A language-based intrusion detection approach for automotive embedded networks

The increase in connectivity and complexity of modern automotive networks presents new opportunities for potential hackers trying to take over a vehicle. To protect the automotive networks from such attacks, security mechanisms, such as firewalls or secure authentication protocols may be included. However, should an attacker succeed in bypassing such measures and gain access to the internal network, these security mechanisms become unable to report about the attacks ensuing such a breach, occurring from the internal network. To complement these preventive security mechanisms, we present a non-intrusive network-based intrusion detection approach fit for vehicular networks, such as the widely used CAN. Leveraging the high predictability of embedded automotive systems, we use language theory to elaborate a set of attack signatures derived from behavioural models of the automotive calculators in order to detect a malicious sequence of messages transiting through the internal network.

[1]  Jaideep Srivastava,et al.  Intrusion Detection: A Survey , 2005 .

[2]  Felix C. Freiling,et al.  A structured approach to anomaly detection for in-vehicle networks , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[3]  Mimoza Durresi,et al.  Secure broadcast for inter vehicle communications , 2007, Int. J. High Perform. Comput. Netw..

[4]  D.K. Nilsson,et al.  An approach to specification-based attack detection for in-vehicle networks , 2008, 2008 IEEE Intelligent Vehicles Symposium.

[5]  Ximeng Liu,et al.  PTFA: a secure and privacy-preserving traffic flow analysis scheme for intelligent transportation system , 2016, Int. J. Embed. Syst..

[6]  Christoph Ruland,et al.  OVERSEE A Secure and Open Communication and Runtime Platform for Innovative Automotive Applications , 2009 .

[7]  Ulf E. Larson,et al.  Simulated attacks on CAN buses: vehicle virus , 2008 .

[8]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[9]  Ludovic Apvrille,et al.  Secure automotive on-board electronics network architecture , 2010 .

[10]  Yves Deswarte,et al.  Survey on security threats and protection mechanisms in embedded automotive networks , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[11]  Kazuomi Oishi,et al.  A Method of Preventing Unauthorized Data Transmission in Controller Area Network , 2012, 2012 IEEE 75th Vehicular Technology Conference (VTC Spring).

[12]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[13]  André Weimerskirch,et al.  State of the Art: Embedding Security in Vehicles , 2007, EURASIP J. Embed. Syst..

[14]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[15]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[16]  Sheng Yu,et al.  State Complexity of Regular Languages , 2001, J. Autom. Lang. Comb..

[17]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: design and architecture , 2008, IEEE Communications Magazine.

[18]  Somesh Jha,et al.  XFA: Faster Signature Matching with Extended Automata , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[19]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: implementation, performance, and research challenges , 2008, IEEE Communications Magazine.

[20]  Jana Dittmann,et al.  Adaptive Dynamic Reaction to Automotive IT Security Incidents Using Multimedia Car Environment , 2008, 2008 The Fourth International Conference on Information Assurance and Security.

[21]  R. Gmbh,et al.  Securing Vehicular On-Board IT Systems : The EVITA Project , 2009 .