Machine Learning for Automotive Cybersecurity: Challenges, Opportunities and Future Directions

Abstract

Connected autonomous vehicles (CAVs) hold the promise of not only improving functional safety but also improving mobility and the efficiency of transportation systems. CAVs can be viewed as a cyber-physical system that contains a large number of minicomputers called electronic control units (ECUs). In order for ECU subsystems to share information and operate efficiently, they are typically networked via various in-vehicle networks (IVNs). Such IVNs include the controller area network (CAN), local interconnected network (LIN), media-oriented system transport (MOST), FlexRay and automotive Ethernet. These IVNs are used to connect safety-critical and non-critical components of the vehicle, including brakes, airbags, engine control, active safety devices, the electronic stability program and adaptive cruise control. Although these IVNs provide some luxury functions and improve the functional safety of the vehicles, the use of in-vehicle communication networks can pose serious security threats to CAVs. Several incidents have been reported showing that intruders are able to access vehicle information, even for safety critical tasks. As the IVNs architecturally are not designed to defend against these attacks, additional methods are needed for security. In recent years researchers are taking advantage of advances in more powerful computing hardware, as well the availability of huge amounts of network data and proposing machine learning-based frameworks to secure these IVNs. To the best of our knowledge, these frameworks lack details such as how to apply machine learning for IVN security. Most of them are focused on the selection of machine learning algorithms to improve attack detection rates. As a result, these frameworks become uninterpreted since they took a lot of time in order to reproduce their result. An efficient successful machine learning system depends not only on the selected machine learning algorithm but also on the quality of data. This chapter aims to bridge this research gap by developing a generalized machine learning pipeline designed to defend against existing and emerging cyberattacks on IVNs. The chapter starts with an overview of IVNs, threat modeling of IVNs followed by machine learning-based defense mechanisms against existing and emerging cyberattacks targeted at these IVNs. The last section of the chapter outlines future directions of using the proposed machine learning approach as a solution against vehicle-based cyberattacks for the next generation of vehicles.