Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.6.1171

Intrusion Detection System Based on Sequential Model in SOME/IP  

Kang, Yeonjae (Korea University)
Pi, Daekwon (Korea University)
Kim, Haerin (Korea University)
Lee, Sangho (Korea University)
Kim, Huy Kang (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.6, 2022 , pp. 1171-1181 More about this Journal
Abstract
Front Collision-Avoidance Assist (FCA) or Smart Cruise Control (SCC) is installed in a modern vehicle, and the amount of data exchange between ECUs increases rapidly. Therefore, Automotive Ethernet, especially SOME/IP, which supports wide bandwidth and two-way communication, is widely adopted to overcome the bandwidth limitation of traditional CAN communication. SOME/IP is a standard protocol compatible with various automobile operating systems, and improves connectivity between components in the vehicle. However, no encryption or authentication process is defined in the SOME/IP protocol itself. Therefore, there is a need for a security study on the SOME/IP protocol. This paper proposes a deep learning-based intrusion detection system in SOME/IP and performs six attacks to confirm the performance of the intrusion detection system.
Keywords
Vehicle; SOME/IP; Automotive Ethernet; Intrusion Detection System (IDS);
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Du, R. Tang, and T. Feng, "Security analysis and improvement of vehicle ethernet SOME/IP protocol," Sensors, vol. 22, no. 18, pp. 1-26, Sep. 2022   DOI
2 T. Gehrmann and P. Duplys, "Intrusion detection for SOME/IP: challenges and opportunities," 2020 23rd Euromicro Conference on Digital System Design (DSD), pp. 583-587, Aug. 2020
3 M. Iorio, M. Reineri, F. Risso, R. Sisto and F. Valenza, "Securing SOME/IP for in-vehicle service protection," IEEE Transactions on Vehicular Technology, vol. 69, no. 11, pp. 13450-13466, Nov. 2020   DOI
4 M. Rumez, D. Grimm, R. Kriesten and E. Sax, "An overview of automotive service-oriented architectures and implications for security countermeasures," IEEE Access, vol. 8, pp. 221852-221870, Dec. 2020   DOI
5 Y. Li, H. Chen, C. Zhang, S. Xiong, C. Liu and Y. Wang, "Ori: a greybox fuzzer for SOME/IP protocols in automotive ethernet," 2020 27th Asia-Pacific Software Engineering Conference (APSEC), pp. 495-499, Dec. 2020
6 Autosar, "SOME/IP protocol specification", https://www.autosar.org/fileadmin/user_upload/standards/foundation/21-11/AUTOSAR_PRS_SOMEIPProtocol.pdf, Accessed: Nov. 2021
7 S.A. Althubiti, E.M. Jones and K. Roy, "LSTM for anomaly-based network intrusion detection," 2018 28th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1-3, Nov. 2018
8 A.R. Javed, S.U. Rehman, M.U. Khan, M. Alazab and T.R. G, "CANintelliI DS: detecting in-vehicle intrusion attacks on a controller area network Using CNN and attention-based GRU," IEEE Transactions on Network Science and Engineering, vol. 8, no. 2, pp. 1456-1466, Feb. 2021   DOI
9 P. Tumas, A. Nowosielski and A. Serackis, "Pedestrian detection in severe weather conditions," IEEE Access, vol. 8, pp. 62775-62784, Jan. 2020   DOI
10 HLDI Bulletin, "Predicted availability and prevalence of safety features on registered vehicles - a 2020 update", Vol.39, No.2, pp. 1-16, Apr. 2022   DOI
11 IEEE Dataport, "Intrusion detection in CAN bus", https://ieee-dataport.org/documents/intrusion-detection-can-bus#files, Accessed: Dec. 2022
12 A.H. Mirza and S. Cosan, "Computer network intrusion detection using seq uential LSTM Neural Networks autoencoders," 2018 26th Signal Processing and Communications Applications Conference (SIU), pp. 1-4, May. 2018
13 Argus, "Hijacking SOME/IP protocol with man in the middle attack", https://argus-sec.com/some-ip-protocol-man-in-the-middle-attack/, Accessed: Oct. 2022
14 M. Iorio, A. Buttiglieri, M. Reineri, F. Risso, R. Sisto and F. Valenza, "Protecting in-vehicle services: security-enabled SOME/IP middleware," IEEE Vehicular Technology Magazine, vol. 15, no. 3, pp. 77-85, Sep. 2020   DOI
15 N. Herold, S.A. Posselt, O. Hanka and G. Carle, "Anomaly detection for SOME/IP using complex event processing," 2016 IEEE/IFIP Network Operations and Management Symposium(NOMS), pp. 1221-1226, Apr. 2016
16 Kotra, "Future automotive, global value chain trends and overseas expansion strategies", http://dl.kotra.or.kr/pyxis-api/1/digital-files/c16960f0-1211-018a-e053-b46464899664, Accessed: Oct. 2022
17 N. Alkhatib, H. Ghauch and J.L. Danger, "SOME/IP intrusion detection using deep learning-based sequential models in automotive ethernet networks, " 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), pp. 0954-0962, Oct. 2021
18 NewsRoom, "Advanced driver assistance technology names", https://newsroom.aaa.com/2019/01/common-naming-for-adas-technology/, Accessed: Oct. 2022
19 "Automotive ethernet and measurement technology, the link between the past and the future", Techworld, Jun. 2021, 10
20 H. Kang, B.I. Kwak, Y.H. Lee, H. Lee, H. Lee, and H.K. Kim, "Car hacking and defense competition on in-vehicle network," Third International Work shop on Automotive and Autonomous Vehicle Security, vol. 2021, pp. 25-30, Feb. 2021
21 K.H. Park, and H.K. Kim, "This Caris Mine!: Automobile Theft Countermeasure Leveraging Driver Identification with Generative Adversarial Networks," ESCAR ASIA 2019, pp. 1-6, Nov. 2019
22 S. Jeong, B. Jeon, B. Chung, and H. K. Kim, "Convolutional neural network-based intrusion detection system for AVTP streams in automotive ethernet-based networks," Vehicular Communications, Vol. 29, pp. 1-11, Jun. 2021