Examining the Use of Neural Networks for Intrusion Detection in Controller Area Networks

In the light of the recently reported attacks, in-vehicle security has become a major concern. Intrusion detection systems, common in computer networks, have been recently proposed for the in-vehicle buses as well. In this work we examine the performance of neural networks in detecting intrusions on the CAN bus. For the experiments we use a CAN trace that is extracted from a CANoe simulation for the commercial vehicle bus J1939 as well as a publicly available CAN dataset. Our results show good performance in detecting both replay and injection attacks, the former being harder to detect to their obvious similarity with the regular CAN frames. Nonetheless we discuss possibilities for integrating such detection mechanisms on automotive-grade embedded devices. The experimental results show that embedding the neural-network based intrusion detection mechanism on automotive-grade controllers is quite challenging due to large memory requirements and computational time. This suggests that dedicated hardware may be required for deploying such solutions in real-world vehicles.

[1]  Ingrid Verbauwhede,et al.  LiBrA-CAN: A Lightweight Broadcast Authentication Protocol for Controller Area Networks , 2012, CANS.

[2]  Huy Kang Kim,et al.  Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network , 2016, 2016 International Conference on Information Networking (ICOIN).

[3]  Vincent Nicomette,et al.  A language-based intrusion detection approach for automotive embedded networks , 2015, Int. J. Embed. Syst..

[4]  Robert Bosch,et al.  Plug-and-Secure Communication for CAN , 2015 .

[5]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[6]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[7]  Bogdan Groza,et al.  Source Identification Using Signal Characteristics in Controller Area Networks , 2014, IEEE Signal Processing Letters.

[8]  Dong Hoon Lee,et al.  VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System , 2018, IEEE Transactions on Information Forensics and Security.

[9]  Hiroaki Takada,et al.  CaCAN: Centralized Authentication System in CAN (Controller Area Network) , 2016 .

[10]  Anupam Joshi,et al.  OBD_SecureAlert: An Anomaly Detection System for Vehicles , 2016, 2016 IEEE International Conference on Smart Computing (SMARTCOMP).

[11]  Jorge Guajardo,et al.  Physical Layer Group Key Agreement for Automotive Controller Area Networks , 2016, CHES.

[12]  Michele Colajanni,et al.  Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms , 2016, 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI).

[13]  Ingrid Verbauwhede,et al.  CANAuth - A Simple, Backward Compatible Broadcast Authentication Protocol for CAN bus , 2011 .

[14]  Bogdan Groza,et al.  Efficient Protocols for Secure Broadcast in Controller Area Networks , 2013, IEEE Transactions on Industrial Informatics.

[15]  Alberto L. Sangiovanni-Vincentelli,et al.  Security-Aware Modeling and Efficient Mapping for CAN-Based Real-Time Distributed Automotive Systems , 2015, IEEE Embedded Systems Letters.

[16]  Felix C. Freiling,et al.  A structured approach to anomaly detection for in-vehicle networks , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[17]  Andreas Theissler,et al.  Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection , 2017, Knowl. Based Syst..

[18]  Je-Won Kang,et al.  A Novel Intrusion Detection Method Using Deep Neural Network for In-Vehicle Network Security , 2016, 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring).

[19]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[20]  Flavio D. Garcia,et al.  LeiA: A Lightweight Authentication Protocol for CAN , 2016, ESORICS.

[21]  Nathalie Japkowicz,et al.  Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks , 2016, 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA).

[22]  Dong Hoon Lee,et al.  Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks , 2016, IEEE Transactions on Vehicular Technology.

[23]  Huy Kang Kim,et al.  OTIDS: A Novel Intrusion Detection System for In-vehicle Network by Using Remote Frame , 2017, 2017 15th Annual Conference on Privacy, Security and Trust (PST).