Modern vehicles are equipped with Electronic Control Units (ECUs), and they communicate with each other over in-vehicle networks. However, since the Controller Area Network (CAN), a common communication protocol for ECUs, does not have a security mechanism, malicious attackers might take advantage of its vulnerability to inject a malicious message to cause unintended controls of the vehicle. In this paper, we study the applicability of statistical anomaly detection methods for identifying malicious CAN messages in in-vehicle networks. To incorporate various types of information included in a CAN message, we apply a rule-based field classification algorithm for extracting message features, and then obtain low dimensional embeddings of message features, and use the reconstruction error as a maliciousness score of a message. We collected CAN message data from a real vehicle, and confirmed the effectiveness of the methods in practical situations.
CITATION STYLE
Kuwahara, T., Baba, Y., Kashima, H., Kishikawa, T., Tsurumi, J., Haga, T., … Matsushima, H. (2018). Payload-based statistical intrusion detection for in-vehicle networks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11154 LNAI, pp. 186–192). Springer Verlag. https://doi.org/10.1007/978-3-030-04503-6_20
Mendeley helps you to discover research relevant for your work.