Adaptive Controller Area Network Intrusion Detection System Considering Temperature Variations

Security threats increase as connectivity among vehicles increases. In particular, a lack of authentication, integrity, and confidentiality makes the controller area network (CAN) protocol, which is used in critical domains such as vehicle body and powertrain, vulnerable to threats. In this paper, we propose methods for CAN security enhancement that use a support vector machine (SVM) and the autocorrelation of the received signal to detect a malicious node. Robustness to temperature variation is also considered because autocorrelation is affected by temperature variation. There are two methods based on the degree of uniformity of the temperature distribution. If the temperature is uniformly distributed over the vehicle and the temperature sensor is embedded in the secure node, the first scheme (temperature measurement system) trains data in each segmented temperature range more precisely using multiple classifiers. If not (i.e., a nonuniform temperature distribution or an absence of a temperature sensor), the alternative scheme (all-temperature training system) trains data in all temperature ranges with a single classifier. The performances of the proposed systems are evaluated on a testbed. The proposed method can operate without modifying the CAN protocol because it is based on the characteristics of the physical layer. In addition, security can be enhanced redundantly by the system running independently without authentication protocols.