Practical Approaches for Detecting DoS Attacks on CAN Network

Some of the recent studies reveal that it is possible to access the in-vehicle networks and inject malicious messages to alter the behavior of the vehicle. Researchers have shown that, it is possible to hack a car’s communication network and remotely take control of brake, steering, power window systems, etc. Hence, it becomes inevitable to implement schemes that detect anomalies and prevent attacks on Controller Area Network (CAN). Our work explores the complete anomaly detection process for CAN. We cover the techniques followed, available tools and challenges at every stage. Beginning with what makes CAN protocol vulnerable, we discuss case studies about attacks on CAN with major focus on Denial of Service (DoS) attack. We analyze the pattern of normal CAN messages obtained from real vehicle, along with patterns of simulated attack data using different methods/tools. The work in this paper presents a statistical data analysis based machine learning algorithm with two approaches “time-based” and “message-based” to detect DoS attack on CAN bus. Comparative analysis of observations and accuracy results are highlighted. The average accuracy obtained for “time-based” approach is 81% while that for “message-based” is 80%.