Abstract
Detecting abnormal data generated from cyberattacks has emerged as a crucial approach for identifying security threats within in-vehicle networks. The transmission of information through in-vehicle networks needs to follow specific data formats and communication protocols regulations. Typically, statistical algorithms are employed to learn these variation rules and facilitate the identification of abnormal data. However, the effectiveness of anomaly detection outcomes often falls short when confronted with highly deceptive in-vehicle network attacks. In this study, seven representative classification algorithms are selected to detect common in-vehicle network attacks, and a comparative analysis is employed to identify the most suitable and favorable detection method. In consideration of the communication protocol characteristics of in-vehicle networks, an optimal convolutional neural network (CNN) detection algorithm is proposed that uses data field characteristics and classifier selection, and its comprehensive performance is tested. In addition, the concept of Hamming distance between two adjacent packets within the in-vehicle network is introduced, enabling the proposal of an enhanced CNN algorithm that achieves robust detection of challenging-to-identify abnormal data. This paper also presents the proposed CNN classification algorithm that effectively addresses the issue of high false negative rate (FNR) in abnormal data detection based on the timestamp feature of data packets. The experimental results validate the efficacy of the proposed abnormal data detection algorithm, highlighting its strong detection performance and its potential to provide an effective solution for safeguarding the security of in-vehicle network information.
Similar content being viewed by others
Abbreviations
- ACC:
-
Accuracy
- AUC:
-
Area under curve
- CAN:
-
Controller area network
- CNN:
-
Convolutional neural network
- DA:
-
Discriminant analysis
- DBN:
-
Deep belief network
- DNN:
-
Deep neural network
- DT:
-
Decision tree
- ECU:
-
Electronic control unit
- FNR:
-
False negative rate
- FPR:
-
False positive rate
- HMM:
-
Hidden Markov model
- ID:
-
Identity document
- KNN:
-
K-nearest neighbor
- NB:
-
Nave Bayes
- RF:
-
Random forest
- ROC:
-
Receiver operating characteristic
- SVM:
-
Support vector machine
- TPR:
-
True positive rate
References
Kim, K., Kim, J.S., Jeong, S., Park, J.H., Kim, H.K.: Cybersecurity for autonomous vehicles: review of attacks and defense. Comput. Sect. (2021). https://doi.org/10.1016/j.cose.2020.102150
Han, M., Cheng, P.Z., Ma, S.D.: PPM-InVIDS: privacy protection model for in-vehicle intrusion detection system based complex-valued neural network. Veh. Commun. (2021). https://doi.org/10.1016/j.vehcom.2021.100374
Zhang, J.Y., Li, F., Zhang, H.X., Li, R.X., Li, Y.L.: Intrusion detection system using deep learning for in-vehicle security. Ad Hoc Netw. (2019). https://doi.org/10.1016/j.adhoc.2019.101974
Ishak, M.K., Khan, F.K.: Unique message authentication security approach based controller area network (CAN) for anti-lock braking system (ABS) in vehicle network. Proc. Comput. Sci. 160, 93–100 (2019)
Alfonso, M.-C., Kelsey, A.R.-G., Claudia, F.-U., Alicia, M.-R.: Security on in-vehicle communication protocols: issues, challenges, and future research directions. Comput. Commun. 180(1), 1–20 (2021)
Qureshi, A., Marvi, M., Shamsi, J.A., Aijaz, A.: eUF: a framework for detecting over-the-air malicious updates in autonomous vehicles. J. King Saud Univ. Comput. Inf. Sci. 34, 5456–5467 (2022)
Cho, K.-T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. Paper Presented at the 25th USENIX Security Symposium, Austin (2016)
Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. Paper Presented at the 2011 IEEE Intelligent Vehicles Symposium, Baden-Baden, Germany (2011)
Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. Paper Presented at the 2016 IEEE International Conference on Data Science and Advanced Analytics, Montreal (2016)
Lee, H., Jeong, S.H., Kim, H.K.: OTIDS: a novel intrusion detection system for in-vehicle network by using remote frame. Paper Presented at the 15th Annual Conference on Privacy, Security and Trust (PST), Calgary (2017)
Markovitz, M., Wool, A.: Field classification, modeling and anomaly detection in unknown CAN bus networks. Veh. Commun. 9, 43–52 (2017)
Narayanan, S.N., Mittal, S., Joshi, A.: Using semantic technologies to mine vehicular context for security. Paper Presented at the 37th IEEE Sarnoff Symposium, Newark (2016)
Marchetti, M., Stabili, D.: Anomaly detection of CAN bus messages through analysis of ID sequences. Paper Presented at the 28th IEEE Intelligent Vehicles Symposium (IV). Los Angeles (2017)
Kang, M.J., Kang, J.W.: Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE 11(6), 1–17 (2016)
Binkhonain, M., Zhao, L.P.: A review of machine learning algorithms for identification and classification of non-functional requirements. Expert Syst. Appl. 10(1), 1–13 (2019)
Oprea, S.V., Bra, A.: Machine learning classification algorithms and anomaly detection in conventional meters and Tunisian electricity consumption large datasets. Comput. Electr. Eng. (2021). https://doi.org/10.1016/j.compeleceng.2021.107329
Yu, T.Q., Wang, X.B.: Topology verification enabled intrusion detection for in-vehicle CAN-FD networks. IEEE Commun. Lett. 24(1), 227–230 (2020)
Kosmanos, D., Pappas, A., Maglaras, L., et al.: A novel intrusion detection system against spoofing attacks in connected electric vehicles. Array (2022). https://doi.org/10.1016/j.array.2019.100013
Aksu, D., Aydin, M.A.: MGA-IDS: optimal feature subset selection for anomaly detection framework on in-vehicle networks-CAN bus based on genetic algorithm and intrusion detection approach. Comput. Sect. (2022). https://doi.org/10.1016/j.cose.2022.102717
Fenzl, F., Rieke, R., Chevalier, Y., Dominik, A., Kotenko, L.: Continuous fields: enhanced in-vehicle anomaly detection using machine learning models. Simul. Model. Pract. Theory (2020). https://doi.org/10.1016/j.simpat.2020.102143
Qin, H.M., Yan, M.R., Ji, H.J.: Application of controller area network (CAN) bus anomaly detection based on time series prediction. Veh. Commun. (2020). https://doi.org/10.1016/j.vehcom.2020.100291
Narayanan, S.N., Mittal, S., Joshi, A.: OBD_SecureAlert: an anomaly detection system for vehicles. Paper Presented at the 2016 IEEE International Conference on Smart Computing, St. Louis (2016)
Dario, S., Mirco, M., Michele, C.: Detecting attacks to internal vehicle networks through hamming distance. Paper Presented at the IEEE 2017 AEIT International Annual Conference-Infrastructures for Energy and ICT, Cagliari (2017)
Ji, H.J., Wang, Y.P., Qin, H.M., Wu, X.K., Yu, G.Z.: Investigating the effects of attack detection for in-vehicle networks based on clock drift of ECUs. IEEE Access 6, 49375–49384 (2018)
Amato, F., Coppolino, L., Mercaldo, F., Moscato, F., Nardone, R., Santone, A.: CAN-bus attack detection with deep learning. IEEE Trans. Intell. Transp. Syst. 22(8), 5081–5090 (2021)
Yang, Y.D., Xie, G.Q., Wang, J.L., Zhou, J., Xia, Z., Li, R.F.: Intrusion detection for in-vehicle network by using single GAN in connected vehicles. J. Circuit. Syst. Comput. 30(1), 2150007 (2021)
Mani, V.R.S., Saravanaselvan, A., Arumugam, N.: Performance comparison of CNN, QNN and BNN deep neural networks for real-time object detection using ZYNQ FPGA node. Microelectron. J. (2021). https://doi.org/10.1016/j.mejo.2021.105319
Jacinto, C., David, L., Lgnacio, A.-M., et al.: Anomaly detection in predictive maintenance: a new evaluation framework for temporal unsupervised anomaly detection algorithms. Neurocomputing 462, 440–452 (2021)
Acknowledgements
This work was supported by the the Young Scientists Fund of the National Natural Science Foundation of China under Grant 52102447, by the Research Fund Project of Beijing Information Science & Technology University under Grant 2023XJJ33.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all the authors, the corresponding author states that there is no conflict of interest.
Additional information
Academic Editor: Weichao Zhuang
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Ji, H., Wang, L., Qin, H. et al. In-Vehicle Network Injection Attacks Detection Based on Feature Selection and Classification. Automot. Innov. 7, 138–149 (2024). https://doi.org/10.1007/s42154-023-00273-w
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s42154-023-00273-w