车辆实时入侵检测系统体系结构替代方案的评估

2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS) Pub Date : 2022-12-01 DOI:10.1109/QRS57517.2022.00091

Mubark Jedh, Jian Kai Lee, L. B. Othmane

{"title":"车辆实时入侵检测系统体系结构替代方案的评估","authors":"Mubark Jedh, Jian Kai Lee, L. B. Othmane","doi":"10.1109/QRS57517.2022.00091","DOIUrl":null,"url":null,"abstract":"Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluations of some of these IDSs showed their efficacy in terms of accuracy in detecting message injections but were performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as a separate process for CAN Bus monitoring and another one for anomaly detection engine is reliable (does not lose messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Evaluation of the Architecture Alternatives for Real-Time Intrusion Detection Systems for Vehicles\",\"authors\":\"Mubark Jedh, Jian Kai Lee, L. B. Othmane\",\"doi\":\"10.1109/QRS57517.2022.00091\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluations of some of these IDSs showed their efficacy in terms of accuracy in detecting message injections but were performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as a separate process for CAN Bus monitoring and another one for anomaly detection engine is reliable (does not lose messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.\",\"PeriodicalId\":143812,\"journal\":{\"name\":\"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS57517.2022.00091\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS57517.2022.00091","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

攻击者展示了使用远程访问联网车辆的车载网络来控制这些车辆。基于机器学习的入侵检测系统(ids)技术已被提出用于检测此类攻击。对其中一些入侵防御系统的评估表明，它们在检测信息注入方面具有准确性，但它们是离线进行的，这限制了它们在实时保护场景中使用的信心。本文利用从移动车辆中收集的控制器区域网络(CAN)数据集，在恶意速读信息注入的情况下，评估了四种联网车辆实时IDS的架构设计。评估表明，为联网车辆设计的实时IDS作为CAN总线监控和另一个异常检测引擎的单独进程是可靠的(不丢失消息)，可以用于实时弹性机制，作为对网络攻击的响应。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Evaluation of the Architecture Alternatives for Real-Time Intrusion Detection Systems for Vehicles

Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluations of some of these IDSs showed their efficacy in terms of accuracy in detecting message injections but were performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as a separate process for CAN Bus monitoring and another one for anomaly detection engine is reliable (does not lose messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)

自引率

0.00%

发文量