Intrusion detection on the in-vehicle network using machine learning
Controller Area Network (CAN) is a protocol for the in-vehicle network that connects microcontrollers called Electronic Control Units (ECUs) and other components in a vehicle so that they may communicate among themselves and control the operations of the vehicle. The CAN protocol was initially...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English English |
| Published: |
Institute of Electrical and Electronics Engineers Inc.
2021
|
| Subjects: | |
| Online Access: | http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf http://irep.iium.edu.my/91691/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.iium.irep.91691 |
|---|---|
| record_format |
dspace |
| spelling |
my.iium.irep.916912021-09-08T09:46:19Z http://irep.iium.edu.my/91691/ Intrusion detection on the in-vehicle network using machine learning Sharmin, Shaila Mansor, Hafizah T10.5 Communication of technical information T175 Industrial research. Research and development Controller Area Network (CAN) is a protocol for the in-vehicle network that connects microcontrollers called Electronic Control Units (ECUs) and other components in a vehicle so that they may communicate among themselves and control the operations of the vehicle. The CAN protocol was initially not designed with security in mind, but as modern vehicles are increasingly becoming connected to the outside world through wired and wireless interfaces, the CAN bus has become susceptible to intrusions and attacks such as message injection, replay attacks, denial of service (DoS) attacks, and eavesdropping. This paper presents an intrusion detection method based on the Isolation Forest (iForest) algorithm that detects message insertion attacks using message timing information. The resulting intrusion detection system benefits from the linear time complexity and low memory requirement of the iForest algorithm, as well as the ability to train the classifier with only a small sample of normal CAN traffic. The usage of only timing information for intrusion detection makes it a vehicle-agnostic method that does not rely on the message content, which is often proprietary and confidential information. The intrusion detection system was trained with normal CAN traffic trace and tested with two spoof attack CAN datasets. The high values obtained for the Area Under Curve (AUC) measure in the two cases, 0.966 and 0.974, indicated the effectiveness of this approach for intrusion detection Institute of Electrical and Electronics Engineers Inc. 2021 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf application/pdf en http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf Sharmin, Shaila and Mansor, Hafizah (2021) Intrusion detection on the in-vehicle network using machine learning. In: 2021 3rd International Cyber Resilience Conference (CRC 2021), Virtual. 10.1109/CRC50527.2021.9392627 |
| institution |
Universiti Islam Antarabangsa Malaysia |
| building |
IIUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
International Islamic University Malaysia |
| content_source |
IIUM Repository (IREP) |
| url_provider |
http://irep.iium.edu.my/ |
| language |
English English |
| topic |
T10.5 Communication of technical information T175 Industrial research. Research and development |
| spellingShingle |
T10.5 Communication of technical information T175 Industrial research. Research and development Sharmin, Shaila Mansor, Hafizah Intrusion detection on the in-vehicle network using machine learning |
| description |
Controller Area Network (CAN) is a protocol for
the in-vehicle network that connects microcontrollers called
Electronic Control Units (ECUs) and other components in a
vehicle so that they may communicate among themselves and
control the operations of the vehicle. The CAN protocol was
initially not designed with security in mind, but as modern
vehicles are increasingly becoming connected to the outside
world through wired and wireless interfaces, the CAN bus has
become susceptible to intrusions and attacks such as message
injection, replay attacks, denial of service (DoS) attacks, and
eavesdropping. This paper presents an intrusion detection
method based on the Isolation Forest (iForest) algorithm that
detects message insertion attacks using message timing
information. The resulting intrusion detection system benefits
from the linear time complexity and low memory requirement
of the iForest algorithm, as well as the ability to train the
classifier with only a small sample of normal CAN traffic. The
usage of only timing information for intrusion detection makes
it a vehicle-agnostic method that does not rely on the message
content, which is often proprietary and confidential
information. The intrusion detection system was trained with
normal CAN traffic trace and tested with two spoof attack CAN
datasets. The high values obtained for the Area Under Curve
(AUC) measure in the two cases, 0.966 and 0.974, indicated the
effectiveness of this approach for intrusion detection |
| format |
Conference or Workshop Item |
| author |
Sharmin, Shaila Mansor, Hafizah |
| author_facet |
Sharmin, Shaila Mansor, Hafizah |
| author_sort |
Sharmin, Shaila |
| title |
Intrusion detection on the in-vehicle network using machine learning |
| title_short |
Intrusion detection on the in-vehicle network using machine learning |
| title_full |
Intrusion detection on the in-vehicle network using machine learning |
| title_fullStr |
Intrusion detection on the in-vehicle network using machine learning |
| title_full_unstemmed |
Intrusion detection on the in-vehicle network using machine learning |
| title_sort |
intrusion detection on the in-vehicle network using machine learning |
| publisher |
Institute of Electrical and Electronics Engineers Inc. |
| publishDate |
2021 |
| url |
http://irep.iium.edu.my/91691/1/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning.pdf http://irep.iium.edu.my/91691/2/91691_Intrusion%20detection%20on%20the%20in-vehicle%20network%20using%20machine%20learning_SCOPUS.pdf http://irep.iium.edu.my/91691/ |
| _version_ |
1710675136485523456 |
| score |
13.211869 |