Skip to main content
SpringerLink
Log in

In-Vehicle Network Injection Attacks Detection Based on Feature Selection and Classification

  • Published:
Automotive Innovation Aims and scope Submit manuscript

Abstract

Detecting abnormal data generated from cyberattacks has emerged as a crucial approach for identifying security threats within in-vehicle networks. The transmission of information through in-vehicle networks needs to follow specific data formats and communication protocols regulations. Typically, statistical algorithms are employed to learn these variation rules and facilitate the identification of abnormal data. However, the effectiveness of anomaly detection outcomes often falls short when confronted with highly deceptive in-vehicle network attacks. In this study, seven representative classification algorithms are selected to detect common in-vehicle network attacks, and a comparative analysis is employed to identify the most suitable and favorable detection method. In consideration of the communication protocol characteristics of in-vehicle networks, an optimal convolutional neural network (CNN) detection algorithm is proposed that uses data field characteristics and classifier selection, and its comprehensive performance is tested. In addition, the concept of Hamming distance between two adjacent packets within the in-vehicle network is introduced, enabling the proposal of an enhanced CNN algorithm that achieves robust detection of challenging-to-identify abnormal data. This paper also presents the proposed CNN classification algorithm that effectively addresses the issue of high false negative rate (FNR) in abnormal data detection based on the timestamp feature of data packets. The experimental results validate the efficacy of the proposed abnormal data detection algorithm, highlighting its strong detection performance and its potential to provide an effective solution for safeguarding the security of in-vehicle network information.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Abbreviations

ACC:

Accuracy

AUC:

Area under curve

CAN:

Controller area network

CNN:

Convolutional neural network

DA:

Discriminant analysis

DBN:

Deep belief network

DNN:

Deep neural network

DT:

Decision tree

ECU:

Electronic control unit

FNR:

False negative rate

FPR:

False positive rate

HMM:

Hidden Markov model

ID:

Identity document

KNN:

K-nearest neighbor

NB:

Nave Bayes

RF:

Random forest

ROC:

Receiver operating characteristic

SVM:

Support vector machine

TPR:

True positive rate

References

  1. Kim, K., Kim, J.S., Jeong, S., Park, J.H., Kim, H.K.: Cybersecurity for autonomous vehicles: review of attacks and defense. Comput. Sect. (2021). https://doi.org/10.1016/j.cose.2020.102150

    Article  Google Scholar 

  2. Han, M., Cheng, P.Z., Ma, S.D.: PPM-InVIDS: privacy protection model for in-vehicle intrusion detection system based complex-valued neural network. Veh. Commun. (2021). https://doi.org/10.1016/j.vehcom.2021.100374

    Article  Google Scholar 

  3. Zhang, J.Y., Li, F., Zhang, H.X., Li, R.X., Li, Y.L.: Intrusion detection system using deep learning for in-vehicle security. Ad Hoc Netw. (2019). https://doi.org/10.1016/j.adhoc.2019.101974

    Article  Google Scholar 

  4. Ishak, M.K., Khan, F.K.: Unique message authentication security approach based controller area network (CAN) for anti-lock braking system (ABS) in vehicle network. Proc. Comput. Sci. 160, 93–100 (2019)

    Article  Google Scholar 

  5. Alfonso, M.-C., Kelsey, A.R.-G., Claudia, F.-U., Alicia, M.-R.: Security on in-vehicle communication protocols: issues, challenges, and future research directions. Comput. Commun. 180(1), 1–20 (2021)

    Google Scholar 

  6. Qureshi, A., Marvi, M., Shamsi, J.A., Aijaz, A.: eUF: a framework for detecting over-the-air malicious updates in autonomous vehicles. J. King Saud Univ. Comput. Inf. Sci. 34, 5456–5467 (2022)

    Google Scholar 

  7. Cho, K.-T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. Paper Presented at the 25th USENIX Security Symposium, Austin (2016)

  8. Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. Paper Presented at the 2011 IEEE Intelligent Vehicles Symposium, Baden-Baden, Germany (2011)

  9. Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. Paper Presented at the 2016 IEEE International Conference on Data Science and Advanced Analytics, Montreal (2016)

  10. Lee, H., Jeong, S.H., Kim, H.K.: OTIDS: a novel intrusion detection system for in-vehicle network by using remote frame. Paper Presented at the 15th Annual Conference on Privacy, Security and Trust (PST), Calgary (2017)

  11. Markovitz, M., Wool, A.: Field classification, modeling and anomaly detection in unknown CAN bus networks. Veh. Commun. 9, 43–52 (2017)

    Google Scholar 

  12. Narayanan, S.N., Mittal, S., Joshi, A.: Using semantic technologies to mine vehicular context for security. Paper Presented at the 37th IEEE Sarnoff Symposium, Newark (2016)

  13. Marchetti, M., Stabili, D.: Anomaly detection of CAN bus messages through analysis of ID sequences. Paper Presented at the 28th IEEE Intelligent Vehicles Symposium (IV). Los Angeles (2017)

  14. Kang, M.J., Kang, J.W.: Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE 11(6), 1–17 (2016)

    Article  MathSciNet  Google Scholar 

  15. Binkhonain, M., Zhao, L.P.: A review of machine learning algorithms for identification and classification of non-functional requirements. Expert Syst. Appl. 10(1), 1–13 (2019)

    Google Scholar 

  16. Oprea, S.V., Bra, A.: Machine learning classification algorithms and anomaly detection in conventional meters and Tunisian electricity consumption large datasets. Comput. Electr. Eng. (2021). https://doi.org/10.1016/j.compeleceng.2021.107329

    Article  Google Scholar 

  17. Yu, T.Q., Wang, X.B.: Topology verification enabled intrusion detection for in-vehicle CAN-FD networks. IEEE Commun. Lett. 24(1), 227–230 (2020)

    Article  Google Scholar 

  18. Kosmanos, D., Pappas, A., Maglaras, L., et al.: A novel intrusion detection system against spoofing attacks in connected electric vehicles. Array (2022). https://doi.org/10.1016/j.array.2019.100013

    Article  Google Scholar 

  19. Aksu, D., Aydin, M.A.: MGA-IDS: optimal feature subset selection for anomaly detection framework on in-vehicle networks-CAN bus based on genetic algorithm and intrusion detection approach. Comput. Sect. (2022). https://doi.org/10.1016/j.cose.2022.102717

    Article  Google Scholar 

  20. Fenzl, F., Rieke, R., Chevalier, Y., Dominik, A., Kotenko, L.: Continuous fields: enhanced in-vehicle anomaly detection using machine learning models. Simul. Model. Pract. Theory (2020). https://doi.org/10.1016/j.simpat.2020.102143

    Article  Google Scholar 

  21. Qin, H.M., Yan, M.R., Ji, H.J.: Application of controller area network (CAN) bus anomaly detection based on time series prediction. Veh. Commun. (2020). https://doi.org/10.1016/j.vehcom.2020.100291

    Article  Google Scholar 

  22. Narayanan, S.N., Mittal, S., Joshi, A.: OBD_SecureAlert: an anomaly detection system for vehicles. Paper Presented at the 2016 IEEE International Conference on Smart Computing, St. Louis (2016)

  23. Dario, S., Mirco, M., Michele, C.: Detecting attacks to internal vehicle networks through hamming distance. Paper Presented at the IEEE 2017 AEIT International Annual Conference-Infrastructures for Energy and ICT, Cagliari (2017)

  24. Ji, H.J., Wang, Y.P., Qin, H.M., Wu, X.K., Yu, G.Z.: Investigating the effects of attack detection for in-vehicle networks based on clock drift of ECUs. IEEE Access 6, 49375–49384 (2018)

    Article  Google Scholar 

  25. Amato, F., Coppolino, L., Mercaldo, F., Moscato, F., Nardone, R., Santone, A.: CAN-bus attack detection with deep learning. IEEE Trans. Intell. Transp. Syst. 22(8), 5081–5090 (2021)

    Article  Google Scholar 

  26. Yang, Y.D., Xie, G.Q., Wang, J.L., Zhou, J., Xia, Z., Li, R.F.: Intrusion detection for in-vehicle network by using single GAN in connected vehicles. J. Circuit. Syst. Comput. 30(1), 2150007 (2021)

    Article  Google Scholar 

  27. Mani, V.R.S., Saravanaselvan, A., Arumugam, N.: Performance comparison of CNN, QNN and BNN deep neural networks for real-time object detection using ZYNQ FPGA node. Microelectron. J. (2021). https://doi.org/10.1016/j.mejo.2021.105319

    Article  Google Scholar 

  28. Jacinto, C., David, L., Lgnacio, A.-M., et al.: Anomaly detection in predictive maintenance: a new evaluation framework for temporal unsupervised anomaly detection algorithms. Neurocomputing 462, 440–452 (2021)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the the Young Scientists Fund of the National Natural Science Foundation of China under Grant 52102447, by the Research Fund Project of Beijing Information Science & Technology University under Grant 2023XJJ33.

Author information

Authors and Affiliations

  1. Key Laboratory of Modern Measurement and Control Technology, Ministry of Education, Beijing Information Science and Technology University, Beijing, 100192, China

    Haojie Ji & Liyong Wang

  2. State Key Laboratory of Advanced Design and Manufacturing for Vehicle Body, College of Mechanical and Vehicle Engineering, Hunan University, Changsha, 410082, China

    Hongmao Qin

  3. School of Transportation Science and Engineering, Beihang University, Beijing, 100191, China

    Yinghui Wang & Biao Chen

  4. Hefei Innovation Research Institute, Beihang University, Hefei, 230012, China

    Junjie Zhang

Authors
  1. Haojie Ji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liyong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hongmao Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yinghui Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Junjie Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Biao Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hongmao Qin.

Ethics declarations

Conflict of interest

On behalf of all the authors, the corresponding author states that there is no conflict of interest.

Additional information

Academic Editor: Weichao Zhuang

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ji, H., Wang, L., Qin, H. et al. In-Vehicle Network Injection Attacks Detection Based on Feature Selection and Classification. Automot. Innov. 7, 138–149 (2024). https://doi.org/10.1007/s42154-023-00273-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s42154-023-00273-w

Keywords

Search

Navigation