Anomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network

被引:36
作者
Olufowobi, Habeeb [1 ]
Ezeobi, Uchenna [1 ]
Muhati, Eric [1 ]
Robinson, Gaylon [1 ]
Young, Clinton [2 ]
Zambreno, Joseph [2 ]
Bloom, Gedare [1 ]
机构
[1] Howard Univ, Washington, DC 20059 USA
[2] Iowa State Univ, Ames, IA USA
来源
PROCEEDINGS OF THE ACM WORKSHOP ON AUTOMOTIVE CYBERSECURITY (AUTOSEC '19) | 2019年
关键词
CAN; intrusion detection; data injection; sequential methods; change-point detection; CUSUM;
D O I
10.1145/3309171.3309178
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
The modern vehicle has transformed from a purely mechanical system to a system that embeds several electronic devices. These devices communicate through the in-vehicle network for enhanced safety and comfort but are vulnerable to cyber-physical risks and attacks. A well-known technique of detecting these attacks and unusual events is by using intrusion detection systems. Anomalies in the network occur at unknown points and produce abrupt changes in the statistical features of the message stream. In this paper, we propose an anomaly-based intrusion detection approach using the cumulative sum (CUSUM) change-point detection algorithm to detect data injection attacks on the controller area network (CAN) bus. We leverage the parameters required for the change-point algorithm to reduce false alarm rate and detection delay. Using real dataset generated from a car in normal operation, we evaluate our detection approach on three different kinds of attack scenarios.
引用
收藏
页码:25 / 30
页数:6
相关论文
共 21 条
[11]  
Moore S, 2017, GRANDPARENTING: CONTEMPORARY PERSPECTIVES, P11
[12]  
Müter M, 2011, IEEE INT VEH SYM, P1110, DOI 10.1109/IVS.2011.5940552
[13]   Work-in-Progress: Real-Time Modeling for Intrusion Detection in Automotive Controller Area Network [J].
Olufowobi, Habeeb ;
Bloom, Gedare ;
Young, Clinton ;
Zambreno, Joseph .
2018 39TH IEEE REAL-TIME SYSTEMS SYMPOSIUM (RTSS 2018), 2018, :161-164
[14]  
Osanaiye O, 2016, COMPUT SCI ELECTR, P204, DOI 10.1109/CEEC.2016.7835914
[15]  
PAGE ES, 1954, BIOMETRIKA, V41, P100, DOI 10.1093/biomet/41.1-2.100
[16]  
Song HM, 2016, 2016 INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING (ICOIN), P63, DOI 10.1109/ICOIN.2016.7427089
[17]   Real-Time Misbehavior Detection in IEEE 802.11-Based Wireless Networks: An Analytical Approach [J].
Tang, Jin ;
Cheng, Yu ;
Zhuang, Weihua .
IEEE TRANSACTIONS ON MOBILE COMPUTING, 2014, 13 (01) :146-158
[18]   A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods [J].
Tartakovsky, Alexander G. ;
Rozovskii, Boris L. ;
Blazek, Rudolf B. ;
Kim, Hongjoong .
IEEE TRANSACTIONS ON SIGNAL PROCESSING, 2006, 54 (09) :3372-3382
[19]  
Tartakovsky Alexander G, 2014, Data analysis for network cyber-security, P33
[20]   Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks [J].
Taylor, Adrian ;
Leblanc, Sylvain ;
Japkowicz, Nathalie .
PROCEEDINGS OF 3RD IEEE/ACM INTERNATIONAL CONFERENCE ON DATA SCIENCE AND ADVANCED ANALYTICS, (DSAA 2016), 2016, :130-139
123