Abstract
With the development of the Internet of Things and automobile technology, intelligent networked vehicles are becoming more and more mature. Automobile manufacturers have installed various entertainment and safety facilities for cars, such as remote access-controlling system, satellite navigation, and entertainment system. While improving the car driving experience, these facilities also increase the risk of remote attacks on the vehicle. Compared with traditional cars based on isolated embedded systems, intelligent networked cars have added many network devices for access to the Internet, causing vehicle components to be exposed to dangerous external network environments. These network interfaces may become potential entrances for hackers, causing vehicles to be illegally controlled and privacy leaked. For these dangerous situations, researchers have proposed many protective measures, however they cannot detect impenetrable intrusion well. In order to solve this defect, this paper proposed a vehicle intrusion detection system based on time interval and data field. By calculating the time interval of each packet, we can determine whether their sending frequency is normal and verify the source Electronic Control Units (ECU) of the packet. By analyzing the Manhattan distance of the data field to detect whether the content of the message has been tampered with. These extracted features will be as input feature vector of the decision tree, and obtain the detection result. In the experiment, we achieved a significant improvement and proved the superiority of this method.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Greenberg, A.: Hackers remotely kill a jeep on the highway-with me in it. Wired 7(2), 21–22 (2015)
SAE Vehicle Electrical System Security Committee. SAE J3061-cybersecurity guidebook for cyber-physical automotive systems. SAE-society of automotive engineers (2016)
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: Proceedings of IEEE Symposium Security Privacy, pp. 447–462 (2010)
Checkoway, S., McCoy, D., Kantor, B.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of USENIX Security Symposium, pp. 1–16 (2011)
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks – practical examples and selected short-term countermeasures. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 235–248. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87698-4_21
Seo, E., Song, H.M., Kim, H.K.: Gids: Gan based intrusion detection system for in-vehicle network. In: 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp. 1–6. IEEE (2018)
Song, H.M., Woo, J., Kim, H.K.: In-vehicle network intrusion detection using deep convolutional neural network. Veh. Commun. 21, 100198 (2020)
Aloqaily, M., Otoum, S., Al Ridhawi, I., et al.: An intrusion detection system for connected vehicles in smart cities. Ad Hoc Netw. 90, 101842 (2019)
Olufowobi, H., Young, C., Zambreno, J., et al.: Saiducant: Specification-based automotive intrusion detection using controller area network (can) timing. IEEE Trans. Veh. Technol. 69(2), 1484–1494 (2019)
Tariq, S., Lee, S., Woo, S.S.: CANTransfer: transfer learning based intrusion detection on a controller area network using convolutional LSTM network. In: Proceedings of the 35th Annual ACM Symposium on Applied Computing, pp. 1048–1055 (2020)
Hanselmann, M., Strauss, T., Dormann, K., et al.: CANet: an unsupervised intrusion detection system for high dimensional can bus data. IEEE Access 8, 58194–58205 (2020)
Cho, K.T., Shin, K.G.: Fingerprinting electronic control units for vehicle intrusion detection. In: 25th {USENIX} Security Symposium ({USENIX} Security 16), pp. 911–927 (2016)
Choi, W., Joo, K., Jo, H.J., et al.: Voltageids: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forensics Secur. 13(8), 2114–2129 (2018)
Zhou, J., Joshi, P., Zeng, H., et al.: Btmonitor: bit-time-based intrusion detection and attacker identification in controller area network. ACM Trans. Embed. Comput. Syst. (TECS) 18(6), 1–23 (2019)
Song, H.M., Kim, H.R., Kim, H.K.: Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network. In: 2016 International Conference on Information Networking (ICOIN), pp. 63–68. IEEE (2016)
Lee, H., Jeong, S.H., Kim, H.K.: OTIDS: a novel intrusion detection system for in-vehicle network by using remote frame. In: 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 57–5709. IEEE (2017)
Moore, M.R., Bridges, R.A., Combs, F.L., et al.: Modeling inter-signal arrival times for accurate detection of can bus signal injection attacks: a data-driven approach to in-vehicle intrusion detection. In: Proceedings of the 12th Annual Conference on Cyber and Information Security Research, pp. 1–4 (2017)
Gmiden, M., Gmiden, M.H., Trabelsi, H.: An intrusion detection method for securing in-vehicle CAN bus. In: 2016 17th International Conference on Sciences and Techniques of Automatic Control and Computer Engineering (STA), pp. 176–180. IEEE (2016)
Groza, B., Murvay, P.S.: Efficient intrusion detection with bloom filtering in controller area networks. IEEE Trans. Inf. Forensics Secur. 14(4), 1037–1051 (2018)
Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ECUs using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Technol. 67(6), 4757–4770 (2018). https://doi.org/10.1109/TVT.2018.2810232
Tyree, Z., Bridges, R.A., Combs, F.L., et al.: Exploiting the shape of CAN data for in-vehicle intrusion detection. In: 2018 IEEE 88th Vehicular Technology Conference (VTC-Fall), pp. 1–5. IEEE (2018)
Wang, Q., Lu, Z., Qu, G.: An entropy analysis based intrusion detection system for controller area network in vehicles. In: 2018 31st IEEE International System-on-Chip Conference (SOCC), pp. 90–95. IEEE (2018)
Ke, G., et al.: LightGBM: a highly efficient gradient boosting decision tree. NIPS 2017, 3146–3154 (2017)
Acknowledgement
The authors would like to thank the anonymous referees for their valuable comments and helpful suggestions.
Funding
The work is supported by the National Natural Science Foundation of China (No. U1836204, No. U1936208, No. U1936216, No. 62002197).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Ethics declarations
We declare that there is no conflict of interests regarding the publication of this paper. We declare that we have no financial and personal relationships with other people or organizations that can inappropriately influence our work.
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
He, X., Yang, Z., Huang, Y. (2021). A Vehicle Intrusion Detection System Based on Time Interval and Data Fields. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2021. Lecture Notes in Computer Science(), vol 12737. Springer, Cham. https://doi.org/10.1007/978-3-030-78612-0_43
Download citation
DOI: https://doi.org/10.1007/978-3-030-78612-0_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78611-3
Online ISBN: 978-3-030-78612-0
eBook Packages: Computer ScienceComputer Science (R0)