An Adversarial Attack Defending System for Securing In-Vehicle Networks

In a modern vehicle, there are over seventy Electronics Control Units (ECUs). For an in-vehicle network, ECUs communicate with each other by following a standard communication protocol, such as Controller Area Network (CAN). However, an attacker can easily access the in-vehicle network to compromise ECUs through a WLAN or Bluetooth. Though there are various deep learning (DL) methods suggested for securing in-vehicle networks, recent studies on adversarial examples have shown that attackers can easily fool DL models. In this research, we further explore adversarial examples in an in-vehicle network. We first discover and implement two adversarial attack models that are harmful to a Long Short Term Memory (LSTM)-based detection model used in the in-vehicle network. Then, we propose an Adversarial Attack Defending System (AADS) for securing an in-vehicle network. Specifically, we focus on brake-related ECUs in an in-vehicle network. Our experimental results demonstrate that adversaries can easily attack the LSTM-based detection model with a success rate of over 98%, and the proposed AADS achieves over 99% accuracy for detecting adversarial attacks.

[1]  Huy Kang Kim,et al.  OTIDS: A Novel Intrusion Detection System for In-vehicle Network by Using Remote Frame , 2017, 2017 15th Annual Conference on Privacy, Security and Trust (PST).

[2]  Jian Wang,et al.  A Survey of Vehicle to Everything (V2X) Testing , 2019, Sensors.

[3]  Jun Huang,et al.  In-Vehicle Networking: Protocols, Challenges, and Solutions , 2018, IEEE Network.

[4]  Joan Bruna,et al.  Intriguing properties of neural networks , 2013, ICLR.

[5]  M. Yampolskiy,et al.  In-Vehicle Networks: Attacks, Vulnerabilities, and Proposed Solutions , 2015, CISR.

[6]  Junaid Qadir,et al.  Securing Connected & Autonomous Vehicles: Challenges Posed by Adversarial Machine Learning and the Way Forward , 2019, IEEE Communications Surveys & Tutorials.

[7]  Jiajia Liu,et al.  In-Vehicle Network Attacks and Countermeasures: Challenges and Future Directions , 2017, IEEE Network.

[8]  David A. Wagner,et al.  Towards Evaluating the Robustness of Neural Networks , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[9]  Mashrur Chowdhury,et al.  In-Vehicle False Information Attack Detection and Mitigation Framework using Machine Learning and Software Defined Networking , 2019, ArXiv.

[10]  Jonathon Shlens,et al.  Explaining and Harnessing Adversarial Examples , 2014, ICLR.

[11]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[12]  Kevin Fu,et al.  Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving , 2019, CCS.

[13]  Jimmy Ba,et al.  Adam: A Method for Stochastic Optimization , 2014, ICLR.

[14]  Debdeep Mukhopadhyay,et al.  Adversarial Attacks and Defences: A Survey , 2018, ArXiv.

[15]  Hafiz Malik,et al.  State-of-the-Art Survey on In-Vehicle Network Communication (CAN-Bus) Security and Vulnerabilities , 2018, ArXiv.

[16]  Samy Bengio,et al.  Adversarial examples in the physical world , 2016, ICLR.

[17]  Kaiqi Xiong,et al.  Robust Machine Learning against Adversarial Samples at Test Time , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[18]  Hisashi Kashima,et al.  Supervised and Unsupervised Intrusion Detection Based on CAN Message Frequencies for In-vehicle Network , 2018, J. Inf. Process..