MLIDS:利用长短期记忆网络处理原始高维CAN总线数据，用于车载网络入侵检测

2020 30th International Telecommunication Networks and Applications Conference (ITNAC) Pub Date : 2020-11-25 DOI:10.1109/ITNAC50341.2020.9315024

Araya Kibrom Desta, Shuji Ohira, Ismail Arai, K. Fujikawa

{"title":"MLIDS:利用长短期记忆网络处理原始高维CAN总线数据，用于车载网络入侵检测","authors":"Araya Kibrom Desta, Shuji Ohira, Ismail Arai, K. Fujikawa","doi":"10.1109/ITNAC50341.2020.9315024","DOIUrl":null,"url":null,"abstract":"CAN uses no authentication and encryption mechanisms for secure communication. To solve the security issues of the CAN bus, a deep learning-based intrusion detection systems have been proposed. But due to the high dimensional property of the CAN bus data, it was not possible to create an effective Intrusion Detection System (IDS) in the CAN bus that can take the property of the CAN data into consideration. In this paper, we are proposing a Long Short-Term Memory Networks (LSTM) based IDS that can handle the high dimensional property of the CAN bus data . Unlike the conventional methods which required a single network architecture for each unique arbitration ID, our method gives a single overall anomaly signal over a certain detection window without the need for reverese-engineering the CAN bus data. Using this anomaly signal we have managed to achieve 100% detection precision for insertion, fuzzy and targeted attacks in our data and in a public data that is prepared for this specific purpose.","PeriodicalId":131639,"journal":{"name":"2020 30th International Telecommunication Networks and Applications Conference (ITNAC)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"MLIDS: Handling Raw High-Dimensional CAN Bus Data Using Long Short-Term Memory Networks for Intrusion Detection in In-Vehicle Networks\",\"authors\":\"Araya Kibrom Desta, Shuji Ohira, Ismail Arai, K. Fujikawa\",\"doi\":\"10.1109/ITNAC50341.2020.9315024\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"CAN uses no authentication and encryption mechanisms for secure communication. To solve the security issues of the CAN bus, a deep learning-based intrusion detection systems have been proposed. But due to the high dimensional property of the CAN bus data, it was not possible to create an effective Intrusion Detection System (IDS) in the CAN bus that can take the property of the CAN data into consideration. In this paper, we are proposing a Long Short-Term Memory Networks (LSTM) based IDS that can handle the high dimensional property of the CAN bus data . Unlike the conventional methods which required a single network architecture for each unique arbitration ID, our method gives a single overall anomaly signal over a certain detection window without the need for reverese-engineering the CAN bus data. Using this anomaly signal we have managed to achieve 100% detection precision for insertion, fuzzy and targeted attacks in our data and in a public data that is prepared for this specific purpose.\",\"PeriodicalId\":131639,\"journal\":{\"name\":\"2020 30th International Telecommunication Networks and Applications Conference (ITNAC)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 30th International Telecommunication Networks and Applications Conference (ITNAC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITNAC50341.2020.9315024\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 30th International Telecommunication Networks and Applications Conference (ITNAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNAC50341.2020.9315024","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

摘要

CAN不使用身份验证和加密机制进行安全通信。为了解决CAN总线的安全问题，提出了一种基于深度学习的入侵检测系统。但是由于CAN总线数据的高维特性，无法在CAN总线上建立有效的能够考虑到CAN数据特性的入侵检测系统。在本文中，我们提出了一种基于长短期记忆网络(LSTM)的IDS，它可以处理can总线数据的高维特性。与需要为每个唯一仲裁ID使用单个网络架构的传统方法不同，我们的方法在特定检测窗口上给出单个整体异常信号，而无需对CAN总线数据进行逆向工程。使用这种异常信号，我们已经成功地在我们的数据和为此特定目的准备的公共数据中实现了100%的插入、模糊和有针对性攻击检测精度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

MLIDS: Handling Raw High-Dimensional CAN Bus Data Using Long Short-Term Memory Networks for Intrusion Detection in In-Vehicle Networks

CAN uses no authentication and encryption mechanisms for secure communication. To solve the security issues of the CAN bus, a deep learning-based intrusion detection systems have been proposed. But due to the high dimensional property of the CAN bus data, it was not possible to create an effective Intrusion Detection System (IDS) in the CAN bus that can take the property of the CAN data into consideration. In this paper, we are proposing a Long Short-Term Memory Networks (LSTM) based IDS that can handle the high dimensional property of the CAN bus data . Unlike the conventional methods which required a single network architecture for each unique arbitration ID, our method gives a single overall anomaly signal over a certain detection window without the need for reverese-engineering the CAN bus data. Using this anomaly signal we have managed to achieve 100% detection precision for insertion, fuzzy and targeted attacks in our data and in a public data that is prepared for this specific purpose.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 30th International Telecommunication Networks and Applications Conference (ITNAC)

自引率

0.00%

发文量