Skip to main content
SpringerLink
Log in

Network Security Monitoring in Automotive Domain

  • Conference paper
  • First Online:
Advances in Information and Communication (FICC 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1129))

Included in the following conference series:

Abstract

With the development of autonomous vehicles, the networking of vehicles with their surroundings continues to increase. On the one hand, wireless interfaces enable vehicle owners to communicate with other vehicles or infrastructure to use new applications such as smart parking services in car parks. On the other hand, external communication interfaces impose vulnerabilities to vehicles that can be exploited by cyber threats. The worst case scenario would be that unauthorized persons remotely take control of driving functions. The development of suitable countermeasures is increasingly coming into the focus of industry and research. In addition to authentication and encryption algorithms for the CAN (Controller Area Network) bus system, methods for monitoring network security in vehicles, for example by means of intrusion detection systems, are a current field of research. At the moment, CAN is the most popular bus system in automotive in-vehicle communication, but new technologies such as Automotive Ethernet arise. Hence, security for modern vehicles has to deal with various bus systems inducing different challenges.

In this work, we introduce a classification of techniques to monitor vehicle communications for security purposes to the automotive domain. Typical security measures in enterprise information technology are systematically compared with the state of the art in vehicle security. Our work serves to identify open fields of research and to classify future work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. McCandless, D., Doughty-White, P., Quick, M.: Code bases: millions of lines of code (2015). http://www.informationisbeautiful.net/visualizations/million-lines-of-code/. 13 Sept 2019

  2. Charette, R.N.: This car runs on code. IEEE Spectr. (2009). https://spectrum.ieee.org/transportation/systems/this-car-runs-on-code. 13 Sept 2019

  3. Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing and sensors. IEEE Micro 33(1), 80–86 (2013)

    Article  Google Scholar 

  4. Hyundai Media Newsroom: How will the Internet of Things transform the car industry? Hyundai Media Newsroom (2017). https://www.hyundai.news/eu/technology/how-will-the-internet-of-things-transform-the-car-industry/. 13 Sept 2019

  5. PwC: The 2017 PwC’s strategy & digital auto report (2017). https://www.strategyand.pwc.com/media/file/2017-Strategyand-Digital-Auto-Report.pdf. 13 Sept 2019

  6. Coppola, R., Morisio, M.: Connected car. ACM Comput. Surv. 49(3), 1–36 (2016)

    Article  Google Scholar 

  7. Hartmann, F., Pistorius, F., Lauber, A., Hildenbrand, K., Becker, J., Stork, W.: Design of an embedded UWB hardware platform for navigation in GPS denied environments. In: 2015 IEEE Symposium on Communications and Vehicular Technology in the Benelux (SCVT), pp. 1–6. IEEE, Piscataway, NJ (2015)

    Google Scholar 

  8. Miller, C., Valasek, C.: A survey of remote automotive attack surfaces (2014). http://illmatics.com/remote%20attack%20surfaces.pdf. 13 Sept 2019

  9. Navale, V.M., Williams, K., Lagospiris, A., Schaffert, M., Schweiker, M.A.: (R)evolution of E/E architectures. SAE Int. J. Passeng. Cars Electron. Electr. Syst. 8(2), 282–288 (2015)

    Article  Google Scholar 

  10. National Highway Traffic Safety Administration: Cybersecurity Best Practices for Modern Vehicles (2016). https://www.nhtsa.gov/sites/nhtsa.dot.gov/files/documents/812333_cybersecurityformodernvehicles.pdf. 13 Sept 2019

  11. Weber, M., Pistorius, F., Sax, E., Maas, J., Zimmer, B.: A hybrid anomaly detection system for electronic control units featuring replicator neural networks. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) Advances in Information and Communication Networks, Advances in Intelligent Systems and Computing, vol. 887, pp. 43–62. Springer, Cham (2019)

    Chapter  Google Scholar 

  12. Hoppe, T., Kiltz, S., Dittmann, J.: Applying intrusion detection to automotive it-early insights and remaining challenges. J. Inf. Assur. Secur. (JIAS) 4(6), 226–235 (2009)

    Google Scholar 

  13. Hewlett Packard Enterprise: What is security monitoring - HPE definition glossary (2019). https://www.hpe.com/emea_europe/en/what-is/security-monitoring.html. 13 Sept 2019

  14. AUTOSAR Foundation: Specification of secure onboard communication. Document Identification No. 654 (2017)

    Google Scholar 

  15. Cisco Systems: Encrypted traffic analytics (2018). https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/enterprise-network-security/nb-09-encrytd-traf-anlytcs-wp-cte-en.pdf. 13 Sept 2019

  16. Zimmermann, W., Schmidgall, R.: Bus systeme in der Fahrzeugtechnik: Protokolle, Standards und Softwarearchitektur. ATZ/MTZ-Fachbuch, Springer Vieweg, Wiesbaden, 5., aktual. und erw. aufl. edn. (2014)

    Google Scholar 

  17. MOST Cooperation: MOST specification (2010). https://www.mostcooperation.com/publications/specifications-organizational-procedures/request-download/mostspecification-3v0e2pdf/. 13 Sept 2019

  18. IEEE Standards Association: ISO/IEC/IEEE International Standard - Part 3: Standard for Ethernet - Amendment 1: Physical Layer Specifications and Management Parameters for 100 Mb/s Operation over a Single Balanced Twisted Pair Cable (100BASE-T1), 8802-3:2017/Amd 1-2017 (2018)

    Google Scholar 

  19. ISO/IEC/IEEE: International Standard - Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 3: Standard for Ethernet Amendment 4: Physical Layer Specifications and Management Parameters for 1 Gb/s Operation over a Single Twisted-Pair Copper Cable, 8802-3:2017/Amd 4-2017 (2017)

    Google Scholar 

  20. IEEE Standards Association: Standard for Ethernet Physical Layer Specifications and Management Parameters for Greater Than 1 Gb/s Automotive Ethernet (scheduled for fall 2019), p802.3ch (2019). https://standards.ieee.org/project/802_3ch.html

  21. IEEE Standards Association: IEEE Draft Standard for Ethernet Amendment 5: Physical Layer Specifications and Management Parameters for 10 Mb/s Operation and Associated Power Delivery over a Single Balanced Pair of Conductors (scheduled for fall 2019), p802.3cg (2019). https://standards.ieee.org/project/802_3cg.html

  22. IEEE Standards Association: Timing and Synchronization for Time-Sensitive Applications in Bridged Local Area Networks, 802.1AS-2011 (2011). http://www.ieee802.org/1/pages/tsn.html

  23. AUTOSAR Foundation: SOME/IP protocol specification: release 1.1.0. document ID 696 (2017)

    Google Scholar 

  24. Object Management Group: Data Distribution Service (DDS): Version 1.4 (2015). http://www.omg.org/spec/DDS/1.4. 13 Sept 2019

  25. AUTOSAR Foundation: AUTOSAR - AUTomotive Open System ARchitecture (2003). https://www.autosar.org/. 13. Sept 2019

  26. GENIVI Alliance: GENIVI open source platform (2009). https://www.genivi.org/. 13 Sept 2019

  27. Navet, N., Simonot-Lion, F.: Automotive Embedded Systems Handbook, 1st edn. CRC Press Inc., Boca Raton (2008)

    Google Scholar 

  28. Cisco Networking Academy: Connecting Networks Companion Guide, 1st edn. Cisco Press, Indianapolis (2014)

    Google Scholar 

  29. Cisco Systems: Campus LAN and Wireless LAN Design Guide (2018). https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Campus-LAN-WLAN-Design-Guide-2018JAN.pdf. 13 Sept 2019

  30. Combs, G.: Wireshark (1998). https://www.wireshark.org/. 13 Sept 2019

  31. Claise, B.: Cisco system NetFlow services export Version 9 (2004). https://rfc-editor.org/rfc/rfc3954.txt. 13 Sept 2019

  32. Quittek, J.: Requirements for IP flow information export (IPFIX) (2004). https://www.rfc-editor.org/rfc/rfc3917.txt. 13 Sept 2019

  33. Roesch, M.: Snort - lightweight intrusion detection for networks. In: LISA 1999: Proceedings of the 13th USENIX Conference on System Administration, vol. 132, p. 411. USENIX Association, Berkeley, CA, USA (1999)

    Google Scholar 

  34. Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23–24), 2435–2463 (1999)

    Article  Google Scholar 

  35. Daniel, B.: Cid: OSSEC - open source HIDS SECurity. https://www.ossec.net/docs/manual/ossec-architecture.html. 13 Sept 2019

  36. Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE Intelligent Vehicles Symposium (IV), 5–9 June 2011, Baden-Baden, Germany, pp. 1110–1115. IEEE, Piscataway, NJ (2011)

    Google Scholar 

  37. Stabili, D., Marchetti, M., Colajanni, M.: Detecting attacks to internal vehicle networks through Hamming distance. In: Infrastructures for Energy and ICT: Opportunities for Fostering Innovation, pp. 1–6. IEEE, Piscataway, NJ (2017)

    Google Scholar 

  38. Taylor, A., Japkowicz, N., Leblanc, S.: Frequency-based anomaly detection for the automotive CAN bus. In: 2015 World Congress on Industrial Control Systems Security (WCICSS), pp. 45–49. IEEE, Piscataway, NJ (2015)

    Google Scholar 

  39. Weber, M., Klug, S., Sax, E., Zimmer, B.: Embedded hybrid anomaly detection for automotive CAN communication. In: Proceedings of the 9th European Congress on Embedded Real Time Software and Systems, ERTS\(^2\) 2018, Toulouse, France, 31st January–2nd February 2018, pp. 1–10 (2018)

    Google Scholar 

  40. Cho, K.T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th 5USENIX6 Security Symposium (5USENIX6 Security 16), pp. 911–927 (2016)

    Google Scholar 

  41. Cho, K.T., Shin, K.G.: Viden: attacker identification on in-vehicle networks. In: Thuraisingham, B. (ed.) CCS 2017, pp. 1109–1123. Association for Computing Machinery, New York, NY (2017)

    Google Scholar 

  42. Haga, T., Takahashi, R., Sasaki, T., Kishikawa, T., Tsurumi, J., Matsushima, H.: Automotive SIEM and anomaly detection using sand-sprinkled isolation forest. escar Europe (2017)

    Google Scholar 

  43. Grimm, D., Weber, M., Sax, E.: An extended hybrid anomaly detection system for automotive electronic control units communicating via ethernet efficient and effective analysis using a specification- and machine learning-based approach. In: Helfert, M., Gusikhin, O. (eds.) VEHITS 2018, vol. 2018-March. SCITEPRESS - Science and Technology Publications Lda, Setúbal, Portugal (2018)

    Google Scholar 

  44. Argus Cyber Security: Argus Solution Suites (2019). https://argus-sec.com/de/argus-solution-suites/. 13 Sept 2019

  45. Arilou Technologies Ltd.: Solutions - Arilou. https://ariloutech.com/solutions/. 13 Sept 2019

  46. Berlin, O., Held, A., Matousek, M., Kargl, F.: POSTER: anomaly-based misbehaviour detection in connected car backends. In: IEEE Vehicular Networking Conference, VNC, pp. 1–2 (2017)

    Google Scholar 

  47. Collins, M.: Network Security Through Data Analysis: Building Situational Awareness, 1 Million Log Records at a Time. O’Reilly, Beijing (2014)

    Google Scholar 

  48. Sanders, C.: Applied Network Security Monitoring: Collection, Detection, and Analysis. Syngress an Imprint of Elsevier, Waltham (2014)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Information Processing Technologies, Karlsruhe Institute of Technology, Engesserstr. 5, 76131, Karlsruhe, Germany

    Daniel Grimm, Felix Pistorius & Eric Sax

Authors
  1. Daniel Grimm
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Felix Pistorius
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Eric Sax
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniel Grimm .

Editor information

Editors and Affiliations

  1. Faculty of Science and Engineering, Saga University, Saga, Japan

    Kohei Arai

  2. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Supriya Kapoor

  3. The Science and Information (SAI) Organization, Bradford, West Yorkshire, UK

    Rahul Bhatia

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Grimm, D., Pistorius, F., Sax, E. (2020). Network Security Monitoring in Automotive Domain. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Advances in Information and Communication. FICC 2020. Advances in Intelligent Systems and Computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_57

Download citation

Publish with us

Policies and ethics

Search

Navigation