Two-Step Algorithm to Detect Cyber-Attack Over the Can-Bus: A Preliminary Case Study in Connected Vehicles

Modern vehicles are connected to the network and between each other through smart sensors and smart objects commonly present on board. This situation has allowed manufacturers to send over-the-air updates, receive diagnostic information, and offer various multimedia services. More generally, at present, all this is indicated by the term 'Vehicle to Everything' (V2X), which indicates a system of communication between a vehicle to any entity that may influence the vehicle and vice versa. However, it introduces problems regarding the vehicle's IT security. It is possible, for example, by tampering with one of the Electronic Control Units (ECUs) to take partial or total control of the vehicle. In this paper, we introduce a preliminary study case to guarantee cybersecurity inside connected vehicles. In particular, an Intrusion Detection System over the CAN-Bus to allow the possible malicious massages. In particular, through the use of a two-step detection algorithm that exploits both the variation of the status parameters of the various ECUs over time and the Bayesian networks can identify a possible attack. The first experimental results seem encouraging.