Unsupervised intrusion detection system for in-vehicle communication networks

IF 3.7 Q1 PUBLIC, ENVIRONMENTAL & OCCUPATIONAL HEALTH
Kabilan N , Vinayakumar Ravi , V Sowmya
{"title":"Unsupervised intrusion detection system for in-vehicle communication networks","authors":"Kabilan N ,&nbsp;Vinayakumar Ravi ,&nbsp;V Sowmya","doi":"10.1016/j.jnlssr.2023.12.004","DOIUrl":null,"url":null,"abstract":"<div><p>In-vehicle communication has been optimized day to day to keep updated of the technologies. Control area network (CAN) is used as a standard communication method because of its efficient and reliable connection. However, CAN is prone to several network level attacks because of its lack in security mechanisms. Various methods have been introduced to incorporate this in CAN. We proposed an unsupervised method of intrusion detection for in-vehicle communication networks by combining the optimal feature extracting ability of autoencoders and more precise clustering using fuzzy C-means (FCM). The proposed method is light weight and requires less computation time. We performed an extensive experiment and achieved an accuracy of 75.51 % with the ML350 in-vehicle intrusion dataset. By experimental result, the proposed method also works better for other intrusion detection problems like wireless intrusion detection datasets such as WNS-DS with accuracy of 84.05 % and network intrusion detection datasets such as KDDCup with accuracy 60.63 % , UNSW_NB15 with accuracy 73.62 % and Information Security Center of Excellence (ISCX) with accuracy 74.83 %. Overall, the proposed method outperforms the existing methods and avoids labeled datasets when training an in-vehicle intrusion detection model. The results of the experiment of our proposed method performed on various intrusion detection datasets indicate that the proposed approach is generalized and robust in detecting intrusions and can be effectively deployed in real time to monitor CAN traffic in vehicles and proactively alert during attacks.</p></div>","PeriodicalId":62710,"journal":{"name":"安全科学与韧性(英文)","volume":null,"pages":null},"PeriodicalIF":3.7000,"publicationDate":"2024-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666449624000070/pdfft?md5=c270f1be76c12ff19f65027e63889cd9&pid=1-s2.0-S2666449624000070-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"安全科学与韧性(英文)","FirstCategoryId":"1087","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2666449624000070","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PUBLIC, ENVIRONMENTAL & OCCUPATIONAL HEALTH","Score":null,"Total":0}
引用次数: 0

Abstract

In-vehicle communication has been optimized day to day to keep updated of the technologies. Control area network (CAN) is used as a standard communication method because of its efficient and reliable connection. However, CAN is prone to several network level attacks because of its lack in security mechanisms. Various methods have been introduced to incorporate this in CAN. We proposed an unsupervised method of intrusion detection for in-vehicle communication networks by combining the optimal feature extracting ability of autoencoders and more precise clustering using fuzzy C-means (FCM). The proposed method is light weight and requires less computation time. We performed an extensive experiment and achieved an accuracy of 75.51 % with the ML350 in-vehicle intrusion dataset. By experimental result, the proposed method also works better for other intrusion detection problems like wireless intrusion detection datasets such as WNS-DS with accuracy of 84.05 % and network intrusion detection datasets such as KDDCup with accuracy 60.63 % , UNSW_NB15 with accuracy 73.62 % and Information Security Center of Excellence (ISCX) with accuracy 74.83 %. Overall, the proposed method outperforms the existing methods and avoids labeled datasets when training an in-vehicle intrusion detection model. The results of the experiment of our proposed method performed on various intrusion detection datasets indicate that the proposed approach is generalized and robust in detecting intrusions and can be effectively deployed in real time to monitor CAN traffic in vehicles and proactively alert during attacks.

车载通信网络无监督入侵检测系统
随着技术的更新,车载通信也在不断优化。控制区域网络(CAN)因其高效可靠的连接而被用作标准通信方法。然而,由于缺乏安全机制,CAN 很容易受到一些网络级攻击。为了在 CAN 中加入安全机制,人们引入了各种方法。我们提出了一种无监督的车载通信网络入侵检测方法,该方法结合了自动编码器的最佳特征提取能力和使用模糊 C-means (FCM) 的更精确聚类。所提出的方法重量轻、计算时间短。我们进行了大量实验,在 ML350 车载入侵数据集上取得了 75.51 % 的准确率。根据实验结果,提出的方法在其他入侵检测问题上也有较好的效果,如无线入侵检测数据集 WNS-DS,准确率为 84.05 %;网络入侵检测数据集 KDDCup,准确率为 60.63 %;UNSW_NB15,准确率为 73.62 %;信息安全卓越中心(ISCX),准确率为 74.83 %。总体而言,在训练车载入侵检测模型时,建议的方法优于现有方法,并避免了标记数据集。我们提出的方法在各种入侵检测数据集上的实验结果表明,所提出的方法在检测入侵方面具有通用性和鲁棒性,可有效地用于实时监控车辆中的 CAN 流量,并在受到攻击时主动发出警报。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
安全科学与韧性(英文)
安全科学与韧性(英文) Management Science and Operations Research, Safety, Risk, Reliability and Quality, Safety Research
CiteScore
8.70
自引率
0.00%
发文量
0
审稿时长
72 days
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信