Multi-stage deep learning-based intrusion detection system for automotive Ethernet networks

IF 4.4 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Ad Hoc Networks Pub Date : 2024-05-16 DOI:10.1016/j.adhoc.2024.103548

Luigi F. Marques da Luz , Paulo Freitas de Araujo-Filho , Divanilson R. Campelo

{"title":"Multi-stage deep learning-based intrusion detection system for automotive Ethernet networks","authors":"Luigi F. Marques da Luz , Paulo Freitas de Araujo-Filho , Divanilson R. Campelo","doi":"10.1016/j.adhoc.2024.103548","DOIUrl":null,"url":null,"abstract":"<div><p>Modern automobiles are increasing the demand for automotive Ethernet as a high-bandwidth and flexible in-vehicle network technology. However, since Ethernet does not have native support for authentication or encryption, intrusion detection systems (IDSs) are becoming an attractive security mechanism to detect malicious activities that may affect Ethernet-based communication in cars. This paper proposes a novel multi-stage deep learning-based intrusion detection system to detect and classify cyberattacks in automotive Ethernet networks. The first stage uses a Random Forest classifier to detect cyberattacks quickly. The second stage, on the other hand, uses a Pruned Convolutional Neural Network that minimizes false positive rates while classifying different types of cyberattacks. We evaluate our proposed IDS using two publicly available automotive Ethernet intrusion datasets. The experimental results show that our proposed solution detects cyberattacks with a similar detection rate and a faster detection time compared to other state-of-the-art baseline automotive Ethernet IDSs.</p></div>","PeriodicalId":55555,"journal":{"name":"Ad Hoc Networks","volume":null,"pages":null},"PeriodicalIF":4.4000,"publicationDate":"2024-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ad Hoc Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1570870524001598","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Modern automobiles are increasing the demand for automotive Ethernet as a high-bandwidth and flexible in-vehicle network technology. However, since Ethernet does not have native support for authentication or encryption, intrusion detection systems (IDSs) are becoming an attractive security mechanism to detect malicious activities that may affect Ethernet-based communication in cars. This paper proposes a novel multi-stage deep learning-based intrusion detection system to detect and classify cyberattacks in automotive Ethernet networks. The first stage uses a Random Forest classifier to detect cyberattacks quickly. The second stage, on the other hand, uses a Pruned Convolutional Neural Network that minimizes false positive rates while classifying different types of cyberattacks. We evaluate our proposed IDS using two publicly available automotive Ethernet intrusion datasets. The experimental results show that our proposed solution detects cyberattacks with a similar detection rate and a faster detection time compared to other state-of-the-art baseline automotive Ethernet IDSs.

查看原文本刊更多论文

基于多级深度学习的汽车以太网入侵检测系统

作为一种高带宽、灵活的车载网络技术，现代汽车对车载以太网的需求与日俱增。然而，由于以太网不支持本机认证或加密，入侵检测系统（IDS）正成为一种有吸引力的安全机制，用于检测可能影响基于以太网的汽车通信的恶意活动。本文提出了一种基于深度学习的新型多阶段入侵检测系统，用于检测和分类汽车以太网网络中的网络攻击。第一阶段使用随机森林分类器快速检测网络攻击。第二阶段则使用剪枝卷积神经网络，在对不同类型的网络攻击进行分类的同时将误报率降至最低。我们使用两个公开的汽车以太网入侵数据集对我们提出的 IDS 进行了评估。实验结果表明，与其他最先进的基线汽车以太网 IDS 相比，我们提出的解决方案能以相似的检测率和更快的检测时间检测到网络攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Ad Hoc Networks 工程技术-电信学

CiteScore

10.20

自引率

4.20%

发文量

131

审稿时长

4.8 months

期刊介绍： The Ad Hoc Networks is an international and archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in ad hoc and sensor networking areas. The Ad Hoc Networks considers original, high quality and unpublished contributions addressing all aspects of ad hoc and sensor networks. Specific areas of interest include, but are not limited to: Mobile and Wireless Ad Hoc Networks Sensor Networks Wireless Local and Personal Area Networks Home Networks Ad Hoc Networks of Autonomous Intelligent Systems Novel Architectures for Ad Hoc and Sensor Networks Self-organizing Network Architectures and Protocols Transport Layer Protocols Routing protocols (unicast, multicast, geocast, etc.) Media Access Control Techniques Error Control Schemes Power-Aware, Low-Power and Energy-Efficient Designs Synchronization and Scheduling Issues Mobility Management Mobility-Tolerant Communication Protocols Location Tracking and Location-based Services Resource and Information Management Security and Fault-Tolerance Issues Hardware and Software Platforms, Systems, and Testbeds Experimental and Prototype Results Quality-of-Service Issues Cross-Layer Interactions Scalability Issues Performance Analysis and Simulation of Protocols.