Abstract
With the development of autonomous vehicles, the networking of vehicles with their surroundings continues to increase. On the one hand, wireless interfaces enable vehicle owners to communicate with other vehicles or infrastructure to use new applications such as smart parking services in car parks. On the other hand, external communication interfaces impose vulnerabilities to vehicles that can be exploited by cyber threats. The worst case scenario would be that unauthorized persons remotely take control of driving functions. The development of suitable countermeasures is increasingly coming into the focus of industry and research. In addition to authentication and encryption algorithms for the CAN (Controller Area Network) bus system, methods for monitoring network security in vehicles, for example by means of intrusion detection systems, are a current field of research. At the moment, CAN is the most popular bus system in automotive in-vehicle communication, but new technologies such as Automotive Ethernet arise. Hence, security for modern vehicles has to deal with various bus systems inducing different challenges.
In this work, we introduce a classification of techniques to monitor vehicle communications for security purposes to the automotive domain. Typical security measures in enterprise information technology are systematically compared with the state of the art in vehicle security. Our work serves to identify open fields of research and to classify future work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
McCandless, D., Doughty-White, P., Quick, M.: Code bases: millions of lines of code (2015). http://www.informationisbeautiful.net/visualizations/million-lines-of-code/. 13 Sept 2019
Charette, R.N.: This car runs on code. IEEE Spectr. (2009). https://spectrum.ieee.org/transportation/systems/this-car-runs-on-code. 13 Sept 2019
Wyglinski, A.M., Huang, X., Padir, T., Lai, L., Eisenbarth, T.R., Venkatasubramanian, K.: Security of autonomous systems employing embedded computing and sensors. IEEE Micro 33(1), 80–86 (2013)
Hyundai Media Newsroom: How will the Internet of Things transform the car industry? Hyundai Media Newsroom (2017). https://www.hyundai.news/eu/technology/how-will-the-internet-of-things-transform-the-car-industry/. 13 Sept 2019
PwC: The 2017 PwC’s strategy & digital auto report (2017). https://www.strategyand.pwc.com/media/file/2017-Strategyand-Digital-Auto-Report.pdf. 13 Sept 2019
Coppola, R., Morisio, M.: Connected car. ACM Comput. Surv. 49(3), 1–36 (2016)
Hartmann, F., Pistorius, F., Lauber, A., Hildenbrand, K., Becker, J., Stork, W.: Design of an embedded UWB hardware platform for navigation in GPS denied environments. In: 2015 IEEE Symposium on Communications and Vehicular Technology in the Benelux (SCVT), pp. 1–6. IEEE, Piscataway, NJ (2015)
Miller, C., Valasek, C.: A survey of remote automotive attack surfaces (2014). http://illmatics.com/remote%20attack%20surfaces.pdf. 13 Sept 2019
Navale, V.M., Williams, K., Lagospiris, A., Schaffert, M., Schweiker, M.A.: (R)evolution of E/E architectures. SAE Int. J. Passeng. Cars Electron. Electr. Syst. 8(2), 282–288 (2015)
National Highway Traffic Safety Administration: Cybersecurity Best Practices for Modern Vehicles (2016). https://www.nhtsa.gov/sites/nhtsa.dot.gov/files/documents/812333_cybersecurityformodernvehicles.pdf. 13 Sept 2019
Weber, M., Pistorius, F., Sax, E., Maas, J., Zimmer, B.: A hybrid anomaly detection system for electronic control units featuring replicator neural networks. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) Advances in Information and Communication Networks, Advances in Intelligent Systems and Computing, vol. 887, pp. 43–62. Springer, Cham (2019)
Hoppe, T., Kiltz, S., Dittmann, J.: Applying intrusion detection to automotive it-early insights and remaining challenges. J. Inf. Assur. Secur. (JIAS) 4(6), 226–235 (2009)
Hewlett Packard Enterprise: What is security monitoring - HPE definition glossary (2019). https://www.hpe.com/emea_europe/en/what-is/security-monitoring.html. 13 Sept 2019
AUTOSAR Foundation: Specification of secure onboard communication. Document Identification No. 654 (2017)
Cisco Systems: Encrypted traffic analytics (2018). https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/enterprise-network-security/nb-09-encrytd-traf-anlytcs-wp-cte-en.pdf. 13 Sept 2019
Zimmermann, W., Schmidgall, R.: Bus systeme in der Fahrzeugtechnik: Protokolle, Standards und Softwarearchitektur. ATZ/MTZ-Fachbuch, Springer Vieweg, Wiesbaden, 5., aktual. und erw. aufl. edn. (2014)
MOST Cooperation: MOST specification (2010). https://www.mostcooperation.com/publications/specifications-organizational-procedures/request-download/mostspecification-3v0e2pdf/. 13 Sept 2019
IEEE Standards Association: ISO/IEC/IEEE International Standard - Part 3: Standard for Ethernet - Amendment 1: Physical Layer Specifications and Management Parameters for 100 Mb/s Operation over a Single Balanced Twisted Pair Cable (100BASE-T1), 8802-3:2017/Amd 1-2017 (2018)
ISO/IEC/IEEE: International Standard - Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part 3: Standard for Ethernet Amendment 4: Physical Layer Specifications and Management Parameters for 1 Gb/s Operation over a Single Twisted-Pair Copper Cable, 8802-3:2017/Amd 4-2017 (2017)
IEEE Standards Association: Standard for Ethernet Physical Layer Specifications and Management Parameters for Greater Than 1 Gb/s Automotive Ethernet (scheduled for fall 2019), p802.3ch (2019). https://standards.ieee.org/project/802_3ch.html
IEEE Standards Association: IEEE Draft Standard for Ethernet Amendment 5: Physical Layer Specifications and Management Parameters for 10 Mb/s Operation and Associated Power Delivery over a Single Balanced Pair of Conductors (scheduled for fall 2019), p802.3cg (2019). https://standards.ieee.org/project/802_3cg.html
IEEE Standards Association: Timing and Synchronization for Time-Sensitive Applications in Bridged Local Area Networks, 802.1AS-2011 (2011). http://www.ieee802.org/1/pages/tsn.html
AUTOSAR Foundation: SOME/IP protocol specification: release 1.1.0. document ID 696 (2017)
Object Management Group: Data Distribution Service (DDS): Version 1.4 (2015). http://www.omg.org/spec/DDS/1.4. 13 Sept 2019
AUTOSAR Foundation: AUTOSAR - AUTomotive Open System ARchitecture (2003). https://www.autosar.org/. 13. Sept 2019
GENIVI Alliance: GENIVI open source platform (2009). https://www.genivi.org/. 13 Sept 2019
Navet, N., Simonot-Lion, F.: Automotive Embedded Systems Handbook, 1st edn. CRC Press Inc., Boca Raton (2008)
Cisco Networking Academy: Connecting Networks Companion Guide, 1st edn. Cisco Press, Indianapolis (2014)
Cisco Systems: Campus LAN and Wireless LAN Design Guide (2018). https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Campus-LAN-WLAN-Design-Guide-2018JAN.pdf. 13 Sept 2019
Combs, G.: Wireshark (1998). https://www.wireshark.org/. 13 Sept 2019
Claise, B.: Cisco system NetFlow services export Version 9 (2004). https://rfc-editor.org/rfc/rfc3954.txt. 13 Sept 2019
Quittek, J.: Requirements for IP flow information export (IPFIX) (2004). https://www.rfc-editor.org/rfc/rfc3917.txt. 13 Sept 2019
Roesch, M.: Snort - lightweight intrusion detection for networks. In: LISA 1999: Proceedings of the 13th USENIX Conference on System Administration, vol. 132, p. 411. USENIX Association, Berkeley, CA, USA (1999)
Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23–24), 2435–2463 (1999)
Daniel, B.: Cid: OSSEC - open source HIDS SECurity. https://www.ossec.net/docs/manual/ossec-architecture.html. 13 Sept 2019
Muter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE Intelligent Vehicles Symposium (IV), 5–9 June 2011, Baden-Baden, Germany, pp. 1110–1115. IEEE, Piscataway, NJ (2011)
Stabili, D., Marchetti, M., Colajanni, M.: Detecting attacks to internal vehicle networks through Hamming distance. In: Infrastructures for Energy and ICT: Opportunities for Fostering Innovation, pp. 1–6. IEEE, Piscataway, NJ (2017)
Taylor, A., Japkowicz, N., Leblanc, S.: Frequency-based anomaly detection for the automotive CAN bus. In: 2015 World Congress on Industrial Control Systems Security (WCICSS), pp. 45–49. IEEE, Piscataway, NJ (2015)
Weber, M., Klug, S., Sax, E., Zimmer, B.: Embedded hybrid anomaly detection for automotive CAN communication. In: Proceedings of the 9th European Congress on Embedded Real Time Software and Systems, ERTS\(^2\) 2018, Toulouse, France, 31st January–2nd February 2018, pp. 1–10 (2018)
Cho, K.T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th 5USENIX6 Security Symposium (5USENIX6 Security 16), pp. 911–927 (2016)
Cho, K.T., Shin, K.G.: Viden: attacker identification on in-vehicle networks. In: Thuraisingham, B. (ed.) CCS 2017, pp. 1109–1123. Association for Computing Machinery, New York, NY (2017)
Haga, T., Takahashi, R., Sasaki, T., Kishikawa, T., Tsurumi, J., Matsushima, H.: Automotive SIEM and anomaly detection using sand-sprinkled isolation forest. escar Europe (2017)
Grimm, D., Weber, M., Sax, E.: An extended hybrid anomaly detection system for automotive electronic control units communicating via ethernet efficient and effective analysis using a specification- and machine learning-based approach. In: Helfert, M., Gusikhin, O. (eds.) VEHITS 2018, vol. 2018-March. SCITEPRESS - Science and Technology Publications Lda, Setúbal, Portugal (2018)
Argus Cyber Security: Argus Solution Suites (2019). https://argus-sec.com/de/argus-solution-suites/. 13 Sept 2019
Arilou Technologies Ltd.: Solutions - Arilou. https://ariloutech.com/solutions/. 13 Sept 2019
Berlin, O., Held, A., Matousek, M., Kargl, F.: POSTER: anomaly-based misbehaviour detection in connected car backends. In: IEEE Vehicular Networking Conference, VNC, pp. 1–2 (2017)
Collins, M.: Network Security Through Data Analysis: Building Situational Awareness, 1 Million Log Records at a Time. O’Reilly, Beijing (2014)
Sanders, C.: Applied Network Security Monitoring: Collection, Detection, and Analysis. Syngress an Imprint of Elsevier, Waltham (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Grimm, D., Pistorius, F., Sax, E. (2020). Network Security Monitoring in Automotive Domain. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Advances in Information and Communication. FICC 2020. Advances in Intelligent Systems and Computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_57
Download citation
DOI: https://doi.org/10.1007/978-3-030-39445-5_57
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39444-8
Online ISBN: 978-3-030-39445-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)