Abstract
In this paper, we propose H-IDFS, a Histogram-based Intrusion Detection and Filtering framework, which assembles the CAN packets into windows, and computes their corresponding histograms. The latter are fed to a multi-class IDS classifier to identify the class of the traffic windows. If the window is found malicious, the filtering system is invoked to filter out the normal CAN packets from each malicious window. To this end, we propose a novel one-class SVM, named <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">OCSVM-attack</i> that is trained on normal traffic and considers the invariant and quasi-invariant features of the attack. Experimental results on two CAN datasets: OTIDS and Car-Hacking, show the superiority of the proposed H-IDFS, as it achieves an accuracy of 100% for window classification, and correctly filters out between 94.93% and 100% of normal packets from malicious windows.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IEEE Transactions on Intelligent Transportation Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
