Abstract
The rise in data use within cars has led to concerns about their cybersecurity. The Controller Area Network (CAN) enables communication between components core to the car’s safety and performance, and has been demonstrated to be particularly vulnerable to hacking and malicious cyber-intrusion. CAN intrusion detection systems have been envisaged. Signatures of known attacks might be used for detection, but this method holds many limitations. Although some attacks might change packet broadcast rates or add unknown packets onto the network, attacks that have little or no effect on these, yet can alter the packet data, have also been devised. We therefore test three novelty detection methods (Local Outlier Factor, Compound Classifier and One-Class Support Vector Machine) that might identify an attack based solely on anomalies in CAN packet field data-values. The methods compare values across a cluster of CAN packets broadcast from different control units, so potentially could identify an attacked control unit even when its subsequent fabricated payload data-values remain plausible. We test the methods on data from two different makes of car across a range of manipulation magnitudes, reflecting the unpredictability of attacks. Different training regimes are tested, enabling us to assess validity across journeys. We also consider the processes needed to determine the CAN fields that might be included in the intrusion detection cluster, and present algorithms for automating those processes.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.