Intrusion detection on the in-vehicle network using machine learning

Controller Area Network (CAN) is a protocol for the in-vehicle network that connects microcontrollers called Electronic Control Units (ECUs) and other components in a vehicle so that they may communicate among themselves and control the operations of the vehicle. The CAN protocol was initially...

全面介紹

Saved in:
書目詳細資料
Main Authors: Sharmin, Shaila, Mansor, Hafizah
格式: Conference or Workshop Item
語言:English
English
出版: Institute of Electrical and Electronics Engineers Inc. 2021
主題:
在線閱讀:http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf
http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf
http://irep.iium.edu.my/91691/
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
id my.iium.irep.91691
record_format dspace
spelling my.iium.irep.916912021-09-08T09:46:19Z http://irep.iium.edu.my/91691/ Intrusion detection on the in-vehicle network using machine learning Sharmin, Shaila Mansor, Hafizah T10.5 Communication of technical information T175 Industrial research. Research and development Controller Area Network (CAN) is a protocol for the in-vehicle network that connects microcontrollers called Electronic Control Units (ECUs) and other components in a vehicle so that they may communicate among themselves and control the operations of the vehicle. The CAN protocol was initially not designed with security in mind, but as modern vehicles are increasingly becoming connected to the outside world through wired and wireless interfaces, the CAN bus has become susceptible to intrusions and attacks such as message injection, replay attacks, denial of service (DoS) attacks, and eavesdropping. This paper presents an intrusion detection method based on the Isolation Forest (iForest) algorithm that detects message insertion attacks using message timing information. The resulting intrusion detection system benefits from the linear time complexity and low memory requirement of the iForest algorithm, as well as the ability to train the classifier with only a small sample of normal CAN traffic. The usage of only timing information for intrusion detection makes it a vehicle-agnostic method that does not rely on the message content, which is often proprietary and confidential information. The intrusion detection system was trained with normal CAN traffic trace and tested with two spoof attack CAN datasets. The high values obtained for the Area Under Curve (AUC) measure in the two cases, 0.966 and 0.974, indicated the effectiveness of this approach for intrusion detection Institute of Electrical and Electronics Engineers Inc. 2021 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf application/pdf en http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf Sharmin, Shaila and Mansor, Hafizah (2021) Intrusion detection on the in-vehicle network using machine learning. In: 2021 3rd International Cyber Resilience Conference (CRC 2021), Virtual. 10.1109/CRC50527.2021.9392627
institution Universiti Islam Antarabangsa Malaysia
building IIUM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider International Islamic University Malaysia
content_source IIUM Repository (IREP)
url_provider http://irep.iium.edu.my/
language English
English
topic T10.5 Communication of technical information
T175 Industrial research. Research and development
spellingShingle T10.5 Communication of technical information
T175 Industrial research. Research and development
Sharmin, Shaila
Mansor, Hafizah
Intrusion detection on the in-vehicle network using machine learning
description Controller Area Network (CAN) is a protocol for the in-vehicle network that connects microcontrollers called Electronic Control Units (ECUs) and other components in a vehicle so that they may communicate among themselves and control the operations of the vehicle. The CAN protocol was initially not designed with security in mind, but as modern vehicles are increasingly becoming connected to the outside world through wired and wireless interfaces, the CAN bus has become susceptible to intrusions and attacks such as message injection, replay attacks, denial of service (DoS) attacks, and eavesdropping. This paper presents an intrusion detection method based on the Isolation Forest (iForest) algorithm that detects message insertion attacks using message timing information. The resulting intrusion detection system benefits from the linear time complexity and low memory requirement of the iForest algorithm, as well as the ability to train the classifier with only a small sample of normal CAN traffic. The usage of only timing information for intrusion detection makes it a vehicle-agnostic method that does not rely on the message content, which is often proprietary and confidential information. The intrusion detection system was trained with normal CAN traffic trace and tested with two spoof attack CAN datasets. The high values obtained for the Area Under Curve (AUC) measure in the two cases, 0.966 and 0.974, indicated the effectiveness of this approach for intrusion detection
format Conference or Workshop Item
author Sharmin, Shaila
Mansor, Hafizah
author_facet Sharmin, Shaila
Mansor, Hafizah
author_sort Sharmin, Shaila
title Intrusion detection on the in-vehicle network using machine learning
title_short Intrusion detection on the in-vehicle network using machine learning
title_full Intrusion detection on the in-vehicle network using machine learning
title_fullStr Intrusion detection on the in-vehicle network using machine learning
title_full_unstemmed Intrusion detection on the in-vehicle network using machine learning
title_sort intrusion detection on the in-vehicle network using machine learning
publisher Institute of Electrical and Electronics Engineers Inc.
publishDate 2021
url http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf
http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf
http://irep.iium.edu.my/91691/
_version_ 1710675136485523456
score 13.250246