Abstract
Vehicle communication technology has been steadily progressing alongside the convergence of the in-vehicle network (IVN) and wireless communication technology. The communication with various external networks further reinforces the connectivity between the inside and outside of a vehicle. However, this bears risks of malicious packet attacks on computer-assisted mechanical mechanisms that are capable of hijacking the vehicle's functions. The present study proposes a method to detect and identify abnormalities in vehicular networks based on the periodic event-triggered interval of the controller area network (CAN) messages. To this end, we first define four attack scenarios and then extract normal and abnormal driving data corresponding to these scenarios. Next, we analyze the CAN ID's event-triggered interval and measure statistical moments depending on the defined time-window. Finally, we conduct extensive evaluations of the proposed methods' performance by considering different attack scenarios and three types of machine learning models. The results demonstrate that the proposed method can effectively detect an abnormality in the IVN, with up to 99% accuracy. Our results suggest that when tree-based machine learning models are used as the classifier, the proposed method of attack identification can achieve more than 94% accuracy.
| Original language | English |
|---|---|
| Article number | 9387321 |
| Pages (from-to) | 2941-2956 |
| Number of pages | 16 |
| Journal | IEEE Transactions on Information Forensics and Security |
| Volume | 16 |
| DOIs | |
| Publication status | Published - 2021 |
Keywords
- Anomaly detection
- attack identification
- controller area network
- event-triggered interval
- in-vehicle network
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications