TCE-IDS: Time Interval Conditional Entropy- Based Intrusion Detection System for Automotive Controller Area Networks

Abstract

Intelligent connected vehicle is rapidly growing with the 5-G technology; the diversity of functional interfaces has significantly expanded the avenues of attack, making automotive controller area network (CAN) more vulnerable to cyberthreats. Automotive CAN network attacks are a direct threat to traffic safety, and in this study, we explore the use of intrusion detection techniques for mitigating cyberattacks. However, most automotive CAN network intrusion detection technologies are not capable of defending against sophisticated attacks, making it extremely challenging for detecting intrusions in practice. In this article, we propose a novel time interval conditional entropy method for detecting intrusions in automotive CAN networks. The time interval conditional entropy intrusion detection method is not susceptible to interference and is capable of detecting a variety of attacks. In our experiments, the conditional entropy values of regular communication messages are collected and utilized to distinguish and detect the attacks. The time interval conditional entropy detection method is implemented and evaluated in our controller area net-work bus (CAN-BUS) network platform. The experiments show that our method has higher detection accuracy and is easier to deploy compared to existing automotive CAN network intrusion detection methods.