Abstract
To evade being detected by the content-based or frequency-based IDS, the attack model in the automotive CAN has shifted from the traditional packet flooding and payload modification attacks to stealth attacks such as shutdown attacks. These new types of stealth attacks are difficult to be effectively detected by content-based IDS and frequency-based IDS. The CAN bus physical voltage-based IDS can identify the source of each message and detect these stealth attacks effectively. However, the state of art research has discovered a novel masquerade attack called DUET, which can tamper with the existing voltage-based IDS by generating overlapping voltage signals with an accomplice to distort the fingerprint of the specified ECU. We propose a detection mechanism to prevent the manipulated voltage attacks of overlapping voltage signal samples, which is based on anomaly detection by applying the LSTM autoencoder model. By filtering the overlapped signal and rectifying the voltage fingerprint instance of the original voltage signal, the improved voltage-based IDS can effectively resist the DUET attack. Experiments demonstrated the proposed detection mechanism can authenticate the victim ECU and the accomplice ECU before and after the DUET two-stage attack, and prevent the receiver ECU from being deceived by the forged messages generated by the attacker and accomplice ECUs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Jo, H.J., Choi, W.: A survey of attacks on controller area networks and corresponding countermeasures. IEEE Trans. Intell. Transp. Syst. 99, 1–19 (2021)
Bhatia, R., Kumar, V., Serag, K., Celik, Z.B., Payer, M., Xu, D.: Evading voltage-based intrusion detection on automotive CAN. In: Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA, pp. 1–17 (2021)
Murvay, P.S., Groza, B.: Source identification using signal characteristics in controller area networks. IEEE Signal Process. Lett. 21(4), 395–399 (2014)
Cho, K.T., Kang, S.: Viden: attacker identification on in-vehicle networks. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1109–1123 (2017)
Choi, W., Jo, H.J., Woo, S., Chun, J.Y., Park, J., Lee, D.H.: Identifying ecus using inimitable characteristics of signals in controller area networks. IEEE Trans. Veh. Technol. 67(6), 4757–4770 (2018)
Choi, W., Joo, K., Jo, H.J., Park, M.C., Lee, D.H.: Voltageids: low-level communication characteristics for automotive intrusion detection system. IEEE Trans. Inf. Forensics Secur. 13(8), 2114–2129 (2018)
Kneib, M., Huth, C.: Scission: signal characteristic-based sender identification and intrusion detection in automotive networks. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 787–800 (2018)
Kneib, M., Schell, O., Huth, C.: On the robustness of signal characteristic-based sender identification (2019). arXiv:1911.09881
Foruhandeh, M., Man, Y., Gerdes, R., Li, M., Chantem, T.: Simple: Single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks. In: Proceedings of the 35th Annual Computer Security Applications Conference, pp. 229–244 (2019)
Rumez, M., et al.: Can radar: sensing physical devices in can networks based on time domain reflectometry. In: 2019 IEEE Vehicular Networking Conference (VNC), pp. 1–8. IEEE (2019)
Xu, T., Lu, X., Xiao, L., Tang, Y., Dai, H.: Voltage based authentication for controller area networks with reinforcement learning. In: ICC 2019–2019 IEEE International Conference on Communications (ICC), pp. 1–5. IEEE (2019)
Yang, Y., Duan, Z., Tehranipoor, M.: Identify a spoofing attack on an in-vehicle can bus based on the deep features of an ECU fingerprint signal. Smart Cities 3(1), 17–30 (2020)
Hafeez, A., Topolovec, K., Awad, S.: Ecu fingerprinting through parametric signal modeling and artificial neural networks for in-vehicle security against spoofing attacks. In: 2019 15th International Computer Engineering Conference (ICENCO), pp. 29–38. IEEE (2019)
Levy, E., Shabtai, A., et al.: CAN-LOC: Spoofing Detection and Physical Intrusion Localization on an In-Vehicle CAN Bus Based on Deep Features of Voltage Signals (2021)
Marchetti, M., Stabili, D.: Anomaly detection of CAN bus messages through analysis of ID sequences. In: 2017 IEEE Intelligent Vehicles Symposium (IV). IEEE (2017)
Taylor, A., Japkowicz, N., Leblanc, S.: Frequency-based anomaly detection for the automotive CAN bus. In: 2015 World Congress on Industrial Control Systems Security (WCICSS). IEEE (2015)
Zhou, J., et al.: Btmonitor: bit-time-based intrusion detection and attacker identification in controller area network. ACM Trans. Embedded Comput. Syst. 18(6), 1–23 (2020)
Zhou, J., et al.: Clock-based sender identification and attack detection for automotive CAN network. IEEE Access 99, 2665–2679 (2020)
Shin, K.G., Cho, K.T.: Fingerprinting Electronic Control Units For Vehicle Intrusion Detection. US20170286675 (2017)
Acknowledgements
This research was funded in part by the National Natural Science Foundation of China under grants 61872069, 62072090 and 62173101, and in part by the Fundamental Research Funds for the Central Universities under grant N2017012 and N2217009.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yin, L., Xu, J., Chai, H., Wang, C. (2022). A Manipulated Overlapped Voltage Attack Detection Mechanism for Voltage-Based Vehicle Intrusion Detection System. In: Ahene, E., Li, F. (eds) Frontiers in Cyber Security. FCS 2022. Communications in Computer and Information Science, vol 1726. Springer, Singapore. https://doi.org/10.1007/978-981-19-8445-7_26
Download citation
DOI: https://doi.org/10.1007/978-981-19-8445-7_26
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-8444-0
Online ISBN: 978-981-19-8445-7
eBook Packages: Computer ScienceComputer Science (R0)