

中图分类号：

学科分类号：

摘要：

The intelligent and unmanned development of automobiles has increased the dependence on the automobile bus network，such as the real-time power control of the automobile，the automobile steering control，etc.，which require the automobile CAN network as the carrier of information transmission. However，unlike the industrial Internet，which has sound mechanism of information identification and identity authentication，the on-board CAN network lacks sufficient security protection measures and is easy to be invaded by criminals. Therefore，in order to enhance the secure communication capability of the vehicle CAN network，an intrusion detection system based on sample entropy is proposed in this paper. Specifically，the sample entropy test set is constructed by sampling the bus data of the car in real time，and the sample entropy value is counted by using the sample entropy calculation method，the sudden change of which is observed to determine whether there is an attack at this moment. In addition，this paper uses the actual automotive ECU to conduct a hardware-in-the-loop test to verify the detection capabilities of the proposed method for DOS attacks，fuzzy attacks，and bus-off attacks. The test results show that DOS attack，fuzzy attack，and bus-off attack will make the stable sample entropy value appear non-conductive point，which can be used as an abnormal sign of communication data to determine the intrusion behavior of CAN network. In addition，the online detection of embedded devices also verifies the real-time execution ability of this method on actual ECUs. © 2023 SAE-China. All rights reserved.

引用

页码：1184 / 1191

页数：7

共 23 条

[1] LI F J, WANG Q, QIAN H Y., Overview of internet of vehicles security threats[J], Application of Electronic Technique, 43, 5, pp. 29-33, (2017)
[2] WANG X W., The problem of automobile information security cannot be ignored[J], Automotive Industry Research, 11, pp. 34-39, (2013)
[3] KIM K，, KIM J，, JEONG S，, Et al., Cybersecurity for autonomous vehicles：review of attacks and defense[J], Computers & Security, 103, (2021)
[4] Security on in-vehicle communication protocols：issues，challenges，and future research directions[J], Computer Communications, 180, pp. 1-20, (2021)
[5] OTOUM Y, NAYAK A., AS-IDS：anomaly and signature based ids for the internet of things[J], Journal of Network and Systems Management, 29, 3, (2021)
[6] HOPPE T, KILTZ S, DITTMANN J., Security threats to automotive CAN networks—practical examples and selected short-term countermeasures[J], Reliability Engineering & System Safety, 96, 1, pp. 11-25, (2011)
[7] MUTER M, GROLL A, FREILING F C., A structured approach to anomaly detection for in-vehicle networks[C], 2010 6th International Conference on Information Assurance and Security，IAS 2010, pp. 92-98, (2010)
[8] GMIDEN M, GMIDEN M, TRABELSI H., An intrusion detection method for securing in-vehicle CAN bus[C], 2016 17th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering， STA 2016-Proceedings, pp. 176-180, (2017)
[9] MOORE M R, BRIDGES R A, COMBS F L, Et al., Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks：a data-driven approach to in-vehicle intrusion detection, ACM International Conference Proceeding Series, (2017)
[10] HYUN M S, HA R K, HUY K K., Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network[C], International Conference on Information Networking, pp. 63-68, (2016)

← 1 2 3 →