CANTransfer: Transfer learning based intrusion detection on a controller area network using convolutional LSTM network

Abstract

In-vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is widely used as the de facto standard to provide serial communications between Electronic Control Units (ECUs). However, prior research exhibits several network-level attacks can be easily performed and exploited in the CAN bus. Additionally, new types of intrusion attacks are discovered very frequently. However, unless we have a large amount of data about an intrusion, developing an efficient deep neural network-based detection mechanism is not easy. To address this challenge, we propose CANTransfer, an intrusion detection method using Transfer Learning for CAN bus, where a Convolutional LSTM based model is trained using known intrusion to detect new attacks. By applying one-shot learning, the model can be adaptable to detect new intrusions with a limited amount of new datasets. We performed extensive experimentation and achieved a performance gain of 26.60% over the best baseline model for detecting new intrusions.