TY - GEN
T1 - Signature-based intrusion detection system (IDS) for in-vehicle CAN bus network
AU - Jin, Shiyi
AU - Chung, Jin Gyun
AU - Xu, Yinan
N1 - Publisher Copyright:
© 2021 IEEE
PY - 2021
Y1 - 2021
N2 - In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in-vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.
AB - In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in-vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.
KW - CAN
KW - In-vehicle network security
KW - Intrusion detection system
KW - Light-weight
KW - Short-term solution
UR - https://www.scopus.com/pages/publications/85109028601
U2 - 10.1109/ISCAS51556.2021.9401087
DO - 10.1109/ISCAS51556.2021.9401087
M3 - Conference paper
AN - SCOPUS:85109028601
T3 - Proceedings - IEEE International Symposium on Circuits and Systems
BT - 2021 IEEE International Symposium on Circuits and Systems, ISCAS 2021 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 53rd IEEE International Symposium on Circuits and Systems, ISCAS 2021
Y2 - 22 May 2021 through 28 May 2021
ER -