VoltageIDS: Low-level communication characteristics for automotive intrusion detection system

Wonsuk Choi, Kyungho Joo, Hyo Jin Jo, Moon Chan Park, Dong Hoon Lee

Research output: Contribution to journalArticlepeer-review

143 Citations (Scopus)


The proliferation of computerized functions aimed at enhancing drivers' safety and convenience has increased the number of vehicular attack surfaces accordingly. The fundamental vulnerability is caused by the fact that the controller area network protocol, a de facto standard for in-vehicle networks, does not support message origin authentication. Several methods to resolve this problem have been suggested. However, most of them require modification of the CAN protocol and have their own vulnerabilities. In this paper, we focus on securing in-vehicle CAN networks, proposing a novel automotive intrusion detection system (so-called VoltageIDS). The system leverages the inimitable characteristics of an electrical CAN signal as a fingerprint of the electronic control units. The noteworthy contributions are that VoltageIDS does not require any modification of the current system and has been validated on actual vehicles while driving on the road. VoltageIDS is also the first automotive intrusion detection system capable of distinguishing between errors and the bus-off attack. Our experimental results on a CAN bus prototype and on real vehicles show that VoltageIDS detects intrusions in the in-vehicle CAN network. Moreover, we evaluate VoltageIDS while a vehicle is moving.

Original languageEnglish
Pages (from-to)2114-2129
Number of pages16
JournalIEEE Transactions on Information Forensics and Security
Issue number8
Publication statusPublished - 2018 Aug


  • Automotive IDS
  • Controller area network
  • Electronic control unit
  • Fingerprinting

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'VoltageIDS: Low-level communication characteristics for automotive intrusion detection system'. Together they form a unique fingerprint.

Cite this