Visible to the public Signature-Based Intrusion Detection System (IDS) for In-Vehicle CAN Bus Network

TitleSignature-Based Intrusion Detection System (IDS) for In-Vehicle CAN Bus Network
Publication TypeConference Paper
Year of Publication2021
AuthorsJin, Shiyi, Chung, Jin-Gyun, Xu, Yinan
Conference Name2021 IEEE International Symposium on Circuits and Systems (ISCAS)
KeywordsCAN, cloud computing, Communication networks, composability, controller area network security, Cyber-physical systems, IDS, in-vehicle network security, Integrated circuit modeling, Internet of Things, Intrusion detection, intrusion detection system, Light-weight, pubcrawl, reliability, Resiliency, security, short-term solution, Time factors
Abstract

In-vehicle CAN (Controller Area Network) bus network does not have any network security protection measures, which is facing a serious network security threat. However, most of the intrusion detection solutions requiring extensive computational resources cannot be implemented in in- vehicle network system because of the resource constrained ECUs. To add additional hardware or to utilize cloud computing, we need to solve the cost problem and the reliable communication requirement between vehicles and cloud platform, which is difficult to be applied in a short time. Therefore, we need to propose a short-term solution for automobile manufacturers. In this paper, we propose a signature-based light-weight intrusion detection system, which can be applied directly and promptly to vehicle's ECUs (Electronic Control Units). We detect the anomalies caused by several attack modes on CAN bus from real-world scenarios, which provide the basis for selecting signatures. Experimental results show that our method can effectively detect CAN traffic related anomalies. For the content related anomalies, the detection ratio can be improved by exploiting the relationship between the signals.

DOI10.1109/ISCAS51556.2021.9401087
Citation Keyjin_signature-based_2021