Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms

Marchetti, Mirco; Stabili, Dario; Guido, Alessandro; Colajanni, Michele

doi:10.1109/rtsi.2016.7740627

Cited by 124 publications

(57 citation statements)

References 15 publications

(26 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Christiansen et al [32] combine background subtraction and convolutional neural networks to detect anomalies/obstacles. Muter et al [11] and Marchetti et al [33] use entropy-based methods to detect anomalies (attacks) in in-vehicle networks. Faughnan et al measure the discrepancy between redundant sensor readings to detect hijacking in unmanned aerial vehicles [30].…”

Section: Related Workmentioning

confidence: 99%

Real-Time Sensor Anomaly Detection and Recovery in Connected Automated Vehicle Sensors

Wang

Masoud

Khojandi

2021

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

In this paper we propose a novel observer-based method to improve the safety and security of connected and automated vehicle (CAV) transportation. The proposed method combines model-based signal filtering and anomaly detection methods. Specifically, we use adaptive extended Kalman filter (AEKF) to smooth sensor readings of a CAV based on a nonlinear car-following model. Using the car-following model the subject vehicle (i.e., the following vehicle) utilizes the leading vehicle's information to detect sensor anomalies by employing previouslytrained One Class Support Vector Machine (OCSVM) models. This approach allows the AEKF to estimate the state of a vehicle not only based on the vehicle's location and speed, but also by taking into account the state of the surrounding traffic. A communication time delay factor is considered in the carfollowing model to make it more suitable for real-world applications. Our experiments show that compared with the AEKF with a traditional χ 2 -detector, our proposed method achieves a better anomaly detection performance. We also demonstrate that a larger time delay factor has a negative impact on the overall detection performance.

show abstract

Section: Related Workmentioning

confidence: 99%

Real-Time Sensor Anomaly Detection and Recovery in Connected Automated Vehicle Sensors

Wang

Masoud

Khojandi

2021

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

show abstract

“…Non neural network based methods for anomaly detection on the CAN bus payload include signature based methods [15], finger printing [2], clustering methods [19], fuzzy logic [9], Hidden-Markov-Model based methods [12], and entropy based methods [8,11]. A comprehensive review of the strengths and weaknesses of these and other non-payload based methods can be found in [18].…”

Section: Related Researchmentioning

confidence: 99%

CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data

et al. 2020

View full text Add to dashboard Cite

We propose a novel neural network architecture for detecting intrusions on the CAN bus. The Controller Area Network (CAN) is the standard communication method between the Electronic Control Units (ECUs) of automobiles. However, CAN lacks security mechanisms and it has recently been shown that it can be attacked remotely. Hence, it is desirable to monitor CAN traffic to detect intrusions. In order to detect both, known and unknown intrusion scenarios, we consider a novel unsupervised learning approach which we call CANet. To our knowledge, this is the first deep learning based intrusion detection system (IDS) that takes individual CAN messages with different IDs and evaluates them in the moment they are received. This is a significant advancement because messages with different IDs are typically sent at different times and with different frequencies. Our method is evaluated on real and synthetic CAN data. For reproducibility of the method, our synthetic data is publicly available. A comparison with previous machine learning based methods shows that CANet outperforms them by a significant margin.

show abstract

“…However, building such IDS for in-vehicle networks is challenging due to the large number and heterogeneity of ECUs as well as due to limited information exposed by CAN messages (since they are specific to manufacturers and/or vehicle model) [8]. While there exist IDSes for invehicle networks (e.g., by utilizing message frequency [168]- [170], entropy [171], clock skew [172], observing cyberphysical contexts [173]) these systems may not be able to detect attacks involving sporadic/irregular CAN messages. Researchers also proposed to replace the CAN technology and use other alternatives such as Ethernet [174]- [176].…”

Section: Threats To Intra-vehicle Components and Countermeasuresmentioning

confidence: 99%

Securing Vehicle-to-Everything (V2X) Communication Platforms

Hasan

Mohan

Shimizu

et al. 2020

IEEE Trans. Intell. Veh.

159

View full text Add to dashboard Cite

Modern vehicular wireless technology enables vehicles to exchange information at any time, from any place, to any network -forms the vehicle-to-everything (V2X) communication platforms. Despite benefits, V2X applications also face great challenges to security and privacy -a very valid concern since breaches are not uncommon in automotive communication networks and applications. In this survey, we provide an extensive overview of V2X ecosystem. We also review main security/privacy issues, current standardization activities and existing defense mechanisms proposed within the V2X domain. We then identified semantic gaps of existing security solutions and outline possible open issues.We also discuss possible open issues (Section VIII), summarize multiple industry/academic/government initiatives for securing V2X communications (Section IX-A) and compare our work with related surveys (Section IX-B). II. V2X PLATFORM : AN OVERVIEWThis section provides an overview of V2X communication interfaces (Section II-A) and discuss various network/communication models (Section II-B). A. Communication InterfacesThe internal architecture of a vehicle is interconnected with ECUs (electronic control units -embedded computing platform that monitor/control automotive systems) coupled with sensors and actuators. The communication between the vehicle and the outside world such as other vehicles or roadside units (RSUs) is performed via external interfaces (see Fig. 1). These vehicular external interfaces are attached to the telematics control unit (TCU) -also referred to as on-board unit (OBU) 1 -an ECU that provides wireless connectivity [7], [8]. A vehicle control unit coordinates with the OBU to collect and disseminate vehicular data [9]. The current standards for V2X communication are DSRC (dedicated short range communication) [10] in the United States, C-ITS (cooperative intelligent transport systems) [11] in Europe and ITS Connect [12] in Japan. Both DSRC and C-ITS operating in the 5.9 GHz ITS band while ITS Connect operating in 760 MHz band (refer to Section II-B1 for details). An alternative to DSRC/C-ITS is the next generation of cellular wireless mobile telecommunications technology (see Section II-B2). OBUs can also be equipped with interfaces for long-range communication. These long-range wireless channels can be classified as broadcast channels (signals can be broadcast to multiple vehicles without knowledge of the receiver's address) and addressable channels (where messages are sent to vehicles with specific addresses.) [13]. Examples of broadcast channels include the global navigation satellite system (GNSS), traffic message/satellite radio receivers, etc. Addressable channels are typically used for long-range voice/data transmissions and are intended to be used for cellular communications for mobile broadband [8].

show abstract

Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms

Cited by 124 publications

References 15 publications

Real-Time Sensor Anomaly Detection and Recovery in Connected Automated Vehicle Sensors

Real-Time Sensor Anomaly Detection and Recovery in Connected Automated Vehicle Sensors

CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data

Securing Vehicle-to-Everything (V2X) Communication Platforms

Contact Info

Product

Resources

About