Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network

Hyun Min Song, Ha Rang Kim, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

106 Citations (Scopus)

Abstract

Controller Area Network (CAN) bus in the vehicles is a de facto standard for serial communication to provide an efficient, reliable and economical link between Electronic Control Units (ECU). However, CAN bus does not have enough security features to protect itself from inside or outside attacks. Intrusion Detection System (IDS) is one of the best ways to enhance the vehicle security level. Unlike the traditional IDS for network security, IDS for vehicle requires light-weight detection algorithm because of the limitations of the computing power of electronic devices reside in cars. In this paper, we propose a light-weight intrusion detection algorithm for in-vehicle network based on the analysis of time intervals of CAN messages. We captured CAN messages from the cars made by a famous manufacturer and performed three kinds of message injection attacks. As a result, we find the time interval is a meaningful feature to detect attacks in the CAN traffic. Also, our intrusion detection system detects all of message injection attacks without making false positive errors.

Original languageEnglish
Title of host publicationInternational Conference on Information Networking
PublisherIEEE Computer Society
Pages63-68
Number of pages6
Volume2016-March
ISBN (Print)9781509017249
DOIs
Publication statusPublished - 2016 Mar 7
Event30th International Conference on Information Networking, ICOIN 2016 - Kota Kinabalu, Malaysia
Duration: 2016 Jan 132016 Jan 15

Other

Other30th International Conference on Information Networking, ICOIN 2016
CountryMalaysia
CityKota Kinabalu
Period16/1/1316/1/15

Keywords

  • car seucirty
  • controller area network
  • intrusion detection system

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network'. Together they form a unique fingerprint.

  • Cite this

    Song, H. M., Kim, H. R., & Kim, H. K. (2016). Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network. In International Conference on Information Networking (Vol. 2016-March, pp. 63-68). [7427089] IEEE Computer Society. https://doi.org/10.1109/ICOIN.2016.7427089