As a typical cyber-physical system, the in-vehicle network is evolving from an information silo into a mobile interconnection terminal. The controller area networks (CAN), serving as the real-time communication medium between automotive electronic control units (ECUs), encounter significant security challenges due to the absence of essential identity authentication and encryption mechanisms. The intrusion detection systems (IDSs) for CAN provide threat alerts but struggles to effectively identifying same origin method execution (SOME) attacks due to their frame homology and high concealment characteristics. To this end, a temporal-spatial feature fusion based IDS (TSFF-IDS) is developed. First, a comprehensive analysis is conducted on the temporal and spatial characteristics of CAN bus traffic. On this basis, a hybrid model integrating bidirectional long short-term memory (BiLSTM) networks and convolutional neural networks (CNN) is proposed to automatically extract the temporal and spatial features in parallel. A two-layer attention network is introduced to measure the distinct contributions of temporal-spatial features and recognize crucial features. Finally, the features are weighted fused to detect potential anomalies. To validate the effectiveness of the proposed method, comprehensive experiments have been conducted and the results show that the proposed TSFF-IDS exhibits superior identification capability and high adaptability compared to state-of-the-art schemes.
扫码关注我们
求助内容:
应助结果提醒方式:
