Vehicular Multilevel Data Arrangement-Based Intrusion Detection System for In-Vehicle CAN

Secur. Commun. Networks Pub Date : 2022-01-20 DOI:10.1155/2022/4322148

Wansoo Kim, Jungho Lee, Yousik Lee, Yeonjin Kim, Jin-Gyun Chung, Samuel Woo

{"title":"Vehicular Multilevel Data Arrangement-Based Intrusion Detection System for In-Vehicle CAN","authors":"Wansoo Kim, Jungho Lee, Yousik Lee, Yeonjin Kim, Jin-Gyun Chung, Samuel Woo","doi":"10.1155/2022/4322148","DOIUrl":null,"url":null,"abstract":"Modern vehicles are equipped with various types of electrical/electronic (E/E) systems. Electronic control units (ECUs) are used to control various E/E systems in the vehicle. For efficient information exchange between ECUs, most vehicle manufacturers use the Controller Area Network (CAN) protocol. However, CAN has security vulnerabilities because it does not have an authentication or encryption method. Since attacks on in-vehicle networks affect the safety of drivers, it is essential to develop a technology to prevent attacks. The intrusion detection system (IDS) is one of the best ways to enhance network security. Unlike the traditional IDS for network security, IDS for the in-vehicle network requires a lightweight algorithm because of the limitation of the computing power of in-vehicle ECUs. In this paper, we propose a lightweight IDS algorithm for in-vehicle CAN based on the degree of change between successive data frames. In particular, the proposed method minimizes the load on the ECU by using the CAN data frame compression algorithm based on exclusive-OR operations as a tool for calculating the degree of change.","PeriodicalId":167643,"journal":{"name":"Secur. Commun. Networks","volume":"335 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Secur. Commun. Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1155/2022/4322148","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Modern vehicles are equipped with various types of electrical/electronic (E/E) systems. Electronic control units (ECUs) are used to control various E/E systems in the vehicle. For efficient information exchange between ECUs, most vehicle manufacturers use the Controller Area Network (CAN) protocol. However, CAN has security vulnerabilities because it does not have an authentication or encryption method. Since attacks on in-vehicle networks affect the safety of drivers, it is essential to develop a technology to prevent attacks. The intrusion detection system (IDS) is one of the best ways to enhance network security. Unlike the traditional IDS for network security, IDS for the in-vehicle network requires a lightweight algorithm because of the limitation of the computing power of in-vehicle ECUs. In this paper, we propose a lightweight IDS algorithm for in-vehicle CAN based on the degree of change between successive data frames. In particular, the proposed method minimizes the load on the ECU by using the CAN data frame compression algorithm based on exclusive-OR operations as a tool for calculating the degree of change.

查看原文本刊更多论文

基于多级数据排列的车载CAN入侵检测系统

现代车辆配备了各种类型的电气/电子(E/E)系统。电子控制单元(ecu)用于控制车辆中的各种E/E系统。为了在ecu之间进行有效的信息交换，大多数汽车制造商使用控制器区域网络(CAN)协议。但是，CAN存在安全漏洞，因为它没有身份验证或加密方法。由于对车载网络的攻击会影响驾驶员的安全，因此有必要开发一种防止攻击的技术。入侵检测系统(IDS)是增强网络安全的最佳途径之一。与传统的网络安全入侵检测不同，由于车载ecu计算能力的限制，车载网络入侵检测需要轻量级算法。本文提出了一种基于连续数据帧之间变化程度的车载CAN轻量化IDS算法。特别是，该方法利用基于异或操作的CAN数据帧压缩算法作为计算变化程度的工具，最大限度地减少了ECU的负载。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Secur. Commun. Networks

自引率

0.00%

发文量