Payload-Based Statistical Intrusion Detection for In-Vehicle Networks
2018
Modern vehicles are equipped with Electronic Control Units (ECUs), and they communicate with each other over in-vehicle networks. However, since the Controller Area Network (CAN), a common communication protocol for ECUs, does not have a security mechanism, malicious attackers might take advantage of its vulnerability to inject a malicious message to cause unintended controls of the vehicle. In this paper, we study the applicability of statistical anomaly detection methods for identifying malicious CAN messages in in-vehicle networks. To incorporate various types of information included in a CAN message, we apply a rule-based field classification algorithm for extracting message features, and then obtain low dimensional embeddings of message features, and use the reconstruction error as a maliciousness score of a message. We collected CAN message data from a real vehicle, and confirmed the effectiveness of the methods in practical situations.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
8
References
1
Citations
NaN
KQI