A hybrid deep learning based intrusion detection system using spatial-temporal representation of in-vehicle network traffic

Abstract

A significant increase in the use of electronics control units (ECUs) in modern vehicles has made controller area network (CAN) a de facto standard in the automotive industry. CAN standard has been designed as a reliable and straightforward broadcast-based protocol for providing serial communication between ECUs without considering security aspects like authentication and encryption. Cyber attackers have exploited these vulnerabilities to mount a variety of attacks against CAN-based in-vehicle network. In this work, we proposed a hybrid deep learning-based intrusion detection system (HyDL-IDS) based upon spatial-temporal representation for characterizing in-vehicle network traffic accurately. For this purpose, we use convolutional neural network (CNN) and long short term memory (LSTM) in sequence for extracting spatial and temporal features automatically from in-vehicle network traffic. The proposed HyDL-IDS have been validated using a benchmark car-hacking data set. The reported results demonstrate approximately 100% detection accuracy with a low false alarm rate for different cyber-attacks, including denial-of-service (DoS) attacks, fuzzy attacks and spoofing (Gear and revolutions per minute (RPM)) attacks based on the identified dataset. The HyDL-IDS have significantly improved detection accuracy and false alarm rate for detecting intrusions in-vehicle network compared to other methods, namely Naive Bayes, Decision tree, Multi-layer perceptron, CNN, and LSTM based on spatial-temporal representation of in-vehicle network traffic.