Detecting message modification attacks on the CAN bus with Temporal Convolutional Networks

by   Irina Chiscop, et al.

Multiple attacks have shown that in-vehicle networks have vulnerabilities which can be exploited. Securing the Controller Area Network (CAN) for modern vehicles has become a necessary task for car manufacturers. Some attacks inject potentially large amount of fake messages into the CAN network; however, such attacks are relatively easy to detect. In more sophisticated attacks, the original messages are modified, making the detection a more complex problem. In this paper, we present a novel machine learning based intrusion detection method for CAN networks. We focus on detecting message modification attacks, which do not change the timing patterns of communications. Our proposed temporal convolutional network-based solution can learn the normal behavior of CAN signals and differentiate them from malicious ones. The method is evaluated on multiple CAN-bus message IDs from two public datasets including different types of attacks. Performance results show that our lightweight approach compares favorably to the state-of-the-art unsupervised learning approach, achieving similar or better accuracy for a wide range of scenarios with a significantly lower false positive rate.



There are no comments yet.


page 1

page 2

page 3

page 4


An Entropy Analysis based Intrusion Detection System for Controller Area Network in Vehicles

Dozens of Electronic Control Units (ECUs) can be found on modern vehicle...

Mitigating Vulnerabilities of Voltage-based Intrusion Detection Systems in Controller Area Networks

Data for controlling a vehicle is exchanged among Electronic Control Uni...

Evaluation of the Architecture Alternatives for Real-time Intrusion Detection Systems for Connected Vehicles

Attackers demonstrated the use of remote access to the in-vehicle networ...

A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents

We propose an artificial immune model for intrusion detection in distrib...

Detecting CAN Masquerade Attacks with Signal Clustering Similarity

Vehicular Controller Area Networks (CANs) are susceptible to cyber attac...

CAN Radar: Sensing Physical Devices in CAN Networks based on Time Domain Reflectometry

The presence of security vulnerabilities in automotive networks has alre...

Detection of Message Injection Attacks onto the CAN Bus using Similarity of Successive Messages-Sequence Graphs

The smart features of modern cars are enabled by a number of Electronic ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.