Abstract
Growing connectivity of vehicles induces increasing attack surfaces and thus the demand for a sophisticated security strategy. One part of such a strategy is to accurately detect intrusive behavior in an in-vehicle network. Therefore, we built a log analyzer in C that focused on payload bytes having either a small set of different values or a small set of possible changes. While being an order of magnitude faster, the accuracy of the results obtained is at least comparable with results obtained using standard machine learning techniques. Thus, this approach is an interesting option for implementation within in-vehicle embedded systems. Another important aspect is that the explainability of the results is better compared to deep learning systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Jarrah, O.Y., Maple, C., Dianati, M., Oxtoby, D., Mouzakitis, A.: Intrusion detection systems for intra-vehicle networks: a review. IEEE Access 7, 21266–21289 (2019). https://doi.org/10.1109/ACCESS.2019.2894183
Berger, I., Rieke, R., Kolomeets, M., Chechulin, A., Kotenko, I.: Comparative study of machine learning methods for in-vehicle intrusion detection. In: Computer Security. ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, 6–7 September 2018, Revised selected papers. Lecture Notes in Computer Science, vol. 11387, pp. 85–101. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12786-2_6
Cho, K., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: Holz, T., Savage, S. (eds.) 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, 10–12 August 2016, pp. 911–927. USENIX Association (2016)
Chockalingam, V., Larson, I., Lin, D., Nofzinger, S.: Detecting attacks on the CAN protocol with machine learning (2016)
Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: VoltageIDS: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forensics Secur. 13(8), 2114–2129 (2018)
ENISA: cyber security and resilience of smart cars. Tech. rep. ENISA (2016). https://doi.org/10.2824/87614
Hacking and Countermeasure Research Lab (HCRL): Car-Hacking Dataset for the intrusion detection (2018). http://ocslab.hksecurity.net/Datasets/CAN-intrusion-dataset. Accessed 28 Jun 2018
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks - practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96, 11–25 (2011)
Kang, M.J., Kang, J.W.: A novel intrusion detection method using deep neural network for in-vehicle network security. In: 2016 IEEE 83rd Vehicular Technology Conference (VTC Spring) (2016)
Lai, L., Suda, N., Chandra, V.: CMSIS-NN: efficient neural network kernels for arm cortex-M CPUS. CoRR abs/1801.06601 (2018). http://arxiv.org/abs/1801.06601
Larson, U.E., Nilsson, D.K., Jonsson, E.: An approach to specification-based attack detection for in-vehicle networks. In: Intelligent Vehicles Symposium 2008, pp. 220–225. IEEE (2008)
Levi, M., Allouche, Y., Kontorovich, A.: Advanced analytics for connected cars cyber security. CoRR abs/1711.01939 (2017)
Marchetti, M., Stabili, D.: Anomaly detection of CAN bus messages through analysis of id sequences. In: 2017 IEEE Intelligent Vehicles Symposium (IV), pp. 1577–1583 (2017)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Tech. rep. IOActive Labs (2015)
Müller-Quade, J., et al.: Cybersecurity research: challenges and course of action. Tech. rep. Karlsruher Institut für Technologie (KIT) (2019). https://doi.org/10.5445/IR/1000090060
Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: 2011 IEEE Intelligent Vehicles Symposium (IV), pp. 1110–1115 (2011)
Narayanan, S.N., Mittal, S., Joshi, A.: OBD securealert: an anomaly detection system for vehicles. In: IEEE Workshop on Smart Service Systems (SmartSys 2016) (2016)
Rieke, R., Seidemann, M., Talla, E.K., Zelle, D., Seeger, B.: Behavior analysis for safety and security in automotive systems. In: 25nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) 2017, pp. 381–385. IEEE Computer Society (2017)
Song, H., Kim, H., Kim, H.: Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network, March 2016, vol. 2016, pp. 63–68. IEEE Computer Society (2016)
Studnia, I., Alata, E., Nicomette, V., Kaâniche, M., Laarouchi, Y.: A language-based intrusion detection approach for automotive embedded networks. In: The 21st IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2015) (2014)
Studnia, I., Nicomette, V., Alata, E., Deswarte, Y., Kaâniche, M., Laarouchi, Y.: Security of embedded automotive networks: state of the art and a research proposal. In: Roy, M. (ed.) SAFECOMP 2013 - Workshop CARS of the 32nd International Conference on Computer Safety, Reliability and Security (2013)
Taylor, A., Leblanc, S.P., Japkowicz, N.: Probing the limits of anomaly detectors for automobiles with a cyber attack framework. IEEE Intell. Syst. PP(99), 1 (2018)
Theissler, A.: Anomaly detection in recordings from in-vehicle networks. In: Proceedings of Big Data Applications and Principles First International Workshop, 11–12 September 2014, BIGDAP 2014, Madrid, Spain (2014)
Wei, Z., Yang, Y., Rehana, Y., Wu, Y., Weng, J., Deng, R.H.: IoVShield: an efficient vehicular intrusion detection system for self-driving (short paper), pp. 638–647. Springer International Publishing, Cham (2017)
Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. In: Proceedings of the Workshop on Embedded Security in Cars, July 2004, pp. 1–13 (2004)
Acknowledgement
This research is partially supported by the German Federal Ministry of Education and Research in the context of the project VITAF (ID 16KIS0835).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Chevalier, Y., Rieke, R., Fenzl, F., Chechulin, A., Kotenko, I. (2020). ECU-Secure: Characteristic Functions for In-Vehicle Intrusion Detection. In: Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., Ivanovic, M. (eds) Intelligent Distributed Computing XIII. IDC 2019. Studies in Computational Intelligence, vol 868. Springer, Cham. https://doi.org/10.1007/978-3-030-32258-8_58
Download citation
DOI: https://doi.org/10.1007/978-3-030-32258-8_58
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-32257-1
Online ISBN: 978-3-030-32258-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)