Identify a Spoofing Attack on an In-Vehicle CAN Bus Based on the Deep Features of an ECU Fingerprint Signal

Ye, Yun; Duan, Zhenhai; Tehranipoor, Mark

doi:10.3390/smartcities3010002

Cited by 33 publications

(10 citation statements)

References 19 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a potential application, an enhanced automotive CAN bus network [7] can be implemented based on a new structure relying on an authentication technique [8,9,10]. Considering the issue that a CAN bus lacks the security features such as message authentication and is therefore vulnerable to spoofing attacks [11,12,13], an effective solution may consist in implementing a hash process. Each message on the bus must be hashed with a key using a hash algorithm to form a message authentication code (MAC), thus allowing each node to check the authenticity of a received message.…”

Section: Introductionmentioning

confidence: 99%

A comparative study of hash algorithms with the prospect of developing a CAN bus authentication technique

Zniti

Ouazzani

2022

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

In this paper, the performances of SHA-3 final round candidates along with new versions of other hash algorithms are analyzed and compared. An ARM-Cortex A9 microcontroller and a Spartan -3 FPGA circuit are involved in the study, with emphasis placed on the number of cycles and the authentication speed. These hash functions are implemented and tested resulting in a set of ranked algorithms in terms of the specified metrics. Taking into account the performances of the most efficient algorithms and the proposed hardware platform components, an authentication technique can be developed as a possible solution to the limitations and weaknesses of automotive CAN (Controlled Area Network) bus – based embedded systems in terms of security, privacy and integrity. From there, the main elements of such a potential structure are set forth.

show abstract

Section: Introductionmentioning

confidence: 99%

A comparative study of hash algorithms with the prospect of developing a CAN bus authentication technique

Zniti

Ouazzani

2022

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

show abstract

“…Automotive suppliers and vendors have also explored hybrid FPGA-based ECUs for improved functional consolidation and reliability [19]. Specifically for network security, ML-based anomaly detection (bit-timing [52], transmission timing [53]) models, probabilistic attack models [54] and generalised multi-attack detection models [37], [38] have leveraged FPGA platforms for improved latency and detection performance. With the rising computational complexity in vehicles, it is expected that hybrid FPGA based ECUs will gain more traction for complex vehicular functions.…”

Section: Machine Learning On Fpgasmentioning

confidence: 99%

A Lightweight FPGA-based IDS-ECU Architecture for Automotive CAN

Khandelwal

Shreejith

2022

2022 International Conference on Field-Programmable Technology (ICFPT)

View full text Add to dashboard Cite

Recent years have seen an exponential rise in complex software-driven functionality in vehicles, leading to a rising number of electronic control units (ECUs), network capabilities, and interfaces. These expanded capabilities also bring-in new planes of vulnerabilities making intrusion detection and management a critical capability; however, this can often result in more ECUs and network elements due to the high computational overheads. In this paper, we present a consolidated ECU architecture incorporating an Intrusion Detection System (IDS) for Automotive Controller Area Network (CAN) along with traditional ECU functionality on an off-the-shelf hybrid FPGA device, with near-zero overhead for the ECU functionality. We propose two quantised multi-layer perceptrons (QMLP's) as isolated IDSs for detecting a range of attack vectors including Denial-of-Service, Fuzzing and Spoofing, which are accelerated using off-the-shelf deep-learning processing unit (DPU) IP block from Xilinx, operating fully transparently to the software on the ECU. The proposed models achieve the state-of-the-art classification accuracy for all the attacks, while we observed a 15× reduction in power consumption when compared against the GPU-based implementation of the same models quantised using Nvidia libraries. We also achieved a 2.3× speed up in permessage processing latency (at 0.24 ms from the arrival of a CAN message) to meet the strict end-to-end latency on critical CAN nodes and a 2.6× reduction in power consumption for inference when compared to the state-of-the-art IDS models on embedded IDS and loosely coupled IDS accelerators (GPUs) discussed in the literature.

show abstract

“…Their work had a low detection rate when compared to other ML algorithms. Yang et al [ 33 ] proposed an IDS using a recurrent neural network with long short-term memory (RNN-LSTM). The selected model had a higher validation accuracy score especially for detecting only spoofing attacks in the CAN network traffic, which motivates additional research into this field to detect other cyber-attacks.…”

Section: Background and Related Workmentioning

confidence: 99%

Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks

Mehedi

Anwar

Rahman

et al. 2021

Sensors

View full text Add to dashboard Cite

The Controller Area Network (CAN) bus works as an important protocol in the real-time In-Vehicle Network (IVN) systems for its simple, suitable, and robust architecture. The risk of IVN devices has still been insecure and vulnerable due to the complex data-intensive architectures which greatly increase the accessibility to unauthorized networks and the possibility of various types of cyberattacks. Therefore, the detection of cyberattacks in IVN devices has become a growing interest. With the rapid development of IVNs and evolving threat types, the traditional machine learning-based IDS has to update to cope with the security requirements of the current environment. Nowadays, the progression of deep learning, deep transfer learning, and its impactful outcome in several areas has guided as an effective solution for network intrusion detection. This manuscript proposes a deep transfer learning-based IDS model for IVN along with improved performance in comparison to several other existing models. The unique contributions include effective attribute selection which is best suited to identify malicious CAN messages and accurately detect the normal and abnormal activities, designing a deep transfer learning-based LeNet model, and evaluating considering real-world data. To this end, an extensive experimental performance evaluation has been conducted. The architecture along with empirical analyses shows that the proposed IDS greatly improves the detection accuracy over the mainstream machine learning, deep learning, and benchmark deep transfer learning models and has demonstrated better performance for real-time IVN security.

show abstract

Identify a Spoofing Attack on an In-Vehicle CAN Bus Based on the Deep Features of an ECU Fingerprint Signal

Cited by 33 publications

References 19 publications

A comparative study of hash algorithms with the prospect of developing a CAN bus authentication technique

A comparative study of hash algorithms with the prospect of developing a CAN bus authentication technique

A Lightweight FPGA-based IDS-ECU Architecture for Automotive CAN

Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks

Contact Info

Product

Resources

About