Abstract
Electric Vehicles' Controller Area Network (CAN) bus serves as a legacy protocol for in-vehicle network communication. Simplicity, robustness, and suitability for real-time systems are the salient features of CAN bus. Unfortunately, the CAN bus protocol is vulnerable to various cyberattacks due to the lack of a message authentication mechanism in the protocol itself, paving the way for attackers to penetrate the network. This paper proposes a new effective anomaly detection model based on a modified one-class support vector machine in the CAN traffic. The proposed model makes use of an improved algorithm, known as the modified bat algorithm, to find the most accurate structure in the offline training. To evaluate the effectiveness of the proposed method, CAN traffic is logged from an unmodified licensed electric vehicle in normal operation to generate a dataset for each message ID and a corresponding occurrence frequency without any attacks. In addition, to measure the performance and superiority of the proposed method compared to the other two famous CAN bus anomaly detection algorithms such as Isolation Forest and classical one-class support vector machine, we provided Receiver Operating Characteristic (ROC) for each method to quantify the correctly classified windows in the test sets containing attacks. Experimental results indicate that the proposed method achieved the highest rate of True Positive Rate (TPR) and lowest False Positive Rate (FPR) for anomaly detection compared to the other two algorithms. Moreover, in order to show that the proposed method can be applied to other datasets, we used two recent popular public datasets in the scope of CAN bus traffic anomaly detection. Benchmarking with more CAN bus traffic datasets proves the independency of the proposed method from the meaning of each message ID and data field that make the model adaptable with different CAN datasets.
Highlights
Modern electric vehicles are composed of many hardware modules, known as Electronic Control Units (ECUs), which are controlled by sophisticated software components.The associate editor coordinating the review of this article and approving it for publication was Hao Luo.ECUs read data measured by a range of sensors and perform relevant processing for various purposes, such as pedestrian detection, path planning, auto-parking, and collision avoidance
This section provides simulation results based on practical data gathered from a licensed unmodified vehicle and two other public Controller Area Network (CAN) bus traffic dataset to examine the accuracy of the proposed model
Random partitioning is performed to divide the dataset into three sets, namely training, validation, and testing. 70% of the dataset is assigned to the training model, 10% to the validation to avoid any overfitting in the training, and the remaining 20% is assigned to the testing phase, which is sliced up into the normal traffic log and a simulated attacked traffic log
Summary
Modern electric vehicles are composed of many hardware modules, known as Electronic Control Units (ECUs), which are controlled by sophisticated software components. The associate editor coordinating the review of this article and approving it for publication was Hao Luo. ECUs read data measured by a range of sensors and perform relevant processing for various purposes, such as pedestrian detection, path planning, auto-parking, and collision avoidance. ECUs read data measured by a range of sensors and perform relevant processing for various purposes, such as pedestrian detection, path planning, auto-parking, and collision avoidance They control the actuators in a vehicle [1]. The values of the sensors and actuators are transmitted over the in-vehicle network protocol to other ECUs, leading to the creation of a highly complex network of hardware and software.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
