Skip to main content

Advertisement

Log in

Machine Learning-Based Intrusion Detection for Securing In-Vehicle CAN Bus Communication

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Modern cars are now much more connected than they were a few years ago, thanks to the rapid development of embedded technology. This had made them more vulnerable to attacks. The controller area network (CAN) bus, a widely used communication standard in automotive systems, plays a crucial role in the interconnection of onboard electronic components. However, the lack of inherent security mechanisms in the CAN bus makes it a prime target for malicious attacks, compromising the system such as the denial of service (DoS), fuzzy, spoofing, and replay attacks. In this paper, we propose a machine learning-based intrusion detection system for identifying attacks on in-vehicle CAN bus communication. We train and test long short-term memory (LSTM) and convolutional neural network (CNN) models on two public datasets (Car-Hacking and CAN-Intrusion) and our self-created dataset, named Bus-CAN-Attack, which was generated using the ICSim simulation tool. Using the selected hyper parameters, we achieve impressive detection accuracy with the fine-tuned models varying from 89% to 99% for the different datasets.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Data availability

The Bus-CAN-Attack dataset supporting the findings of this study is available through a shared link, accessible only to individuals with the link. After acceptance, we will make the dataset available to public.

References

  1. Benkhelifa A. Les systémes embarquès dans l’automobile. Doctoral dissertation, Haute ècole de gestion de Genéve. 2018.

  2. https://ieeexplore.ieee.org/abstract/document/9216166. Accessed 04 Feb 2024.

  3. Benz K. The birth of the Motorwagen. Hist Autom Technol. 1886;1:23–30.

    Google Scholar 

  4. Johnson M, Lee L. Advancements in vehicle communication systems. IEEE Trans Veh Technol. 2019;68(5):1024–35.

    Google Scholar 

  5. Bosch GmbH R. Controller Area Network (CAN) Specification, Bosch Documentation. 1980.

  6. ISO 11898. Road Vehicles—Controller Area Network (CAN), International Organization for Standardization. 2020.

  7. Avatefipour O, Malik H. State-of-the-art survey on in-vehicle network communication (CAN-bus) security and vulnerabilities. 2018.

  8. Ismail T, Touati H, Hajlaoui N, Hadded M, Muhlethaler P, Bouzefrane S, Saidane LA. A comprehensive survey on vehicular communication security. J Cyber Secur Mobil. 2024;13(5):1007–38.

    Article  Google Scholar 

  9. Ismail T, et al. Impact analysis of greedy behavior attacks in vehicular ad hoc networks. In: 2021 10th IFIP international conference on performance evaluation and modeling in wireless and wired networks (PEMWN), Ottawa. 2021. p. 1–6. https://doi.org/10.23919/PEMWN53042.2021.9664702.

  10. Hassine Y, Touati H. Vehicular platoons security: a review with an emphasis on Sybil attacks. In: 2023 12th IFIP/IEEE international conference on performance evaluation and modeling in wired and wireless networks (PEMWN), Berlin, 2023. p. 1–6. https://doi.org/10.23919/PEMWN58813.2023.10304901.

  11. Green A, White J. Cybersecurity challenges in modern vehicles. Cybersecur Rev. 2022;25(6):56–67.

    Google Scholar 

  12. Adams R, et al. Vulnerabilities in CAN bus systems. J Cybersecur Res. 2021;17(1):22–34.

    Google Scholar 

  13. Groza B, Murvay S. Security solutions for the controller area network: bringing authentication to in-vehicle networks. IEEE Veh Technol Mag. 2018;13:40–7.

    Article  Google Scholar 

  14. Baccari S, Hadded M, Ghazzai H, Touati H, Elhadef M. Anomaly detection in connected and autonomous vehicles: a survey, analysis, and research challenges. IEEE Access. 2024;12:19250–76. https://doi.org/10.1109/ACCESS.2024.3361829.

    Article  Google Scholar 

  15. Electronics CSS. CAN Bus Explained. CSS Electronics: Aarhus, Jutland, DK. 2019.

  16. https://doi.org/10.3390/s20082364. Accessed 28 July 2024.

  17. Harris T. Prioritization and real-time communication in CAN bus. Real-Time Syst J. 2019;33(4):345–59.

    Google Scholar 

  18. Seo E, Song HM, Kim HK. GIDS: GAN based intrusion detection system for in-vehicle network. In: 2018 16th annual conference on privacy, security and trust (PST), Belfast, Ireland, 2018. p. 1–6. https://doi.org/10.1109/PST.2018.8514157.

  19. Koscher K, Czeskis A, Roesner F, Patel S, Kohno T, Checkoway S, McCoy D, Kantor B, Anderson D, Shacham H, Savage S. Experimental security analysis of a modern automobile. In: Proc. IEEE Symp. Secur. Privacy, 2010. p. 447462.

  20. Han ML, Kwak BI, Kim HK. Anomaly intrusion detection method for vehicular networks based on survival analysis. Veh Commun. 2018;14:52–63. https://doi.org/10.1016/.vehcom.2018.09.004.

    Article  Google Scholar 

  21. Hossain MD, Inoue H, Ochiai H, Fall D, Kadobayashi Y. Long short-term memory-based intrusion detection system for in-vehicle controller area network bus. In: Proc. IEEE 44th Annu. Comput., Softw., Appl. Conf. (COMPSAC). 2020. p. 10–17. https://doi.org/10.1109/COMPSAC48688.2020.00011.

  22. Müter M, Asaj N. Entropy-based anomaly detection for in-vehicle networks. In: Proceedings of the 2011 IEEE intelligent vehicles symposium (IV) Baden-Baden, 5–9 June 2011. p. 1110–5. https://doi.org/10.1109/IVS.2011.5940552.

  23. Song HM, Kim HR, Kim HK. Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network. In: Proceedings of the 2016 international conference on information networking (ICOIN), 2016. p. 63–8. https://doi.org/10.1109/ICOIN.2016.7427089.

  24. Cho K, Shin KG. Viden: attacker identification on in-vehicle networks. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, Dallas, 30 October–3 November 2017.

  25. Seo E, Song HM, Kim HK. Gids: Gan based intrusion detection system for in-vehicle network. In: Proceedings of the 2018 16th annual conference on privacy, security and trust (PST), Belfast, 28–30 August 2018. p. 1–6.

  26. Hossain MD, Inoue H, Ochiai H, Fall D, Kadobayashi Y. LSTM-based intrusion detection system for in-vehicle can bus communications. IEEE Access. 2020;8:185489–502. https://doi.org/10.1109/ACCESS.2020.3029307.

    Article  Google Scholar 

  27. Longari S, Valcarcel DHN, Zago M, Carminati M, Zanero S. CANnolo: an anomaly detection system based on LSTM autoencoders for controller area network. IEEE Trans Netw Serv Manag. 2020;18:1913–24.

    Article  Google Scholar 

  28. Han ML, Kwak B II, Kim HK. Event-triggered interval-based anomaly detection and attack identification methods for an in-vehicle network. IEEE Trans Inf Forensics Secur. 2021;16:2941–56. https://doi.org/10.1109/TIFS.2021.3069171.

    Article  Google Scholar 

  29. Moulahi T, Zidi S, Alabdulatif A, Atiquzzaman M. Comparative performance evaluation of intrusion detection based on machine learning in in-vehicle controller area network bus. IEEE Access. 2021;9:99595–605. https://doi.org/10.1109/ACCESS.2021.3095962.

    Article  Google Scholar 

  30. https://ocslab.hksecurity.net/Datasets/car-hacking-dataset. Accessed 15 Feb 2024.

  31. https://ocslab.hksecurity.net/Dataset/CAN-intrusion-dataset. Accessed 15 Feb 2024.

  32. Abdelwahed S, Touati H. LSTM-based congestion detection in named data networks. In: Abraham A, Pllana S, Casalino G, Ma K, Bajaj A, editors. Intelligent systems design and applications. ISDA 2022. Lecture notes in networks and systems, vol 717. Cham: Springer; 2023. https://doi.org/10.1007/978-3-031-35510-3_14.

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Haifa Touati.

Ethics declarations

Conflict of interest

The authors declare no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Samir, S.B.H., Raissa, M., Touati, H. et al. Machine Learning-Based Intrusion Detection for Securing In-Vehicle CAN Bus Communication. SN COMPUT. SCI. 5, 1082 (2024). https://doi.org/10.1007/s42979-024-03465-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-024-03465-1

Keywords

Navigation