一种用于控制器区域网络快速异常检测的混合方法

2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS) Pub Date : 2020-12-14 DOI:10.1109/ANTS50601.2020.9342791

Jerin Sunny, S. Sankaran, V. Saraswat

{"title":"一种用于控制器区域网络快速异常检测的混合方法","authors":"Jerin Sunny, S. Sankaran, V. Saraswat","doi":"10.1109/ANTS50601.2020.9342791","DOIUrl":null,"url":null,"abstract":"Recent advancements in the field of in-vehicle network and wireless communication, has been steadily progressing. Also, the advent of technologies such as Vehicular Adhoc Networks (VANET) and Intelligent Transportation System (ITS), has transformed modern automobiles into a sophisticated cyber-physical system rather than just a isolated mechanical device. Modern automobiles rely on many electronic control units communicating over the Controller Area Network (CAN) bus. Although protecting the car’s external interfaces is an vital part of preventing attacks, detecting malicious activity on the CAN bus is an effective second line of defense against attacks. This paper proposes a hybrid anomaly detection system for CAN bus based on patterns of recurring messages and time interval of messages. The proposed method does not require modifications in CAN bus. The proposed system is evaluated on real CAN bus traffic with simulated attack scenarios. Results obtained show that our proposed system achieved a good detection rate with fast response times.","PeriodicalId":426651,"journal":{"name":"2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"A Hybrid Approach for Fast Anomaly Detection in Controller Area Networks\",\"authors\":\"Jerin Sunny, S. Sankaran, V. Saraswat\",\"doi\":\"10.1109/ANTS50601.2020.9342791\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recent advancements in the field of in-vehicle network and wireless communication, has been steadily progressing. Also, the advent of technologies such as Vehicular Adhoc Networks (VANET) and Intelligent Transportation System (ITS), has transformed modern automobiles into a sophisticated cyber-physical system rather than just a isolated mechanical device. Modern automobiles rely on many electronic control units communicating over the Controller Area Network (CAN) bus. Although protecting the car’s external interfaces is an vital part of preventing attacks, detecting malicious activity on the CAN bus is an effective second line of defense against attacks. This paper proposes a hybrid anomaly detection system for CAN bus based on patterns of recurring messages and time interval of messages. The proposed method does not require modifications in CAN bus. The proposed system is evaluated on real CAN bus traffic with simulated attack scenarios. Results obtained show that our proposed system achieved a good detection rate with fast response times.\",\"PeriodicalId\":426651,\"journal\":{\"name\":\"2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ANTS50601.2020.9342791\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ANTS50601.2020.9342791","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

近年来，车载网络和无线通信领域的进展，一直在稳步推进。此外，车辆自组织网络(VANET)和智能交通系统(ITS)等技术的出现，已经将现代汽车转变为一个复杂的网络物理系统，而不仅仅是一个孤立的机械设备。现代汽车依靠许多电子控制单元通过控制器局域网(CAN)总线进行通信。尽管保护汽车的外部接口是防止攻击的重要组成部分，但检测CAN总线上的恶意活动是抵御攻击的有效第二道防线。提出了一种基于消息循环模式和消息时间间隔的CAN总线混合异常检测系统。该方法不需要修改CAN总线。该系统在真实CAN总线流量和模拟攻击场景下进行了评估。实验结果表明，该系统具有良好的检测率和快速的响应时间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Hybrid Approach for Fast Anomaly Detection in Controller Area Networks

Recent advancements in the field of in-vehicle network and wireless communication, has been steadily progressing. Also, the advent of technologies such as Vehicular Adhoc Networks (VANET) and Intelligent Transportation System (ITS), has transformed modern automobiles into a sophisticated cyber-physical system rather than just a isolated mechanical device. Modern automobiles rely on many electronic control units communicating over the Controller Area Network (CAN) bus. Although protecting the car’s external interfaces is an vital part of preventing attacks, detecting malicious activity on the CAN bus is an effective second line of defense against attacks. This paper proposes a hybrid anomaly detection system for CAN bus based on patterns of recurring messages and time interval of messages. The proposed method does not require modifications in CAN bus. The proposed system is evaluated on real CAN bus traffic with simulated attack scenarios. Results obtained show that our proposed system achieved a good detection rate with fast response times.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS)

自引率

0.00%

发文量