Unsupervised Time Series Extraction from Controller Area Network Payloads

by   Brent J. Stone, et al.
Air Force Institute of Technology

This paper introduces a method for unsupervised tokenization of Controller Area Network (CAN) data payloads using bit level transition analysis and a greedy grouping strategy. The primary goal of this proposal is to extract individual time series which have been concatenated together before transmission onto a vehicle's CAN bus. This process is necessary because the documentation for how to properly extract data from a network may not always be available; passenger vehicle CAN configurations are protected as trade secrets. At least one major manufacturer has also been found to deliberately misconfigure their documented extraction methods. Thus, this proposal serves as a critical enabler for robust third-party security auditing and intrusion detection systems which do not rely on manufacturers sharing confidential information.


page 1

page 2

page 3

page 4


Network intrusion detection systems for in-vehicle network - Technical report

Modern vehicles are complex safety critical cyber physical systems, that...

CANShield: Signal-based Intrusion Detection for Controller Area Networks

Modern vehicles rely on a fleet of electronic control units (ECUs) conne...

CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data

We propose a novel neural network architecture for detecting intrusions ...

CAN-BERT do it? Controller Area Network Intrusion Detection System based on BERT Language Model

Due to the rising number of sophisticated customer functionalities, elec...

can-train-and-test: A Curated CAN Dataset for Automotive Intrusion Detection

When it comes to in-vehicle networks (IVNs), the controller area network...

Detecting CAN Masquerade Attacks with Signal Clustering Similarity

Vehicular Controller Area Networks (CANs) are susceptible to cyber attac...

Please sign up or login with your details

Forgot password? Click here to reset