This content is not included in
your SAE MOBILUS subscription, or you are not logged in.
Research on CAN Network Security Aspects and Intrusion Detection Design
Technical Paper
2017-01-2007
ISSN: 0148-7191, e-ISSN: 2688-3627
This content contains downloadable datasets
Annotation ability available
Sector:
Language:
English
Abstract
With the rapid development of vehicle intelligent and networking technology, the IT security of automotive systems becomes an important area of research. In addition to the basic vehicle control, intelligent advanced driver assistance systems, infotainment systems will all exchange data with in-vehicle network. Unfortunately, current communication network protocols, including Controller Area Network (CAN), FlexRay, MOST, and LIN have no security services, such as authentication or encryption, etc. Therefore, the vehicle are unprotected against malicious attacks. Since CAN bus is actually the most widely used field bus for in-vehicle communications in current automobiles, the security aspects of CAN bus is focused on. Based on the analysis of the current research status of CAN bus network security, this paper summarizes the CAN bus potential security vulnerabilities and the attack means. Aiming at flood, spoof, drop, replay and modify attacks of CAN bus, an in-vehicle intrusion detection system is designed consisting of a network interface & analysis module, an intrusion detection module based on Adaptive-Network-based Fuzzy Inference System (ANFIS) and a feature database. In order to validate the efficiency of the proposed intrusion detection system, the experiment is setup in the real environment of electric vehicle, in which the attack model and the intrusion detection system are mainly implemented in an emulated gateway, and the attacks are mounting through OBD-II port to the network of the electric vehicle. Through several experiment of attacks, the results show that the designed system for network intrusion detection can effectively detect the abnormal behavior of CAN bus network.
Recommended Content
Authors
Topic
Citation
Li, F., Wang, L., and Wu, Y., "Research on CAN Network Security Aspects and Intrusion Detection Design," SAE Technical Paper 2017-01-2007, 2017, https://doi.org/10.4271/2017-01-2007.Data Sets - Support Documents
Title | Description | Download |
---|---|---|
Unnamed Dataset 1 |
Also In
References
- Navet N. , Song Y. , Simonot-Lion F. , and Wilwert C. Trends in Automotive Communication Systems Proc. of the IEEE 93 6 1204 1223 2005 10.1109/JPROC.2005.849725
- Checkoway S , Mccoy D , Kantor B et al Comprehensive Experimental Analyses of Automotive Attack Surfaces Usenix Security Symposium 2011 43 43
- Charlie Miller , Chris Valasek A Survey of Remote Automotive Attack Surfaces Defcon 22 1 90 http://illmatics.com/remote attack surfaces.pdf
- Petit J , Shladover S E Potential Cyberattacks on Automated Vehicles IEEE Transactions on Intelligent Transportation Systems 2015 16 2 546 556 10.1109/TITS.2014.2342271
- Nilsson D K , Larson U E A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure Journal of Networks 4 7 september 2009 552 564 10.4304/jnw.4.7.552-564
- Groll A , Ruland C Secure and authentic communication on existing in-vehicle networks Intelligent Vehicles Symposium. IEEE 2009 1093 1097 10.1109/IVS.2009.5164434
- Mundhenk P , Steinhorst S , Lukasiewycz M et al Lightweight authentication for secure automotive networks Conference on Design, Automation and Test in Europe 2015 1 4
- Kleberger P , Olovsson T , Jonsson E Security aspects of the in-vehicle network in the connected car Intelligent Vehicles Symposium. IEEE Xplore 2011 528 533 10.1109/IVS.2011.5940525
- Hoppe , T. , Dittman , J Sniffing/Replay Attacks on CAN Buses: A simulated attack on the electric window lift classified using an adapted CERT taxonomy In Proceedings of the 2nd Workshop on Embedded Systems Security (WESS) Salzburg, Austria 2007
- Larson U E , Nilsson D K , Jonsson E An approach to specification-based attack detection for in-vehicle networks Intelligent Vehicles Symposium. IEEE Xplore 2008 220 225 10.1109/IVS.2008.4621263
- Michael Müter , Naim Asaj Entropy-Based Anomaly Detection for In-Vehicle Networks 2011 IEEE Intelligent Vehicles Symposium (IV) Baden-Baden, Germany June 5-9, 2011 528 533 10.1109/IVS.2011.5940552
- Wolfhard Lawrenz CAN system engineering from theory to practical application New York Spring-Verlag 1447156129 2013
- Tobias Hoppe , Stefan Kiltz , Jana Dittmann Security Threats to Automotive CAN Networks - Practical Examples and Selected Short-Term Countermeasures Reliability Engineering and System Safety 96 2011 11 25 10.1007/978-3-540-87698-4_21
- Nilsson , D.K. , Larson , U.E Simulated Attacks on CAN Buses: Vehicle virus Proceedings of the Fifth IASTED Asian Conference on Communication Systems and Networks (ASIACSN), ACTA Press 2008 66 72
- Zhang J , Ma W , Ma L A fault diagnosis method based on ANFIS and bearing fault diagnosis The 2014 International Conference on Information Science, Electronics and Electrical Engineering, ISEEE 2014 2014 1274 1278 10.1109/InfoSEEE.2014.6947876