基于Bi-LSTM的车载CAN异常检测研究

Q3 Computer Science

Journal of Cyber Security and Mobility Pub Date : 2023-08-12 DOI:10.13052/jcsm2245-1439.1251

Xiaopeng Kan, Zhihong Zhou, Lihong Yao, Yuxin Zuo

{"title":"基于Bi-LSTM的车载CAN异常检测研究","authors":"Xiaopeng Kan, Zhihong Zhou, Lihong Yao, Yuxin Zuo","doi":"10.13052/jcsm2245-1439.1251","DOIUrl":null,"url":null,"abstract":"Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"252 1","pages":"629-652"},"PeriodicalIF":0.0000,"publicationDate":"2023-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Research on Anomaly Detection in Vehicular CAN Based on Bi-LSTM\",\"authors\":\"Xiaopeng Kan, Zhihong Zhou, Lihong Yao, Yuxin Zuo\",\"doi\":\"10.13052/jcsm2245-1439.1251\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.\",\"PeriodicalId\":37820,\"journal\":{\"name\":\"Journal of Cyber Security and Mobility\",\"volume\":\"252 1\",\"pages\":\"629-652\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cyber Security and Mobility\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.13052/jcsm2245-1439.1251\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cyber Security and Mobility","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.13052/jcsm2245-1439.1251","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

摘要

控制器局域网(CAN)是现代汽车中应用最广泛的车载网络之一。由于缺乏加密、认证等安全机制，CAN在智能网络环境下容易受到外部黑客的攻击。本文提出了一种基于Bi-LSTM模型的轻量级CAN总线异常检测模型。Bi-LSTM模型通过学习ID序列的相关特征来检测异常。同时引入注意机制，提高模型的效率。本文重点研究了重放攻击、拒绝服务攻击和模糊攻击。实验结果表明，基于Bi-LSTM的异常检测模型能够快速准确地检测出三种攻击类型。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Research on Anomaly Detection in Vehicular CAN Based on Bi-LSTM

Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Cyber Security and Mobility Computer Science-Computer Networks and Communications

CiteScore

2.30

自引率

0.00%

发文量

期刊介绍： Journal of Cyber Security and Mobility is an international, open-access, peer reviewed journal publishing original research, review/survey, and tutorial papers on all cyber security fields including information, computer & network security, cryptography, digital forensics etc. but also interdisciplinary articles that cover privacy, ethical, legal, economical aspects of cyber security or emerging solutions drawn from other branches of science, for example, nature-inspired. The journal aims at becoming an international source of innovation and an essential reading for IT security professionals around the world by providing an in-depth and holistic view on all security spectrum and solutions ranging from practical to theoretical. Its goal is to bring together researchers and practitioners dealing with the diverse fields of cybersecurity and to cover topics that are equally valuable for professionals as well as for those new in the field from all sectors industry, commerce and academia. This journal covers diverse security issues in cyber space and solutions thereof. As cyber space has moved towards the wireless/mobile world, issues in wireless/mobile communications and those involving mobility aspects will also be published.