D. Grimm, Simon Leiner, Martin Sommer, Felix Pistorius, E. Sax
{"title":"基于流的CAN帧压缩聚合","authors":"D. Grimm, Simon Leiner, Martin Sommer, Felix Pistorius, E. Sax","doi":"10.1109/SMARTCOMP50058.2020.00046","DOIUrl":null,"url":null,"abstract":"Modern cars are equipped with a wide variety of sensors generating continually growing amounts of data. This data is transmitted via bus systems such as Controller Area Network (CAN) inside of the vehicle to the microcontroller-based Electronic Control Units. By connecting the vehicle to its surroundings using wireless interfaces, this data becomes accessible to the vehicle manufacturer from a distance. Through the opening to the outside, cyber attacks can exploit these interfaces and introduce major risks to the privacy and safety of vehicle users. Hence, suitable methods for vehicle security monitoring such as intrusion detection and logging are needed. In this work, we focus on the logging of network data, since this data is useful for the development of security updates, countermeasures and incident signatures. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames.","PeriodicalId":346827,"journal":{"name":"2020 IEEE International Conference on Smart Computing (SMARTCOMP)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Flow-based Aggregation of CAN Frames with Compressed Payload\",\"authors\":\"D. Grimm, Simon Leiner, Martin Sommer, Felix Pistorius, E. Sax\",\"doi\":\"10.1109/SMARTCOMP50058.2020.00046\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Modern cars are equipped with a wide variety of sensors generating continually growing amounts of data. This data is transmitted via bus systems such as Controller Area Network (CAN) inside of the vehicle to the microcontroller-based Electronic Control Units. By connecting the vehicle to its surroundings using wireless interfaces, this data becomes accessible to the vehicle manufacturer from a distance. Through the opening to the outside, cyber attacks can exploit these interfaces and introduce major risks to the privacy and safety of vehicle users. Hence, suitable methods for vehicle security monitoring such as intrusion detection and logging are needed. In this work, we focus on the logging of network data, since this data is useful for the development of security updates, countermeasures and incident signatures. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames.\",\"PeriodicalId\":346827,\"journal\":{\"name\":\"2020 IEEE International Conference on Smart Computing (SMARTCOMP)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE International Conference on Smart Computing (SMARTCOMP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SMARTCOMP50058.2020.00046\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Conference on Smart Computing (SMARTCOMP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SMARTCOMP50058.2020.00046","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Flow-based Aggregation of CAN Frames with Compressed Payload
Modern cars are equipped with a wide variety of sensors generating continually growing amounts of data. This data is transmitted via bus systems such as Controller Area Network (CAN) inside of the vehicle to the microcontroller-based Electronic Control Units. By connecting the vehicle to its surroundings using wireless interfaces, this data becomes accessible to the vehicle manufacturer from a distance. Through the opening to the outside, cyber attacks can exploit these interfaces and introduce major risks to the privacy and safety of vehicle users. Hence, suitable methods for vehicle security monitoring such as intrusion detection and logging are needed. In this work, we focus on the logging of network data, since this data is useful for the development of security updates, countermeasures and incident signatures. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames. On this account, we propose a new method to aggregate the data of the CAN bus. The method combines CAN frames into so-called flows. Each flow contains a set of packets that share a certain common attribute (e.g.: frame type and identifier). To integrate security monitoring of vehicle fleets seamlessly into backend server systems, the gathered CAN flow data is stored in an industry standard data format. Additionally, the payload data is included in the flow format using a compression algorithm to leverage deep-packet inspection. The evaluation results with realworld vehicle data indicate that in our case about 40 % reduction of the overall data size is possible with our method compared to industry-standard formats for storing CAN frames.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
