Detecting Message Modification Attacks on the CAN Bus with Temporal Convolutional Networks
Autor: | András Gazdag, Gergely Biczók, J. W. Bosman, Irina Chiscop |
---|---|
Rok vydání: | 2021 |
Předmět: |
FOS: Computer and information sciences
Focus (computing) Computer Science - Cryptography and Security Computer Science - Artificial Intelligence business.industry Computer science ComputerApplications_COMPUTERSINOTHERSYSTEMS Intrusion detection system Performance results CAN bus Range (mathematics) Task (computing) Artificial Intelligence (cs.AI) Unsupervised learning False positive rate business Cryptography and Security (cs.CR) Computer network |
Zdroj: | Proceedings of the 7th International Conference on Vehicle Technology and Intelligent Transport Systems |
DOI: | 10.5220/0010445500002932 |
Popis: | Multiple attacks have shown that in-vehicle networks have vulnerabilities which can be exploited. Securing the Controller Area Network (CAN) for modern vehicles has become a necessary task for car manufacturers. Some attacks inject potentially large amount of fake messages into the CAN network; however, such attacks are relatively easy to detect. In more sophisticated attacks, the original messages are modified, making the detection a more complex problem. In this paper, we present a novel machine learning based intrusion detection method for CAN networks. We focus on detecting message modification attacks, which do not change the timing patterns of communications. Our proposed temporal convolutional network-based solution can learn the normal behavior of CAN signals and differentiate them from malicious ones. The method is evaluated on multiple CAN-bus message IDs from two public datasets including different types of attacks. Performance results show that our lightweight approach compares favorably to the state-of-the-art unsupervised learning approach, achieving similar or better accuracy for a wide range of scenarios with a significantly lower false positive rate. |
Databáze: | OpenAIRE |
Externí odkaz: |