Fast Anomalous Traffic Detection System for Secure Vehicular Communications

In modern automotive systems, introducing multiple connectivity protocols has transformed in-vehicle network communication, resulting in the widely recognized Controller Area Network (CAN) standard. Despite its ubiquitous use, the CAN protocol lacks critical security features, making vehicle communications vulnerable to message injection attacks. These assaults might confuse original electronic control units (ECUs) or cause system failures, emphasizing the need for strong cybersecurity solutions in automobile networks. This study addresses this need by developing a quick and efficient abnormal traffic detection system to protect vehicular communications from cyber attacks. The proposed system utilizes four machine learning techniques: Adaboost Trees (ABT), Coarse Decision Trees (CDT), Naive Bayes Classifier (NBC), and Support Vector Machine (SVM). These models were carefully assessed on the Car-Hacking-2018 dataset, which simulates real-time vehicular communication scenarios. Specifically, the system considers five balanced classes, including one normal traffic class and four classes for message injection attacks over the in-vehicle controller area network: fuzzy attack, DoS attack, RPM attack (spoofing), and gear attack (spoofing). Our best performance outcomes belong to the ABT model, which notched 99.8% classification accuracy and $6.67 \mu\text{s}$ of classification overhead. Such results have outweighed existing in-vehicle intrusion detection systems employing the same/similar dataset.