Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs

Shahroz Tariq, Sangyup Lee, Huy Kang Kim, Simon S. Woo

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    7 Citations (Scopus)

    Abstract

    In vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is used as the de facto standard to provide serial communication between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed on the CAN bus due to the lack of underlying security mechanism. In this work, we develop an intrusion detection algorithm to detect DoS, fuzzy, and replay attacks injected in a real vehicle. Our approach uses heuristics as well as Recurrent Neural Networks (RNNs) to detect attacks. We test our algorithm with in-vehicle data samples collected from KIA Soul. Our preliminary results show the high accuracy in detecting different types of attacks.

    Original languageEnglish
    Title of host publicationInformation and Operational Technology Security Systems - 1st International Workshop, IOSec 2018, CIPSEC Project, Revised Selected Papers
    EditorsEva Marín Tordera, Apostolos P. Fournaris, Konstantinos Lampropoulos
    PublisherSpringer Verlag
    Pages39-45
    Number of pages7
    ISBN (Print)9783030120849
    DOIs
    Publication statusPublished - 2019
    Event1st International Workshop on Information and Operational Technology Security Systems, IOSec 2018 - Heraklion, Greece
    Duration: 2018 Sept 132018 Sept 13

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume11398 LNCS
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference1st International Workshop on Information and Operational Technology Security Systems, IOSec 2018
    Country/TerritoryGreece
    CityHeraklion
    Period18/9/1318/9/13

    Bibliographical note

    Funding Information:
    We thank anonymous reviews for providing helpful feedback to improve this work. We also thank Korea Internet & Security Agency (KISA) and Korean Institute of Information Security & Cryptology (KIISC) for the release of CAN dataset. This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the “ICT Consilience Creative Program” (IITP-2015-R0346-15-1007) supervised by the IITP (Institute for Information & communications Technology Promotion) and Basic Science Research Program through the NRF of Korea (NRF-2017R1C1B5076474).

    Funding Information:
    Acknowledgement. We thank anonymous reviews for providing helpful feedback to improve this work. We also thank Korea Internet & Security Agency (KISA) and Korean Institute of Information Security & Cryptology (KIISC) for the release of CAN dataset. This research was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the “ICT Consilience Creative Program” (IITP-2015-R0346-15-1007) supervised by the IITP (Institute for Information & communications Technology Promotion) and Basic Science Research Program through the NRF of Korea (NRF-2017R1C1B5076474).

    Publisher Copyright:
    © 2019, Springer Nature Switzerland AG.

    ASJC Scopus subject areas

    • Theoretical Computer Science
    • General Computer Science

    Fingerprint

    Dive into the research topics of 'Detecting In-vehicle CAN Message Attacks Using Heuristics and RNNs'. Together they form a unique fingerprint.

    Cite this