Skip to main content
SpringerLink
Log in

Protecting Automotive Controller Area Network: A Review on Intrusion Detection Methods Using Machine Learning Algorithms

  • Chapter
  • First Online:
Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems

  • 407 Accesses

Abstract

To manage the future requirements for comfortable, safe, and low-carbon driving, the in-vehicle network is undergoing rapid developments. Despite the huge changes in its architecture, we claim that Controller Area Network (CAN), which is developed for more than 35 years, would continue to play a critical role in ensuring the safety of vehicles. However, its intrinsic vulnerability to cyber-attack becomes one of the biggest challenges since vehicles are no longer isolated. The intrusion detection approach draws much attention due to its simplicity and efficiency in protecting in-vehicle CAN bus. In this chapter, we first provide an introduction about how the in-vehicle network evolves. The critical role of CAN for current and future in-vehicle network is emphasized. Next, we describe intrusion detection approaches that exploit machine learning algorithms in detail. The introduction is taken from four aspects according to the domain knowledge of CAN used for intrusion detection methods, which are semantics-based methods, literal-based methods, timing-based methods, and signal characteristics-based methods respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 119.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Akowuah, F., Kong, F.: Physical invariant based attack detection for autonomous vehicles: Survey, vision, and challenges. In: 2021 Fourth international conference on connected and autonomous driving (MetroCAD), pp. 31–40. IEEE, Piscataway (2021)

    Google Scholar 

  2. Bakker, E., Nyborg, L., Pacejka, H.B.: Tyre modelling for use in vehicle dynamics studies. SAE Trans. 96, 190–204 (1987)

    Google Scholar 

  3. Cho, K.T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th USENIX conference on security symposium (USENIX Security), pp. 911–927. USENIX Association, Berkeley (2016)

    Google Scholar 

  4. Cho, K., Shin, K.G.: Viden: Attacker identification on in-vehicle networks. In: 2017 ACM conference on computer and communications security (CCS), pp. 1109–1123. ACM, New York (2017)

    Google Scholar 

  5. Cho, K.T., Shin, K.G., Park, T.: CPS approach to checking norm operation of a brake-by-wire system. In: ACM/IEEE sixth international conference on cyber-physical systems (ICCPS), pp. 41–50. ACM, New York (2015)

    Google Scholar 

  6. Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ecus using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Technol. 67(6), 4757–4770 (2018)

    Article  Google Scholar 

  7. Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: Voltageids: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forens. Secur. 13(8), 2114–2129 (2018)

    Article  Google Scholar 

  8. Di Natale, M., Zeng, H., Giusto, P., Ghosal, A.: Understanding and using the controller area network communication protocol: theory and practice. Springer Science & Business Media (2012)

    Google Scholar 

  9. Groza, B., Murvay, P.S.: Efficient intrusion detection with bloom filtering in controller area networks. IEEE Trans. Inf. Forens. Secur. 14(4), 1037–1051 (2018)

    Article  Google Scholar 

  10. Guo, F., Wang, Z., Du, S., Li, H., Zhu, H., Pei, Q., Cao, Z., Zhao, J.: Detecting vehicle anomaly in the edge via sensor consistency and frequency characteristic. IEEE Trans. Veh. Technol. 68(6), 5618–5628 (2019)

    Article  Google Scholar 

  11. He, T., Zhang, L., Kong, F., Salekin, A.: Exploring inherent sensor redundancy for automotive anomaly detection. In: 2020 57th ACM/IEEE design automation conference (DAC), pp. 1–6. IEEE, Piscataway (2020)

    Google Scholar 

  12. Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive can networks–practical examples and selected short-term countermeasures. In: International conference on computer safety, reliability, and security (SAFECOMP), pp. 235–248. Springer, Berlin, Heidelberg (2008)

    Google Scholar 

  13. Javed, A.R., Usman, M., Rehman, S.U., Khan, M.U., Haghighi, M.S.: Anomaly detection in automated vehicles using multistage attention-based convolutional neural network. IEEE Trans. Intell. Transp. Syst. 22(7), 4291–4300 (2020)

    Article  Google Scholar 

  14. Javed, A.R., Ur Rehman, S., Khan, M.U., Alazab, M., Reddy, T.: CANintelliiDS: detecting in-vehicle intrusion attacks on a controller area network using CNN and attention-based GRU. IEEE Trans. Netw. Sci. Eng. 8(2), 1456–1466 (2021)

    Article  Google Scholar 

  15. Kavousi-Fard, A., Dabbaghjamanesh, M., Jin, T., Su, W., Roustaei, M.: An evolutionary deep learning-based anomaly detection model for securing vehicles. IEEE Trans. Intell. Transp. Syst. 22(7), 4478–4486 (2020)

    Article  Google Scholar 

  16. Kneib, M., Huth, C.: Scission: signal characteristic-based sender identification and intrusion detection in automotive networks. In: ACM SIGSAC conference on computer and communications security (CCS), pp. 787–800. ACM, New York (2018)

    Google Scholar 

  17. Kneib, M., Schell, O., Huth, C.: EASI: Edge-based sender identification on resource-constrained platforms for automotive networks. In: The 2020 network and distributed system security symposium (NDSS), pp. 1–16. ISOC, San Diego (2020)

    Google Scholar 

  18. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: IEEE symposium on security and privacy (S&P), pp. 447–462. IEEE, Piscataway (2010)

    Google Scholar 

  19. Kulandaivel, S., Goyal, T., Agrawal, A.K., Sekar, V.: Canvas: fast and inexpensive automotive network mapping. In: The 28th USENIX conference on security symposium (USENIX Security), pp. 389–405. USENIX Association, Berkeley

    Google Scholar 

  20. Li, H., Zhao, L., Juliato, M., Ahmed, S., Sastry, M.R., Yang, L.L.: Poster: intrusion detection system for in-vehicle networks using sensor correlation and integration. In: The 2017 ACM SIGSAC conference on computer and communications security (CCS), pp. 2531–2533 (2017)

    Google Scholar 

  21. Longari, S., Valcarcel, D.H.N., Zago, M., Carminati, M., Zanero, S.: CANnolo: an anomaly detection system based on LSTM autoencoders for controller area network. IEEE Trans. Netw. Serv. Manag. 18(2), 1913–1924 (2020)

    Article  Google Scholar 

  22. Marchetti, M., Stabili, D.: Read: reverse engineering of automotive data frames. IEEE Trans. Inf. Forens. Secur. 14(4), 1083–1097 (2018)

    Article  Google Scholar 

  23. Murvay, P.S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)

    Article  Google Scholar 

  24. Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE intelligent vehicles symposium, pp. 1110–1115. IEEE, Piscataway (2011)

    Google Scholar 

  25. Olufowobi, H., Young, C., Zambreno, J., Bloom, G.: Saiducant: specification-based automotive intrusion detection using controller area network (CAN) timing. IEEE Trans. Veh. Technol. 69(2), 1484–1494 (2019)

    Article  Google Scholar 

  26. Song, H.M., Woo, J., Kim, H.K.: In-vehicle network intrusion detection using deep convolutional neural network. Veh. Commun. 21, 100198 (2020)

    Google Scholar 

  27. Suda, H., Natsui, M., Hanyu, T.: Systematic intrusion detection technique for an in-vehicle network based on time-series feature extraction. In: 2018 IEEE 48th international symposium on multiple-valued logic (ISMVL), pp. 56–61. IEEE (2018)

    Google Scholar 

  28. Sun, H., Chen, M., Weng, J., Liu, Z., Geng, G.: Anomaly detection for in-vehicle network using CNN-LSTM with attention mechanism. IEEE Trans. Veh. Technol. 70(10), 10880–10893 (2021)

    Article  Google Scholar 

  29. Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: 2016 IEEE international conference on data science and advanced analytics (DSAA), pp. 130–139. IEEE (2016)

    Google Scholar 

  30. Tomlinson, A., Bryans, J., Shaikh, S.A., Kalutarage, H.K.: Detection of automotive can cyber-attacks by identifying packet timing anomalies in time windows. In: 2018 48th Annual IEEE/IFIP international conference on dependable systems and networks workshops (DSN-W), pp. 231–238. IEEE (2018)

    Google Scholar 

  31. van Wyk, F., Wang, Y., Khojandi, A., Masoud, N.: Real-time sensor anomaly detection and identification in automated vehicles. IEEE Trans. Intell. Transp. Syst. 21(3), 1264–1276 (2020). https://doi.org/10.1109/TITS.2019.2906038

    Article  Google Scholar 

  32. Wang, R., Kong, F., Sudler, H., Jiao, X.: Brief industry paper: Hdad: hyperdimensional computing-based anomaly detection for automotive sensor attacks. In: 2021 IEEE 27th real-time and embedded technology and applications symposium (RTAS), pp. 461–464. IEEE (2021)

    Google Scholar 

  33. Wasicek, A., Pesé, M.D., Weimerskirch, A., Burakova, Y., Singh, K.: Context-aware intrusion detection in automotive control systems. In: 5th ESCAR USA conference, pp. 21–22 (2017)

    Google Scholar 

  34. Xie, G., Yang, L.T., Yang, Y., Luo, H., Li, R., Alazab, M.: Threat analysis for automotive can networks: a GAN model-based intrusion detection technique. IEEE Trans. Intell. Transp. Syst. 22(7), 4467–4477 (2021)

    Article  Google Scholar 

  35. Zeng, W., Khalid, M.A., Chowdhury, S.: In-vehicle networks outlook: achievements and challenges. IEEE Commun. Surv. Tutorials 18(3), 1552–1571 (2016)

    Article  Google Scholar 

  36. Zhao, Y., Xun, Y., Liu, J.: Clockids: A real-time vehicle intrusion detection system based on clock skew. IEEE Internet Things J. 9, 15593 (2022)

    Article  Google Scholar 

  37. Zhou, J., Joshi, P., Zeng, H., Li, R.: Btmonitor: bit-time-based intrusion detection and attacker identification in controller area network. ACM Trans. Embed. Comput. Syst. 18(6), 1 (2020)

    Article  Google Scholar 

  38. Zhou, J., Xie, G., Zeng, H., Zhang, W., Yang, L.T., Alazab, M., Li, R.: A model-based method for enabling source mapping and intrusion detection on proprietary can bus. IEEE Trans. Intell. Transp. Syst. (2022)

    Google Scholar 

  39. Zhu, K., Chen, Z., Peng, Y., Zhang, L.: Mobile edge assisted literal multi-dimensional anomaly detection of in-vehicle network using LSTM. IEEE Trans. Veh. Technol. 68(5), 4275–4284 (2019)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of New Networks, Peng Cheng Laboratory, Shenzhen, China

    Jia Zhou

  2. School of Computer Science and Technology, Harbin Institute of Technology, Harbin, China

    Weizhe Zhang

  3. Department of New Networks, Peng Cheng Laboratory, Shenzhen, China

    Weizhe Zhang

  4. Key Laboratory for Embedded and Network Computing of Hunan Province, College of Computer Science and Electronic Engineering, Hunan University, Changsha, China

    Guoqi Xie & Renfa Li

  5. Department of Computer Science, State University of New York, New Paltz, NY, USA

    Keqin Li

Authors
  1. Jia Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Weizhe Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guoqi Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Renfa Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Keqin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Weizhe Zhang .

Editor information

Editors and Affiliations

  1. NVIDIA, Santa Clara, CA, USA

    Vipin Kumar Kukkala

  2. Colorado State University, Fort Collins, CO, USA

    Sudeep Pasricha

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Zhou, J., Zhang, W., Xie, G., Li, R., Li, K. (2023). Protecting Automotive Controller Area Network: A Review on Intrusion Detection Methods Using Machine Learning Algorithms. In: Kukkala, V.K., Pasricha, S. (eds) Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-031-28016-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-28016-0_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-28015-3

  • Online ISBN: 978-3-031-28016-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation