An Intrusion Detection System Based on Machine Learning for CAN-Bus

被引：19

作者：

Tian, Daxin ^{[1
,3
,4
]}

Li, Yuzhou ^{[1
,3
,4
]}

Wang, Yunpeng ^{[1
,3
,4
]}

Duan, Xuting ^{[3
]}

Wang, Congyu ^{[3
]}

Wang, Wenyang ^{[2
]}

Hui, Rong ^{[2
]}

Guo, Peng ^{[2
]}

机构：

[1] Beihang Univ, Beijing Adv Innovat Ctr Big Data & Brain Comp, XueYuan Rd 37, Beijing 100191, Peoples R China

[2] China Automot Technol & Res Ctr, Automot Engn Res Inst, East Xianfeng Rd 68, Tianjin 300300, Peoples R China

[3] Beihang Univ, Sch Transportat Sci & Engn, Beijing Key Lab Cooperat Vehicle Infrastruct Syst, XueYuan Rd 37, Beijing 100191, Peoples R China

[4] Jiangsu Prov Collaborat Innovat Ctr Modern Urban, Si Pai Lou 2, Nanjing 210096, Jiangsu, Peoples R China

来源：

INDUSTRIAL NETWORKS AND INTELLIGENT SYSTEMS, INISCOM 2017 | 2018年 / 221卷

关键词：

CAN-Bus; Information security; IDS; Machine learning; GBDT; Entropy; Detection performance; ATTACK;

D O I：

10.1007/978-3-319-74176-5_25

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

The CAN-Bus is currently the most widely used vehicle bus network technology, but it is designed for needs of vehicle control system, having massive data and lacking of information security mechanisms and means. The Intrusion Detection System (IDS) based on machine learning is an efficient active information security defense method and suitable for massive data processing. We use a machine learning algorithm-Gradient Boosting Decision Tree (GBDT) in IDS for CAN-Bus and propose a new feature based on entropy as the feature construction of GBDT algorithm. In detection performance, the IDS based on GBDT has a high True Positive (TP) rate and a low False Positive (FP) rate.

引用

页码：285 / 294

页数：10

共 21 条

[1] Biryukov A., 2005, DATA ENCRYPTION STAN
[2] [程克非 CHENG Kefei], 2006, [计算机仿真, Computer Simulation], V23, P92
[3] Greedy function approximation: A gradient boosting machine
Friedman, JH
[J]. ANNALS OF STATISTICS, 2001, 29 (05) : 1189 - 1232
[4] Hamid Y., 2016, INT C INF AN
[5] Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures
Hoppe, Tobias
Kiltz, Stefan
Dittmann, Jana
[J]. COMPUTER SAFETY, RELIABILITY, AND SECURITY, PROCEEDINGS, 2008, 5219 : 235 - 248
[6] A self-adaptive system for vehicle information security applications
Huang, Chun-Hsian
Chen, Huang-Yi
Huang, Tsung-Fu
Tzeng, Yao-Ying
Li, Peng-Yi
Wu, Pei-Shan
[J]. PROCEEDINGS IEEE/IFIP 13TH INTERNATIONAL CONFERENCE ON EMBEDDED AND UBIQUITOUS COMPUTING 2015, 2015, : 188 - 192
[7] A large scale distributed intrusion detection framework based on attack strategy analysis
Huang, MY
Jasper, RJ
Wicks, TM
[J]. COMPUTER NETWORKS-THE INTERNATIONAL JOURNAL OF COMPUTER AND TELECOMMUNICATIONS NETWORKING, 1999, 31 (23-24): : 2465 - 2475
[8] Ibáñez JAG, 2015, IEEE WIREL COMMUN, V22, P122
[9] Iqbal M. R. A., 2012, 2012 7th International Conference on Electrical & Computer Engineering (ICECE), P659, DOI 10.1109/ICECE.2012.6471636
[10] Larson Ulf E., 2008, 2008 IEEE Intelligent Vehicles Symposium (IV), P220, DOI 10.1109/IVS.2008.4621263

← 1 2 3 →