Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs

Shahroz Tariq, Sangyup Lee, Huy Kang Kim, Simon S. Woo

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.

Original languageEnglish
Title of host publicationInformation and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers
EditorsEva Marín Tordera, Apostolos P. Fournaris, Konstantinos Lampropoulos
PublisherSpringer Verlag
Pages39-45
Number of pages7
ISBN (Print)9783030120849
DOIs
Publication statusPublished - 2019 Jan 1
Event1st International Workshop on Information and Operational Technology Security Systems, IOSec 2018 - Heraklion, Greece
Duration: 2018 Sep 132018 Sep 13

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11398 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference1st International Workshop on Information and Operational Technology Security Systems, IOSec 2018
CountryGreece
CityHeraklion
Period18/9/1318/9/13

Fingerprint

Recurrent neural networks
Recurrent Neural Networks
Attack
Heuristics
Controller
Controllers
Communication
Intrusion detection
Intrusion Detection
Simplicity
High Accuracy
Electronics
Unit

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Tariq, S., Lee, S., Kim, H. K., & Woo, S. S. (2019). Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. In E. Marín Tordera, A. P. Fournaris, & K. Lampropoulos (Eds.), Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers (pp. 39-45). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11398 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-12085-6_4

Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. / Tariq, Shahroz; Lee, Sangyup; Kim, Huy Kang; Woo, Simon S.

Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers. ed. / Eva Marín Tordera; Apostolos P. Fournaris; Konstantinos Lampropoulos. Springer Verlag, 2019. p. 39-45 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11398 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tariq, S, Lee, S, Kim, HK & Woo, SS 2019, Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. in E Marín Tordera, AP Fournaris & K Lampropoulos (eds), Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11398 LNCS, Springer Verlag, pp. 39-45, 1st International Workshop on Information and Operational Technology Security Systems, IOSec 2018, Heraklion, Greece, 18/9/13. https://doi.org/10.1007/978-3-030-12085-6_4
Tariq S, Lee S, Kim HK, Woo SS. Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. In Marín Tordera E, Fournaris AP, Lampropoulos K, editors, Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers. Springer Verlag. 2019. p. 39-45. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-030-12085-6_4
Tariq, Shahroz ; Lee, Sangyup ; Kim, Huy Kang ; Woo, Simon S. / Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers. editor / Eva Marín Tordera ; Apostolos P. Fournaris ; Konstantinos Lampropoulos. Springer Verlag, 2019. pp. 39-45 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{b66423de589f4edeb5e8a93147fe58dc,
title = "Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs",
abstract = "In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.",
author = "Shahroz Tariq and Sangyup Lee and Kim, {Huy Kang} and Woo, {Simon S.}",
year = "2019",
month = "1",
day = "1",
doi = "10.1007/978-3-030-12085-6_4",
language = "English",
isbn = "9783030120849",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "39--45",
editor = "{Mar{\'i}n Tordera}, Eva and Fournaris, {Apostolos P.} and Konstantinos Lampropoulos",
booktitle = "Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers",

}

TY - GEN

T1 - Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs

AU - Tariq, Shahroz

AU - Lee, Sangyup

AU - Kim, Huy Kang

AU - Woo, Simon S.

PY - 2019/1/1

Y1 - 2019/1/1

N2 - In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.

AB - In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.

UR - http://www.scopus.com/inward/record.url?scp=85061389818&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85061389818&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-12085-6_4

DO - 10.1007/978-3-030-12085-6_4

M3 - Conference contribution

AN - SCOPUS:85061389818

SN - 9783030120849

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 39

EP - 45

BT - Information and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers

A2 - Marín Tordera, Eva

A2 - Fournaris, Apostolos P.

A2 - Lampropoulos, Konstantinos

PB - Springer Verlag

ER -