Topology Verification Enabled Intrusion Detection for In-Vehicle CAN-FD Networks

Controller area network with flexible data rate (CAN-FD) is a widely used communication protocol for in-vehicle sensing and control. However, due to the lack of inherent security mechanisms, unauthorized devices could access the CAN-FD by embedding external intruding devices (XIDs) to in-vehicle networks. Malicious intrusion into CAN-FD can expose a compromised vehicle to significantly increased safety, security, and privacy related risks. To enhance the security of CAN-FD networks, a novel intrusion detection method based on verification of network topology is proposed, where XIDs can be reliably detected through a simple random walk based network topology construction and subsequent verification. When an intrusion is detected, a secure mode would be triggered to further protect the network from being attacked. Simulation results indicate that multiple XIDs can be accurately detected, while the increment in the number of XIDs from 1 to 8 can lead to the convergence time increasing from 48 to 102 steps in the powertrain subnet and from 189 to 416 steps in the body subnet.

[1]  Sazzadur Chowdhury,et al.  In-Vehicle Networks Outlook: Achievements and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[2]  Liam Kilmartin,et al.  Intra-Vehicle Networks: A Review , 2015, IEEE Transactions on Intelligent Transportation Systems.

[3]  Minas Gjoka,et al.  Walking in Facebook: A Case Study of Unbiased Sampling of OSNs , 2010, 2010 Proceedings IEEE INFOCOM.

[4]  Nei Kato,et al.  Attacker Identification and Intrusion Detection for In-Vehicle Networks , 2019, IEEE Communications Letters.

[5]  Yunpeng Wang,et al.  Comparative Performance Evaluation of Intrusion Detection Methods for In-Vehicle Networks , 2018, IEEE Access.

[6]  Jia Zhou,et al.  A Survey of Intrusion Detection for In-Vehicle Networks , 2020, IEEE Transactions on Intelligent Transportation Systems.

[7]  Edison Pignaton de Freitas,et al.  A Quantitative Performance Study on CAN and CAN FD Vehicular Networks , 2018, IEEE Transactions on Industrial Electronics.

[8]  Dong Hoon Lee,et al.  A Practical Security Architecture for In-Vehicle CAN-FD , 2016, IEEE Transactions on Intelligent Transportation Systems.