Abstract
To manage the future requirements for comfortable, safe, and low-carbon driving, the in-vehicle network is undergoing rapid developments. Despite the huge changes in its architecture, we claim that Controller Area Network (CAN), which is developed for more than 35 years, would continue to play a critical role in ensuring the safety of vehicles. However, its intrinsic vulnerability to cyber-attack becomes one of the biggest challenges since vehicles are no longer isolated. The intrusion detection approach draws much attention due to its simplicity and efficiency in protecting in-vehicle CAN bus. In this chapter, we first provide an introduction about how the in-vehicle network evolves. The critical role of CAN for current and future in-vehicle network is emphasized. Next, we describe intrusion detection approaches that exploit machine learning algorithms in detail. The introduction is taken from four aspects according to the domain knowledge of CAN used for intrusion detection methods, which are semantics-based methods, literal-based methods, timing-based methods, and signal characteristics-based methods respectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Akowuah, F., Kong, F.: Physical invariant based attack detection for autonomous vehicles: Survey, vision, and challenges. In: 2021 Fourth international conference on connected and autonomous driving (MetroCAD), pp. 31–40. IEEE, Piscataway (2021)
Bakker, E., Nyborg, L., Pacejka, H.B.: Tyre modelling for use in vehicle dynamics studies. SAE Trans. 96, 190–204 (1987)
Cho, K.T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th USENIX conference on security symposium (USENIX Security), pp. 911–927. USENIX Association, Berkeley (2016)
Cho, K., Shin, K.G.: Viden: Attacker identification on in-vehicle networks. In: 2017 ACM conference on computer and communications security (CCS), pp. 1109–1123. ACM, New York (2017)
Cho, K.T., Shin, K.G., Park, T.: CPS approach to checking norm operation of a brake-by-wire system. In: ACM/IEEE sixth international conference on cyber-physical systems (ICCPS), pp. 41–50. ACM, New York (2015)
Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ecus using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Technol. 67(6), 4757–4770 (2018)
Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: Voltageids: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forens. Secur. 13(8), 2114–2129 (2018)
Di Natale, M., Zeng, H., Giusto, P., Ghosal, A.: Understanding and using the controller area network communication protocol: theory and practice. Springer Science & Business Media (2012)
Groza, B., Murvay, P.S.: Efficient intrusion detection with bloom filtering in controller area networks. IEEE Trans. Inf. Forens. Secur. 14(4), 1037–1051 (2018)
Guo, F., Wang, Z., Du, S., Li, H., Zhu, H., Pei, Q., Cao, Z., Zhao, J.: Detecting vehicle anomaly in the edge via sensor consistency and frequency characteristic. IEEE Trans. Veh. Technol. 68(6), 5618–5628 (2019)
He, T., Zhang, L., Kong, F., Salekin, A.: Exploring inherent sensor redundancy for automotive anomaly detection. In: 2020 57th ACM/IEEE design automation conference (DAC), pp. 1–6. IEEE, Piscataway (2020)
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive can networks–practical examples and selected short-term countermeasures. In: International conference on computer safety, reliability, and security (SAFECOMP), pp. 235–248. Springer, Berlin, Heidelberg (2008)
Javed, A.R., Usman, M., Rehman, S.U., Khan, M.U., Haghighi, M.S.: Anomaly detection in automated vehicles using multistage attention-based convolutional neural network. IEEE Trans. Intell. Transp. Syst. 22(7), 4291–4300 (2020)
Javed, A.R., Ur Rehman, S., Khan, M.U., Alazab, M., Reddy, T.: CANintelliiDS: detecting in-vehicle intrusion attacks on a controller area network using CNN and attention-based GRU. IEEE Trans. Netw. Sci. Eng. 8(2), 1456–1466 (2021)
Kavousi-Fard, A., Dabbaghjamanesh, M., Jin, T., Su, W., Roustaei, M.: An evolutionary deep learning-based anomaly detection model for securing vehicles. IEEE Trans. Intell. Transp. Syst. 22(7), 4478–4486 (2020)
Kneib, M., Huth, C.: Scission: signal characteristic-based sender identification and intrusion detection in automotive networks. In: ACM SIGSAC conference on computer and communications security (CCS), pp. 787–800. ACM, New York (2018)
Kneib, M., Schell, O., Huth, C.: EASI: Edge-based sender identification on resource-constrained platforms for automotive networks. In: The 2020 network and distributed system security symposium (NDSS), pp. 1–16. ISOC, San Diego (2020)
Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: IEEE symposium on security and privacy (S&P), pp. 447–462. IEEE, Piscataway (2010)
Kulandaivel, S., Goyal, T., Agrawal, A.K., Sekar, V.: Canvas: fast and inexpensive automotive network mapping. In: The 28th USENIX conference on security symposium (USENIX Security), pp. 389–405. USENIX Association, Berkeley
Li, H., Zhao, L., Juliato, M., Ahmed, S., Sastry, M.R., Yang, L.L.: Poster: intrusion detection system for in-vehicle networks using sensor correlation and integration. In: The 2017 ACM SIGSAC conference on computer and communications security (CCS), pp. 2531–2533 (2017)
Longari, S., Valcarcel, D.H.N., Zago, M., Carminati, M., Zanero, S.: CANnolo: an anomaly detection system based on LSTM autoencoders for controller area network. IEEE Trans. Netw. Serv. Manag. 18(2), 1913–1924 (2020)
Marchetti, M., Stabili, D.: Read: reverse engineering of automotive data frames. IEEE Trans. Inf. Forens. Secur. 14(4), 1083–1097 (2018)
Murvay, P.S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)
Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: IEEE intelligent vehicles symposium, pp. 1110–1115. IEEE, Piscataway (2011)
Olufowobi, H., Young, C., Zambreno, J., Bloom, G.: Saiducant: specification-based automotive intrusion detection using controller area network (CAN) timing. IEEE Trans. Veh. Technol. 69(2), 1484–1494 (2019)
Song, H.M., Woo, J., Kim, H.K.: In-vehicle network intrusion detection using deep convolutional neural network. Veh. Commun. 21, 100198 (2020)
Suda, H., Natsui, M., Hanyu, T.: Systematic intrusion detection technique for an in-vehicle network based on time-series feature extraction. In: 2018 IEEE 48th international symposium on multiple-valued logic (ISMVL), pp. 56–61. IEEE (2018)
Sun, H., Chen, M., Weng, J., Liu, Z., Geng, G.: Anomaly detection for in-vehicle network using CNN-LSTM with attention mechanism. IEEE Trans. Veh. Technol. 70(10), 10880–10893 (2021)
Taylor, A., Leblanc, S., Japkowicz, N.: Anomaly detection in automobile control network data with long short-term memory networks. In: 2016 IEEE international conference on data science and advanced analytics (DSAA), pp. 130–139. IEEE (2016)
Tomlinson, A., Bryans, J., Shaikh, S.A., Kalutarage, H.K.: Detection of automotive can cyber-attacks by identifying packet timing anomalies in time windows. In: 2018 48th Annual IEEE/IFIP international conference on dependable systems and networks workshops (DSN-W), pp. 231–238. IEEE (2018)
van Wyk, F., Wang, Y., Khojandi, A., Masoud, N.: Real-time sensor anomaly detection and identification in automated vehicles. IEEE Trans. Intell. Transp. Syst. 21(3), 1264–1276 (2020). https://doi.org/10.1109/TITS.2019.2906038
Wang, R., Kong, F., Sudler, H., Jiao, X.: Brief industry paper: Hdad: hyperdimensional computing-based anomaly detection for automotive sensor attacks. In: 2021 IEEE 27th real-time and embedded technology and applications symposium (RTAS), pp. 461–464. IEEE (2021)
Wasicek, A., Pesé, M.D., Weimerskirch, A., Burakova, Y., Singh, K.: Context-aware intrusion detection in automotive control systems. In: 5th ESCAR USA conference, pp. 21–22 (2017)
Xie, G., Yang, L.T., Yang, Y., Luo, H., Li, R., Alazab, M.: Threat analysis for automotive can networks: a GAN model-based intrusion detection technique. IEEE Trans. Intell. Transp. Syst. 22(7), 4467–4477 (2021)
Zeng, W., Khalid, M.A., Chowdhury, S.: In-vehicle networks outlook: achievements and challenges. IEEE Commun. Surv. Tutorials 18(3), 1552–1571 (2016)
Zhao, Y., Xun, Y., Liu, J.: Clockids: A real-time vehicle intrusion detection system based on clock skew. IEEE Internet Things J. 9, 15593 (2022)
Zhou, J., Joshi, P., Zeng, H., Li, R.: Btmonitor: bit-time-based intrusion detection and attacker identification in controller area network. ACM Trans. Embed. Comput. Syst. 18(6), 1 (2020)
Zhou, J., Xie, G., Zeng, H., Zhang, W., Yang, L.T., Alazab, M., Li, R.: A model-based method for enabling source mapping and intrusion detection on proprietary can bus. IEEE Trans. Intell. Transp. Syst. (2022)
Zhu, K., Chen, Z., Peng, Y., Zhang, L.: Mobile edge assisted literal multi-dimensional anomaly detection of in-vehicle network using LSTM. IEEE Trans. Veh. Technol. 68(5), 4275–4284 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Zhou, J., Zhang, W., Xie, G., Li, R., Li, K. (2023). Protecting Automotive Controller Area Network: A Review on Intrusion Detection Methods Using Machine Learning Algorithms. In: Kukkala, V.K., Pasricha, S. (eds) Machine Learning and Optimization Techniques for Automotive Cyber-Physical Systems. Springer, Cham. https://doi.org/10.1007/978-3-031-28016-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-28016-0_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28015-3
Online ISBN: 978-3-031-28016-0
eBook Packages: EngineeringEngineering (R0)