Loading [a11y]/accessibility-menu.js
AERO: Automotive Ethernet Real-Time Observer for Anomaly Detection in In-Vehicle Networks | IEEE Journals & Magazine | IEEE Xplore

AERO: Automotive Ethernet Real-Time Observer for Anomaly Detection in In-Vehicle Networks

DatasetsAvailable

Abstract:

Automotive Ethernet enables high-bandwidth in-vehicle networking, facilitating the transmission of sensor data among electronic control units. However, the increasing con...Show More

Abstract:

Automotive Ethernet enables high-bandwidth in-vehicle networking, facilitating the transmission of sensor data among electronic control units. However, the increasing connectivity and potential vulnerability inheritance in connected and autonomous vehicles expose them to security risks. To address this challenge, an intrusion detection system (IDS) capable of analyzing automotive Ethernet traffic and detecting anomalies is essential. In thisarticle, we propose automotive Ethernet real-time observer (AERO), an unsupervised network IDS designed to protect in-vehicle networks. AERO consists of three components: a feature extractor that constructs three multimodal features, a neural network for processing the extracted features, and an online anomaly detector that calculates outlier scores in real time. We evaluate the performance of AERO using the TOW-IDS automotive Ethernet intrusion dataset. The experimental results demonstrate that AERO achieves high detection performance across five different attack types and is highly applicable to automotive-grade devices for real-time anomaly detection.
Published in: IEEE Transactions on Industrial Informatics ( Volume: 20, Issue: 3, March 2024)
Page(s): 4651 - 4662
Date of Publication: 06 November 2023

ISSN Information:

Funding Agency:


I. Introduction

Networking between electronic control units (ECUs) is critical for the proper functioning of modern vehicle features. Ever since the drive-by-wire concept became popular in the automotive industry, multiple ECUs have been designed to cooperate via in-vehicle networks (IVNs). Among the several networking protocols, the controller area network (CAN) currently dominates the market share of in-vehicle networking because it supports the critical requirements of vehicular applications [1]. These requirements include message prioritization, time synchronization, multicasting, and some hardware aspects such as being lightweight and noise-tolerant. More recently, connected and autonomous vehicles (CAVs) have emerged that rely on high-bandwidth sensors such as those capable of light detection and ranging, radio detection and ranging, and cameras. However, considering the fact that the CAN supports a limited throughput Mb/s, the CAN is no longer a promising protocol for CAVs. Although the conventional Ethernet and transmission control protocol (TCP)/Internet protocol (IP) stacks have been empirically verified in Internet and local area networks (LANs), they cannot replace the CAN because they do not satisfy all the requirements of vehicles. For example, a broadcasted packet is not time synchronized; a conventional switch does not respect the packet priority; a vehicle might be adversely affected by unexpected delay due to congestion control. These downsides of best-effort delivery should be addressed in real-time systems such as vehicles.

Contact IEEE to Subscribe

References

References is not available for this document.