Comparative Performance Evaluation of Intrusion Detection Based on Machine Learning in In-Vehicle Controller Area Network Bus

Moulahi, Tarek; Zidi, Salah; Alabdulatif, Abdulatif; Atiquzzaman, Mohammed

doi:10.1109/access.2021.3095962

Cited by 45 publications

(33 citation statements)

References 26 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, Alfardus and Rawat [6] also used ML algorithms such as KNN, RF, SVM, and Multilayer Perceptron (MLP) to detect CAN bus attacks. Moulahi et al [114] used RF, DT, SVM, and MLP to compare the detection capability. Features related to time, ID, DLC, and payload values were used.…”

Section: Supervisedmentioning

confidence: 99%

See 1 more Smart Citation

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

Rajapaksha¹,

Kalutarage

Al-Kadri

et al. 2023

ACM Comput. Surv.

View full text Add to dashboard Cite

The Controller Area Network (CAN) is the most widely used in-vehicle communication protocol, which still lacks the implementation of suitable security mechanisms such as message authentication and encryption. This makes the CAN bus vulnerable to numerous cyber attacks. Various Intrusion Detection Systems (IDSs) have been developed to detect these attacks. However, the high generalization capabilities of Artificial Intelligence (AI) make AI-based IDS an excellent countermeasure against automotive cyber attacks. This article surveys AI-based in-vehicle IDS over the period of 2016-2022 (August) with a novel taxonomy. It reviews the detection techniques, attack types, features, and benchmark datasets. Furthermore, the paper discusses the security of AI models, necessary steps to develop AI-based IDSs in the CAN bus, identifies the limitations of existing proposals and gives recommendations for future research directions.

show abstract

Section: Supervisedmentioning

confidence: 99%

“…The main objective of the proposed approach was to identify vehicle models and anomalies. All of these works [6,10,11,35,70,113,114,129] can be considered as basic ML and DL model comparisons for CAN attacks. None of these models has the capability to detect unknown attacks.…”

Section: Supervisedmentioning

confidence: 99%

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

Rajapaksha¹,

Kalutarage

Al-Kadri

et al. 2023

ACM Comput. Surv.

View full text Add to dashboard Cite

show abstract

“…Similar to DCNN, the proposed models are extremely complicated to deploy in real life. Conversely, in [16], simple machine learning models are used for faster training and inference. However, the models achieve low accuracy, particularly for DoS and fuzzy attacks.…”

Section: Related Workmentioning

confidence: 99%

Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders

Hoang¹,

Kim²

2022

Preprint

View full text Add to dashboard Cite

Propose a novel semi-supervised learning model for the in-vehicle intrusion detection system named convolutional adversarial autoencoders.• Detect both known and unknown attacks effectively with a small number of labeled samples.• Reduce the model complexity significantly in terms of the trainable parameters and the inference time which are essential for the real-time in-vehicle intrusion detection.

show abstract

“…A hierarchical taxonomy on these methodologies can be found in [31]. The authors from [32] provide a comparative view regarding the use of machine learning approaches for CAN IDSs. For example, in [33], the authors evaluate the performance of the K-Nearest Neighbour and Support Vector Machine algorithms against Denial of Service (DoS) and fuzzy attacks.…”

Section: B Related Workmentioning

confidence: 99%

Android Head Units vs. In-Vehicle ECUs: Performance Assessment for Deploying In-Vehicle Intrusion Detection Systems for the CAN Bus

et al. 2022

View full text Add to dashboard Cite

Following the numerous attacks that exploited vulnerabilities of Controller Area Networks (CAN), intrusion detection systems have become a topic of prime importance for in-vehicle buses. Newer in-vehicle communication layers, such as CAN-FD, despite the larger payloads which can easily integrate cryptographic elements, need similar attention. But detecting intrusions may call for demanding algorithms that are not computationally cheap while timely detection is necessary in order to process frames in realtime and take the appropriate actions. In this work we evaluate the performance of several binary classifiers on traditional in-vehicle Electronic Control Units (ECUs) and compare them to modern Android devices which have become widespread inside cars with the adoption of Android-capable infotainment systems. Needless to say, these modern devices benefit from higher computational and memory resources while cloud connectivity may alleviate computational costs even further. Contrasting between traditional controllers and Android devices has become necessary and so far there have been little efforts in this direction. To create a realistic testbed, we use collected in-vehicle CAN bus traffic from an SUV as well as more demanding logs from Advanced Driver-assistance Systems (ADAS) implemented on CAN-FD which we augment with adversarial activity.

show abstract

Comparative Performance Evaluation of Intrusion Detection Based on Machine Learning in In-Vehicle Controller Area Network Bus

Cited by 45 publications

References 26 publications

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey

Detecting In-vehicle Intrusion via Semi-supervised Learning-based Convolutional Adversarial Autoencoders

Android Head Units vs. In-Vehicle ECUs: Performance Assessment for Deploying In-Vehicle Intrusion Detection Systems for the CAN Bus

Contact Info

Product

Resources

About