Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.3.373

Periodic-and-on-Event Message-Aware Automotive Intrusion Detection System  

Lee, Seyoung (Korea University)
Choi, Wonsuk (Hansung University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.3, 2021 , pp. 373-385 More about this Journal
Abstract
To provide convenience and safety of drivers, the recent vehicles are being equipped with a number of electronic control units (ECUs). Multiple ECUs construct a network inside a vehicle to share information related to the vehicle's status; in addition, the CAN protocol is normally applied. As the modern vehicles provide highly convenient and safe services, it provides many types of attack surfaces; as a result, it makes them vulnerable to cyber attacks. The automotive IDS (Intrusion Detection System) is one of the promising techniques for securing vehicles. However, the existing methods for automotive IDS are able to analyze only periodic messages. If someone attacks on non-periodic messages, the existing methods are not able to properly detect the intrusion. In this paper, we present a method to detect intrusions including an attack using non-periodic messages. Moreover, we evaluate our method on the real vehicles, where we show that our method has 0% of FPR and 0% of FNR under our attack model.
Keywords
CAN (Controller Area Network); In-vehicle Network; Security; Automotive Intrusion Detection System;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Foster, Ian, et al. "Fast and vulnerable: A story of telematic failures." 9th USENIX Workshop on Offensive Technologies, Aug. 2015.
2 Miller, Charlie, and Chris Valasek. "Remote exploitation of an unaltered passenger vehicle," Black Hat USA, Aug. 2015
3 Lv, Samuel, Sen Nie, and Ling Liu. "Car Hacking Research: Remote Attack Tesla Motors," Keen Security lab of Tencent, Sep. 2016
4 Taylor, Adrian, Nathalie Japkowicz, and Sylvain Leblanc. "Frequency-based anomaly detection for the automotive CAN bus," IEEE World Congress on Industrial Control Systems Security (WCICSS), pp. 45-49, Dec. 2015
5 Muter, Michael, and Naim Asaj. "Entropy-based anomaly detection for in-vehicle networks." IEEE Intelligent Vehicles Symposium (IV), pp. 1110-1115, Jun. 2011
6 Checkoway, Stephen, et al. "Comprehensive experimental analyses of automotive attack surfaces," in Proceedings of the 20th USENIX Security Symposium, pp. 447-462, Aug. 2011
7 Cho, Kyong-Tak, and Kang G. Shin. "Fingerprinting electronic control units for vehicle intrusion detection," 25th USENIX Security Symposium, pp. 911-927, Aug. 2016
8 Choi, Wonsuk, et al. "Identifying ecus using inimitable characteristics of signals in controller area networks," IEEE Transactions on Vehicular Technology, 67(6), pp. 4757-4770, Feb. 2018   DOI
9 Miller, Charlie, and Chris Valasek. "Adventures in automotive networks and control units," Def Con 21, 2013
10 Koscher, Karl, et al, "Experimental security analysis of a modern automobile," IEEE Symposium on Security and Privacy, pp. 447-462, Jul. 2010
11 Song, Hyun Min, Ha Rang Kim, and Huy Kang Kim. "Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network," 2016 international conference on information networking (ICOIN), pp. 63-68, Mar. 2016
12 Sagong, Sang Uk, et al. "Cloaking the clock: emulating clock skew in controller area networks," ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS), pp. 32-42, Apr. 2018
13 Foruhandeh, Mahsa. et al. "SIMPLE: Single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks,", In Proceedings of the 35th Annual Computer Security Applications Conference, pp. 229-244, Dec. 2019
14 Choi, Wonsuk, et al. "Voltageids: Low-level communication characteristics for automotive intrusion detection system," IEEE Transactions on Information Forensics and Security, 13(8), pp. 2114-2129, Aug. 2018   DOI
15 Seo, Eunbi, Hyun Min Song, and Huy Kang Kim. "Gids: Gan based intrusion detection system for in-vehicle network." 16th Annual Conference on Privacy, Security and Trust (PST), pp. 1-6, Nov. 2018