Rafi Ud Daula Refat, Abdulrahman Abu Elkhail, H. Malik
{"title":"基于邻域相似度的CAN协议轻量级入侵检测系统","authors":"Rafi Ud Daula Refat, Abdulrahman Abu Elkhail, H. Malik","doi":"10.1109/CDMA54072.2022.00025","DOIUrl":null,"url":null,"abstract":"The Controller Area Network (CAN) protocol is the most commonly used communication protocol for in-vehicle networks due to its simplicity, efficiency and robustness. However, the CAN protocol is vulnerable to malicious attacks because it lacks basic security features such as message ID authentication, access control and message verification. Specifically, CAN pro-tocol fails to provide protection against message injection at-tacks. This paper presents a novel lightweight Intrusion Detection System (IDS) that translates CAN traffic into a mathematical abstraction i.e. temporal graph and then applies neighborhood-based graph similarity technique to detect CAN bus intrusions. The performance of the proposed approach is evaluated on a dataset from a real vehicle. The dataset consists of three types of message injection attack including spoofing, fuzzy and DoS attack is used for performance evaluation. Experimental results indicate that the proposed IDS can successfully detect these attacks with high detection accuracy. Specifically, the proposed IDS achieves detection accuracy of 96.01% as compared to best case scenario detection accuracy of 90.16% for existing state-of-the-art.","PeriodicalId":313042,"journal":{"name":"2022 7th International Conference on Data Science and Machine Learning Applications (CDMA)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Lightweight Intrusion Detection System for CAN Protocol Using Neighborhood Similarity\",\"authors\":\"Rafi Ud Daula Refat, Abdulrahman Abu Elkhail, H. Malik\",\"doi\":\"10.1109/CDMA54072.2022.00025\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Controller Area Network (CAN) protocol is the most commonly used communication protocol for in-vehicle networks due to its simplicity, efficiency and robustness. However, the CAN protocol is vulnerable to malicious attacks because it lacks basic security features such as message ID authentication, access control and message verification. Specifically, CAN pro-tocol fails to provide protection against message injection at-tacks. This paper presents a novel lightweight Intrusion Detection System (IDS) that translates CAN traffic into a mathematical abstraction i.e. temporal graph and then applies neighborhood-based graph similarity technique to detect CAN bus intrusions. The performance of the proposed approach is evaluated on a dataset from a real vehicle. The dataset consists of three types of message injection attack including spoofing, fuzzy and DoS attack is used for performance evaluation. Experimental results indicate that the proposed IDS can successfully detect these attacks with high detection accuracy. Specifically, the proposed IDS achieves detection accuracy of 96.01% as compared to best case scenario detection accuracy of 90.16% for existing state-of-the-art.\",\"PeriodicalId\":313042,\"journal\":{\"name\":\"2022 7th International Conference on Data Science and Machine Learning Applications (CDMA)\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 7th International Conference on Data Science and Machine Learning Applications (CDMA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CDMA54072.2022.00025\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 7th International Conference on Data Science and Machine Learning Applications (CDMA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CDMA54072.2022.00025","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Lightweight Intrusion Detection System for CAN Protocol Using Neighborhood Similarity
The Controller Area Network (CAN) protocol is the most commonly used communication protocol for in-vehicle networks due to its simplicity, efficiency and robustness. However, the CAN protocol is vulnerable to malicious attacks because it lacks basic security features such as message ID authentication, access control and message verification. Specifically, CAN pro-tocol fails to provide protection against message injection at-tacks. This paper presents a novel lightweight Intrusion Detection System (IDS) that translates CAN traffic into a mathematical abstraction i.e. temporal graph and then applies neighborhood-based graph similarity technique to detect CAN bus intrusions. The performance of the proposed approach is evaluated on a dataset from a real vehicle. The dataset consists of three types of message injection attack including spoofing, fuzzy and DoS attack is used for performance evaluation. Experimental results indicate that the proposed IDS can successfully detect these attacks with high detection accuracy. Specifically, the proposed IDS achieves detection accuracy of 96.01% as compared to best case scenario detection accuracy of 90.16% for existing state-of-the-art.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
