Browse Publications Technical Papers 11-01-01-0003
2018-05-16

Anomaly-Based Intrusion Detection Using the Density Estimation of Reception Cycle Periods for In-Vehicle Networks 11-01-01-0003

This also appears in SAE International Journal of Transportation Cybersecurity and Privacy-V127-11EJ

The automotive industry intends to create new services that involve sharing vehicle control information via a wide area network. In modern vehicles, an in-vehicle network shares information between more than 70 electronic control units (ECUs) inside a vehicle while it is driven. However, such a complicated system configuration can result in security vulnerabilities. The possibility of cyber-attacks on vehicles via external services has been demonstrated in many research projects. As advances in vehicle systems (e.g., autonomous drive) progress, the number of vulnerabilities to be exploited by cyber-attacks will also increase. Therefore, future vehicles need security measures to detect unknown cyber-attacks. We propose anomaly-based intrusion detection to detect unknown cyber-attacks for the Control Area Network (CAN) protocol, which is popular as a communication protocol for in-vehicle networks. For the easy deployment and maintenance of the IDS, the proposed method learns the behavior model online. We compared the proposed method with conventional methods using captured CAN traffic data, and confirmed that, under attack, only the proposed method simultaneously achieved a high illegitimate frame detection rate and correct frame detection rate.

SAE MOBILUS

Subscribers can view annotate, and download all of SAE's content. Learn More »

Access SAE MOBILUS »

We also recommend:
STANDARD

J1939 Digital Annex

J1939DA_202210

View Details

STANDARD

Pass-Thru Extended Features - CAN with Flexible Data Rate

J2534-2/11_5_00

View Details

STANDARD

Network Layer

J1939/31_201809

View Details

X