{"title":"控制器区域网络入侵检测系统","authors":"Vinayak Tanksale","doi":"10.1186/s42400-023-00195-4","DOIUrl":null,"url":null,"abstract":"<p>The rapid expansion of intra-vehicle networks has increased the number of threats to such networks. Most modern vehicles implement various physical and data-link layer technologies. Vehicles are becoming increasingly autonomous and connected. Controller area network (CAN) is a serial bus system that is used to connect sensors and controllers (electronic control units—ECUs) within a vehicle. ECUs vary widely in processing power, storage, memory, and connectivity. The goal of this research is to design, implement, and test an efficient and effective intrusion detection system for intra-vehicle CANs. Classic cryptographic approaches are resource-intensive and increase processing delay, thereby not meeting CAN latency requirements. There is a need for a system that is capable of detecting intrusions in almost real-time with minimal resources. Our research proposes a long short-term memory (LSTM) network to detect anomalies and a decision engine to detect intrusions by using multiple contextual parameters. We have tested our anomaly detection algorithm and our decision engine using data from real automobiles. We present the results of our experiments and analyze our findings. After detailed evaluation of our system, we believe that we have designed a vehicle security solution that meets all the outlined requirements and goals.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.9000,"publicationDate":"2024-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Intrusion detection system for controller area network\",\"authors\":\"Vinayak Tanksale\",\"doi\":\"10.1186/s42400-023-00195-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The rapid expansion of intra-vehicle networks has increased the number of threats to such networks. Most modern vehicles implement various physical and data-link layer technologies. Vehicles are becoming increasingly autonomous and connected. Controller area network (CAN) is a serial bus system that is used to connect sensors and controllers (electronic control units—ECUs) within a vehicle. ECUs vary widely in processing power, storage, memory, and connectivity. The goal of this research is to design, implement, and test an efficient and effective intrusion detection system for intra-vehicle CANs. Classic cryptographic approaches are resource-intensive and increase processing delay, thereby not meeting CAN latency requirements. There is a need for a system that is capable of detecting intrusions in almost real-time with minimal resources. Our research proposes a long short-term memory (LSTM) network to detect anomalies and a decision engine to detect intrusions by using multiple contextual parameters. We have tested our anomaly detection algorithm and our decision engine using data from real automobiles. We present the results of our experiments and analyze our findings. After detailed evaluation of our system, we believe that we have designed a vehicle security solution that meets all the outlined requirements and goals.</p>\",\"PeriodicalId\":36402,\"journal\":{\"name\":\"Cybersecurity\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2024-02-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cybersecurity\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1186/s42400-023-00195-4\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-023-00195-4","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
车内网络的迅速扩展增加了此类网络所面临威胁的数量。大多数现代车辆都采用了各种物理和数据链路层技术。车辆正变得越来越自主和互联。控制器区域网络(CAN)是一种串行总线系统,用于连接车内的传感器和控制器(电子控制单元-ECU)。电子控制单元(ECU)在处理能力、存储、内存和连接性方面差异很大。本研究的目标是为车内 CAN 设计、实施和测试一个高效的入侵检测系统。传统的加密方法是资源密集型的,会增加处理延迟,因此无法满足 CAN 的延迟要求。我们需要一种能够以最少的资源几乎实时地检测入侵的系统。我们的研究提出了一个长短期记忆(LSTM)网络来检测异常,并提出了一个决策引擎,通过使用多个上下文参数来检测入侵。我们使用真实汽车数据对异常检测算法和决策引擎进行了测试。我们展示了实验结果并对结论进行了分析。在对我们的系统进行详细评估后,我们相信我们设计的车辆安全解决方案能够满足所有概述的要求和目标。
Intrusion detection system for controller area network
The rapid expansion of intra-vehicle networks has increased the number of threats to such networks. Most modern vehicles implement various physical and data-link layer technologies. Vehicles are becoming increasingly autonomous and connected. Controller area network (CAN) is a serial bus system that is used to connect sensors and controllers (electronic control units—ECUs) within a vehicle. ECUs vary widely in processing power, storage, memory, and connectivity. The goal of this research is to design, implement, and test an efficient and effective intrusion detection system for intra-vehicle CANs. Classic cryptographic approaches are resource-intensive and increase processing delay, thereby not meeting CAN latency requirements. There is a need for a system that is capable of detecting intrusions in almost real-time with minimal resources. Our research proposes a long short-term memory (LSTM) network to detect anomalies and a decision engine to detect intrusions by using multiple contextual parameters. We have tested our anomaly detection algorithm and our decision engine using data from real automobiles. We present the results of our experiments and analyze our findings. After detailed evaluation of our system, we believe that we have designed a vehicle security solution that meets all the outlined requirements and goals.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
