An Intelligent Secured Framework for Cyberattack Detection in Electric Vehicles’ CAN Bus Using Machine Learning

Electric Vehicles’ Controller Area Network (CAN) bus serves as a legacy protocol for in-vehicle network communication. Simplicity, robustness, and suitability for real-time systems are the salient features of CAN bus. Unfortunately, the CAN bus protocol is vulnerable to various cyberattacks due to the lack of a message authentication mechanism in the protocol itself, paving the way for attackers to penetrate the network. This paper proposes a new effective anomaly detection model based on a modified one-class support vector machine in the CAN traffic. The proposed model makes use of an improved algorithm, known as the modified bat algorithm, to find the most accurate structure in the offline training. To evaluate the effectiveness of the proposed method, CAN traffic is logged from an unmodified licensed electric vehicle in normal operation to generate a dataset for each message ID and a corresponding occurrence frequency without any attacks. In addition, to measure the performance and superiority of the proposed method compared to the other two famous CAN bus anomaly detection algorithms such as Isolation Forest and classical one-class support vector machine, we provided Receiver Operating Characteristic (ROC) for each method to quantify the correctly classified windows in the test sets containing attacks. Experimental results indicate that the proposed method achieved the highest rate of True Positive Rate (TPR) and lowest False Positive Rate (FPR) for anomaly detection compared to the other two algorithms. Moreover, in order to show that the proposed method can be applied to other datasets, we used two recent popular public datasets in the scope of CAN bus traffic anomaly detection. Benchmarking with more CAN bus traffic datasets proves the independency of the proposed method from the meaning of each message ID and data field that make the model adaptable with different CAN datasets.

[1]  James Kennedy,et al.  Particle swarm optimization , 2002, Proceedings of ICNN'95 - International Conference on Neural Networks.

[2]  Zhi-Hua Zhou,et al.  Isolation Forest , 2008, 2008 Eighth IEEE International Conference on Data Mining.

[3]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[4]  Xin-She Yang,et al.  Bat algorithm: a novel approach for global engineering optimization , 2012, 1211.6663.

[5]  Selim Yilmaz,et al.  Modified Bat Algorithm , 2014 .

[6]  Paulo Tabuada,et al.  Robustness of attack-resilient state estimators , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[7]  Qiyan Wang,et al.  VeCure: A practical security framework to protect the CAN bus of vehicles , 2014, 2014 International Conference on the Internet of Things (IOT).

[8]  Nathalie Japkowicz,et al.  Frequency-based anomaly detection for the automotive CAN bus , 2015, 2015 World Congress on Industrial Control Systems Security (WCICSS).

[9]  Je-Won Kang,et al.  Intrusion Detection System Using Deep Neural Network for In-Vehicle Network Security , 2016, PloS one.

[10]  Anupam Joshi,et al.  OBD_SecureAlert: An Anomaly Detection System for Vehicles , 2016, 2016 IEEE International Conference on Smart Computing (SMARTCOMP).

[11]  Lei Guo,et al.  Resilient Control of Networked Control System Under DoS Attacks: A Unified Game Approach , 2016, IEEE Transactions on Industrial Informatics.

[12]  Kang G. Shin,et al.  Fingerprinting Electronic Control Units for Vehicle Intrusion Detection , 2016, USENIX Security Symposium.

[13]  Michele Colajanni,et al.  Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms , 2016, 2016 IEEE 2nd International Forum on Research and Technologies for Society and Industry Leveraging a better tomorrow (RTSI).

[14]  Nathalie Japkowicz,et al.  Anomaly Detection in Automobile Control Network Data with Long Short-Term Memory Networks , 2016, 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA).

[15]  Andreas Theissler,et al.  Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection , 2017, Knowl. Based Syst..

[16]  Mirco Marchetti,et al.  Anomaly detection of CAN bus messages through analysis of ID sequences , 2017, 2017 IEEE Intelligent Vehicles Symposium (IV).

[17]  Hafiz Malik,et al.  Comparative Study of CAN-Bus and FlexRay Protocols for In-Vehicle Communication , 2017 .

[18]  Antonella Santone,et al.  Car hacking identification through fuzzy logic algorithms , 2017, 2017 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).

[19]  Huy Kang Kim,et al.  OTIDS: A Novel Intrusion Detection System for In-vehicle Network by Using Remote Frame , 2017, 2017 15th Annual Conference on Privacy, Security and Trust (PST).

[20]  Christoph Sommer,et al.  A deep learning and novelty detection framework for rapid phenotyping in high-content screening , 2017 .

[21]  Avishai Wool,et al.  Field classification, modeling and anomaly detection in unknown CAN bus networks , 2017, Veh. Commun..

[22]  Kang G. Shin,et al.  Exploiting Consistency among Heterogeneous Sensors for Vehicle Anomaly Detection , 2017 .

[23]  Hafiz Malik,et al.  Linking received packet to the transmitter through physical-fingerprinting of controller area network , 2017, 2017 IEEE Workshop on Information Forensics and Security (WIFS).

[24]  Hong-Jie Xing,et al.  Robust one-class support vector machine with rescaled hinge loss function , 2018, Pattern Recognit..

[25]  Vincent Nicomette,et al.  A language-based intrusion detection approach for automotive embedded networks , 2015, Int. J. Embed. Syst..

[26]  Hafiz Malik,et al.  State-of-the-Art Survey on In-Vehicle Network Communication (CAN-Bus) Security and Vulnerabilities , 2018, ArXiv.

[27]  Hafiz Malik,et al.  Spoofing Attack on Clock Based Intrusion Detection System in Controller Area Networks , 2018 .

[28]  Omid Avatefipour,et al.  A novel electric load consumption prediction and feature selection model based on modified clonal selection algorithm , 2018, J. Intell. Fuzzy Syst..

[29]  Jeremy Bryans,et al.  Detection of Automotive CAN Cyber-Attacks by Identifying Packet Timing Anomalies in Time Windows , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W).

[30]  Sanjay Sharma,et al.  Detection of Advanced Malware by Machine Learning Techniques , 2018, Advances in Intelligent Systems and Computing.

[31]  Michael Karner,et al.  An Efficient and Secure Automotive Wireless Software Update Framework , 2018, IEEE Transactions on Industrial Informatics.

[32]  Christian S. Jensen,et al.  Outlier Detection for Multidimensional Time Series Using Deep Neural Networks , 2018, 2018 19th IEEE International Conference on Mobile Data Management (MDM).

[33]  Sanyang Liu,et al.  Face recognition based on genetic algorithm , 2019, J. Vis. Commun. Image Represent..

[34]  Y. Hamada,et al.  Intrusion Detection System for In-Vehicle Networks , 2019 .