Anomaly-Based Intrusion Detection Using the Density Estimation of Reception Cycle Periods for In-Vehicle Networks
Journal Article
11-01-01-0003
ISSN: 2572-1046, e-ISSN: 2572-1054
Sector:
Citation:
Hamada, Y., Inoue, M., Ueda, H., Miyashita, Y. et al., "Anomaly-Based Intrusion Detection Using the Density Estimation of Reception Cycle Periods for In-Vehicle Networks," SAE Int. J. Transp. Cyber. & Privacy 1(1):39-56, 2018, https://doi.org/10.4271/11-01-01-0003.
Language:
English
Abstract:
The automotive industry intends to create new services that involve sharing
vehicle control information via a wide area network. In modern vehicles, an
in-vehicle network shares information between more than 70 electronic control
units (ECUs) inside a vehicle while it is driven. However, such a complicated
system configuration can result in security vulnerabilities. The possibility of
cyber-attacks on vehicles via external services has been demonstrated in many
research projects. As advances in vehicle systems (e.g., autonomous drive)
progress, the number of vulnerabilities to be exploited by cyber-attacks will
also increase. Therefore, future vehicles need security measures to detect
unknown cyber-attacks. We propose anomaly-based intrusion detection to detect
unknown cyber-attacks for the Control Area Network (CAN) protocol, which is
popular as a communication protocol for in-vehicle networks. For the easy
deployment and maintenance of the IDS, the proposed method learns the behavior
model online. We compared the proposed method with conventional methods using
captured CAN traffic data, and confirmed that, under attack, only the proposed
method simultaneously achieved a high illegitimate frame detection rate and
correct frame detection rate.
Recommended Content
Ground Vehicle Standard | J1939 Digital Annex |
Ground Vehicle Standard | Pass-Thru Extended Features - CAN with Flexible Data Rate |
Ground Vehicle Standard | Network Layer |