Automotive networks are crucial for ensuring safety as the number of Electronic Control Units (ECUs) grows to support vehicle intelligence. The Controller Area Network (CAN) is commonly used for efficient in-vehicle communication among ECUs. However, its broadcast nature and lack of a dedicated security layer make it vulnerable to attacks. This paper proposes a novel CAN bus Intrusion Detection System (IDS), named BNN-based IDS (BIDS), which efficiently provides both unknown attack detection and known attack classification using a hierarchical two-stage Binarised Neural Network (BNN) and Generative Adversarial Network (GAN). BIDS was validated on three datasets, and its implementation achieves an average inference time of less than 0.170 ms with minimal resource utilisation on a low-cost Field Programmable Gate Array (FPGA). This rapid inference speed enables real-time inference on individual CAN messages using a sliding window technique, eliminating the need to wait for multiple accumulated CAN messages required for data preprocessing. Evaluation metrics demonstrate that our IDS achieves high accuracy in both identifying unseen attacks and categorising known attacks. Furthermore, our FPGA implementation consumes merely 2.09 W, which is a 57% reduction compared to a cutting-edge FPGA-based IDS that is capable of detecting unknown attacks using the same dataset.
Read full abstract