Real-Time Security Warning and ECU Identification for In-Vehicle Networks

Abstract

Vehicle intelligence and networking have manifested the significance of the embedded Controller Area Network (CAN) bus. However, the lack of message encryption and identity authentication leaves Electric Control Units (ECUs) exposed to cyber-attacks. To identify the potential attacks on the CAN, intrusion detection systems are required with consideration of their computational burden and their application in vehicles. Therefore, we propose a lightweight ECU identification scheme. Explicitly, the proposed method records the periodic intervals of frames and calculates accumulated clock offsets with the recursive least square algorithm; meanwhile, the empirical rules are adopted to eliminate the noises. Then, the ECU fingerprints have been formulated with the derived clock skew, clock offsets as well as their expectations. Furthermore, to accurately identify the attackers in the masquerade attacks, a double-verified attacker identification approach is proposed, in which the data dependency and intra-inter class algorithm are respectively utilized for better executability. Finally, we have tested the proposed method with an actual vehicle and the results manifest that the proposed method could identify the abnormal ECUs with an identification accuracy of at least 98% and its execution time is less than 3ms.