The communication and connectivity functions of vehicles increase their vulnerability to hackers. The unintended failure and malfunction of in-vehicle systems caused by external factors threaten the security and safety of passengers. As the controller area network alone cannot protect vehicles from external attacks, techniques to analyze and detect external attacks are required. Therefore, we propose a multi-labeled hierarchical classification (MLHC) intrusion detection model that analyzes and detects external attacks caused by message injection. This model quickly determines the occurrence of attacks and classifies the attack using only existing classified attack data. We evaluated the performance of the model by analyzing its learning space. We further verified the model by comparing its accuracy, F1 score and data learning and evaluation times with the two layers multi-class detection (TLMD) and single-layer multi-class classification (SLMC) models. The simulation results show that the MLHC model has the highest F1 score of 0.9995 and is 87.30% and 99.92% faster than the SLMC and TLMD models in terms of detection time, respectively. Consequently, the proposed model can classify both the type and existence or absence of attacks with high accuracy and can be used in interior communication environments of high-speed vehicles with a high throughput.
Bibliographical noteFunding Information:
Funding: This work was supported by Institute for Information and communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) [No. 2018-0-00532, Development of High-Assurance (≥EAL6) Secure Microkernel].
© 2020 by the authors. Licensee MDPI, Basel, Switzerland.
- Anomaly detection
- Controller area network
- Hierarchical approach
- In-vehicle network security
- Intrusion detection system
- Machine learning
ASJC Scopus subject areas
- Analytical Chemistry
- Information Systems
- Atomic and Molecular Physics, and Optics
- Electrical and Electronic Engineering