{"title":"Unsupervised intrusion detection system for in-vehicle communication networks","authors":"Kabilan N , Vinayakumar Ravi , V Sowmya","doi":"10.1016/j.jnlssr.2023.12.004","DOIUrl":null,"url":null,"abstract":"<div><p>In-vehicle communication has been optimized day to day to keep updated of the technologies. Control area network (CAN) is used as a standard communication method because of its efficient and reliable connection. However, CAN is prone to several network level attacks because of its lack in security mechanisms. Various methods have been introduced to incorporate this in CAN. We proposed an unsupervised method of intrusion detection for in-vehicle communication networks by combining the optimal feature extracting ability of autoencoders and more precise clustering using fuzzy C-means (FCM). The proposed method is light weight and requires less computation time. We performed an extensive experiment and achieved an accuracy of 75.51 % with the ML350 in-vehicle intrusion dataset. By experimental result, the proposed method also works better for other intrusion detection problems like wireless intrusion detection datasets such as WNS-DS with accuracy of 84.05 % and network intrusion detection datasets such as KDDCup with accuracy 60.63 % , UNSW_NB15 with accuracy 73.62 % and Information Security Center of Excellence (ISCX) with accuracy 74.83 %. Overall, the proposed method outperforms the existing methods and avoids labeled datasets when training an in-vehicle intrusion detection model. The results of the experiment of our proposed method performed on various intrusion detection datasets indicate that the proposed approach is generalized and robust in detecting intrusions and can be effectively deployed in real time to monitor CAN traffic in vehicles and proactively alert during attacks.</p></div>","PeriodicalId":62710,"journal":{"name":"安全科学与韧性(英文)","volume":null,"pages":null},"PeriodicalIF":3.7000,"publicationDate":"2024-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666449624000070/pdfft?md5=c270f1be76c12ff19f65027e63889cd9&pid=1-s2.0-S2666449624000070-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"安全科学与韧性(英文)","FirstCategoryId":"1087","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666449624000070","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PUBLIC, ENVIRONMENTAL & OCCUPATIONAL HEALTH","Score":null,"Total":0}
引用次数: 0
Abstract
In-vehicle communication has been optimized day to day to keep updated of the technologies. Control area network (CAN) is used as a standard communication method because of its efficient and reliable connection. However, CAN is prone to several network level attacks because of its lack in security mechanisms. Various methods have been introduced to incorporate this in CAN. We proposed an unsupervised method of intrusion detection for in-vehicle communication networks by combining the optimal feature extracting ability of autoencoders and more precise clustering using fuzzy C-means (FCM). The proposed method is light weight and requires less computation time. We performed an extensive experiment and achieved an accuracy of 75.51 % with the ML350 in-vehicle intrusion dataset. By experimental result, the proposed method also works better for other intrusion detection problems like wireless intrusion detection datasets such as WNS-DS with accuracy of 84.05 % and network intrusion detection datasets such as KDDCup with accuracy 60.63 % , UNSW_NB15 with accuracy 73.62 % and Information Security Center of Excellence (ISCX) with accuracy 74.83 %. Overall, the proposed method outperforms the existing methods and avoids labeled datasets when training an in-vehicle intrusion detection model. The results of the experiment of our proposed method performed on various intrusion detection datasets indicate that the proposed approach is generalized and robust in detecting intrusions and can be effectively deployed in real time to monitor CAN traffic in vehicles and proactively alert during attacks.