IN-VEHICLE NETWORK INTRUSION DETECTION USING UNSUPERVISED LEARNING

Discussed herein are devices, systems, and methods for detecting anomalous or malicious processes based on in-vehicle network traffic data. A method includes receiving, at a monitor device, a controller access network (CAN) bus packet from an electronic control unit (ECU), implementing an ensemble h...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Leslie, Nandi O
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Discussed herein are devices, systems, and methods for detecting anomalous or malicious processes based on in-vehicle network traffic data. A method includes receiving, at a monitor device, a controller access network (CAN) bus packet from an electronic control unit (ECU), implementing an ensemble hierarchical agglomerative clustering (E-HAC) algorithm to identify respective clusters to which the CAN bus data maps, and determining, based on the identified respective clusters, whether the CAN bus packet is associated with in-vehicle network intrusion.