Abstract
In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.
S. Tariq and S. Lee—Both authors contributed equally to this work.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Controller Area Network (CAN bus). https://en.wikipedia.org/wiki/CAN_bus
Boudguiga, A., Klaudel, W., Boulanger, A., Chiron, P.: A simple intrusion detection method for controller area network. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–7. IEEE (2016)
Hamming, R.W.: Error detecting and error correcting codes. Bell Labs Tech. J. 29(2), 147–160 (1950)
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive CAN networks – practical examples and selected short-term countermeasures. In: Harrison, M.D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 235–248. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87698-4_21
Hoppe, T., Kiltz, S., Dittmann, J.: Automotive IT-security as a challenge: basic attacks from the black box perspective on the example of privacy threats. In: Buth, B., Rabe, G., Seyfarth, T. (eds.) SAFECOMP 2009. LNCS, vol. 5775, pp. 145–158. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04468-7_13
Hoppe, T., Kiltz, S., Dittmann, J.: Security threats to automotive can networks–practical examples and selected short-term countermeasures. Reliab. Eng. Syst. Saf. 96(1), 11–25 (2011)
Lee, H., Jeong, S.H., Kim, H.K.: OTIDS: a novel intrusion detection system for in-vehicle network by using remote frame. In: Privacy, Security and Trust (PST) (2017)
Miller, C., Valasek, C.: A survey of remote automotive attack surfaces. Black Hat, USA (2014)
Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat, USA (2015)
Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: 2011 IEEE Intelligent Vehicles Symposium (IV), pp. 1110–1115. IEEE (2011)
Song, H.M., Kim, H.R., Kim, H.K.: Intrusion detection system based on the analysis of time intervals of can messages for in-vehicle network. In: 2016 International Conference on Information Networking (ICOIN), pp. 63–68. IEEE (2016)
Acknowledgement
We thank anonymous reviews for providing helpful feedback to improve this work. We also thank Korea Internet & Security Agency (KISA) and Korean Institute of Information Security & Cryptology (KIISC) for the release of CAN dataset. This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the “ICT Consilience Creative Program” (IITP-2015-R0346-15-1007) supervised by the IITP (Institute for Information & communications Technology Promotion) and Basic Science Research Program through the NRF of Korea (NRF-2017R1C1B5076474).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Tariq, S., Lee, S., Kim, H.K., Woo, S.S. (2019). Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs. In: Fournaris, A., Lampropoulos, K., Marín Tordera, E. (eds) Information and Operational Technology Security Systems. IOSec 2018. Lecture Notes in Computer Science(), vol 11398. Springer, Cham. https://doi.org/10.1007/978-3-030-12085-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-12085-6_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12084-9
Online ISBN: 978-3-030-12085-6
eBook Packages: Computer ScienceComputer Science (R0)