Anomaly Detection in Vehicular CAN Bus Using Message Identifier Sequences

As the automotive industry moves forward, security of vehicular networks becomes increasingly important. Controller area network (CAN bus) remains as one of the most widely-used protocols for in-vehicle communication. In this work, we study an intrusion detection system (IDS) which detects anomalies...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2021, Vol.9, p.136243-136252
1. Verfasser: Donmez, Tahsin C. M.
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:As the automotive industry moves forward, security of vehicular networks becomes increasingly important. Controller area network (CAN bus) remains as one of the most widely-used protocols for in-vehicle communication. In this work, we study an intrusion detection system (IDS) which detects anomalies in vehicular CAN bus traffic by analyzing message identifier sequences. We collected CAN bus data from a heavy-duty truck over a period of several months. First, we identify the properties of CAN bus traffic which enable the described approach, and demonstrate that they hold in different datasets collected from different vehicles. Then, we perform an experimental study of the IDS, using the collected CAN bus data and procedurally generated attacks. We analyze the performance of the IDS, considering various attack types and hyperparameter values. The analysis yields promising sensitivity and specificity values, as well as very fast decision times and acceptable memory footprint.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2021.3117038