IN-VEHICLE NETWORK INTRUSION DETECTION USING UNSUPERVISED LEARNING
Discussed herein are devices, systems, and methods for detecting anomalous or malicious processes based on in-vehicle network traffic data. A method includes receiving, at a monitor device, a controller access network (CAN) bus packet from an electronic control unit (ECU), implementing an ensemble h...
Gespeichert in:
1. Verfasser: | |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Discussed herein are devices, systems, and methods for detecting anomalous or malicious processes based on in-vehicle network traffic data. A method includes receiving, at a monitor device, a controller access network (CAN) bus packet from an electronic control unit (ECU), implementing an ensemble hierarchical agglomerative clustering (E-HAC) algorithm to identify respective clusters to which the CAN bus data maps, and determining, based on the identified respective clusters, whether the CAN bus packet is associated with in-vehicle network intrusion. |
---|