Application of Controller Area Network (CAN) bus anomaly detection based on time series prediction

被引：55

作者：

Qin, Hongmao ^{[1
]}

Yan, Mengru ^{[1
]}

Ji, Haojie ^{[2
,3
]}

机构：

[1] Beihang Univ, Sch Transportat Sci & Engn, Beijing 100191, Peoples R China

[2] Beihang Univ, Hefei Innovat Res Inst, Hefei 230012, Peoples R China

[3] Beihang Univ, Sch Elect & Informat Engn, Beijing 100191, Peoples R China

来源：

VEHICULAR COMMUNICATIONS | 2021年 / 27卷

关键词：

Intelligent connected vehicle; In-vehicle network; Cyber security; Time series; Intrusion detection; SECURITY;

D O I：

10.1016/j.vehcom.2020.100291

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Electronization and intelligentization are gradually becoming the basic characteristics of modern automobiles. With the continuous deepening of intelligent network integration, automotive information security has become increasingly prominent. The in-vehicle network system is responsible for controlling the state of intelligent connected vehicles and significantly affecting driving safety. This research focuses on one deep learning technique based on time series prediction, namely long short-term memory (LSTM). An anomaly detection algorithm based on two data formats is proposed to detect the abnormal behavior of the controller area network (CAN) bus under tampering attacks. Five forms of loss functions are proposed and used to compare the test results to determine the final one. The evaluation indicates that the anomaly detection algorithm based on LSTM algorithm has a lower false positive rate and a higher detection rate using the chosen loss function. (C) 2020 Elsevier Inc. All rights reserved.

引用

页数：12

共 33 条

[1]

[Anonymous], 2011, 2011 IEEE INT S WORL

[2]

Bécsi T, 2015, 2015 INTERNATIONAL CONFERENCE ON MODELS AND TECHNOLOGIES FOR INTELLIGENT TRANSPORTATION SYSTEMS (MT-ITS), P477, DOI 10.1109/MTITS.2015.7223297

[3]

Cho KT, 2016, PROCEEDINGS OF THE 25TH USENIX SECURITY SYMPOSIUM, P911

[4]

Fu R, 2016, 2016 31ST YOUTH ACADEMIC ANNUAL CONFERENCE OF CHINESE ASSOCIATION OF AUTOMATION (YAC), P324, DOI 10.1109/YAC.2016.7804912

[5] Learning to forget: Continual prediction with LSTM [J].

Gers, FA ;

Schmidhuber, J ;

Cummins, F .

NEURAL COMPUTATION, 2000, 12 (10) :2451-2471

[6] How Effective Are the Prevailing Attack-Defense Models for Cybersecurity Anyway? [J].

He, Daojing ;

Chan, Sammy ;

Zhang, Yan ;

Wu, Chunming ;

Wang, Bing .

IEEE INTELLIGENT SYSTEMS, 2014, 29 (05) :14-21

[7] Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures [J].

Hoppe, Tobias ;

Kiltz, Stefan ;

Dittmann, Jana .

COMPUTER SAFETY, RELIABILITY, AND SECURITY, PROCEEDINGS, 2008, 5219 :235-248

[8] Automatic Reverse Engineering of CAN Bus Data Using Machine Learning Techniques [J].

Huybrechts, Thomas ;

Vanommeslaeghe, Yon ;

Blontrock, Dries ;

Van Barel, Gregory ;

Hellinckx, Peter .

ADVANCES ON P2P, PARALLEL, GRID, CLOUD AND INTERNET COMPUTING (3PGCIC-2017), 2018, 13 :751-761

[9]

Jadhav AU, 2015, INT C PERVASIVE COMP, P1

[10] Comparative Performance Evaluation of Intrusion Detection Methods for In-Vehicle Networks [J].

Ji, Haojie ;

Wang, Yunpeng ;

Qin, Hongmao ;

Wang, Yongjian ;

Li, Honggang .

IEEE ACCESS, 2018, 6 :37523-37532

← 1 2 3 4 →