Research on Anomaly Detection in Vehicular CAN Based on Bi-LSTM

Authors

  • Xiaopeng Kan School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
  • Zhihong Zhou 1) Institute of Cyber Science and Technology, Shanghai Jiao Tong University, Shanghai, China 2) Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, Shanghai, China
  • Lihong Yao School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
  • Yuxin Zuo School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

DOI:

https://doi.org/10.13052/jcsm2245-1439.1251

Keywords:

Internet of vehicles, CAN, Anomaly Detection, Bi-LSTM

Abstract

Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.

Downloads

Download data is not yet available.

Author Biographies

Xiaopeng Kan, School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

Xiaoping Kan is currently studying for a master’s degree at the School of Cyberspace Security, Shanghai Jiao Tong University, China. His main research areas are the security of Internet of Vehicles.

Zhihong Zhou, 1) Institute of Cyber Science and Technology, Shanghai Jiao Tong University, Shanghai, China 2) Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, Shanghai, China

Zhihong Zhou received the Ph.D degree in Electronic engineering from Zhejiang University in 2005. He is currently working as an assistant researcher at the Institute of Cyber Science and Technology of Shanghai Jiao Tong University. His research areas include Network Security Risk Assessment, Cryptographic Application Security Assessment etc.

Lihong Yao, School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

Lihong Yao received the Ph.D degree in Computer Science from Nanjing University in 2003. Now, she is an associate professor at the School of Cyberspace Security, Shanghai Jiao Tong University, China. Her research interests mainly include security of Internet of Vehicles and Big Data Analysis.

Yuxin Zuo, School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

Yuxin Zuo is currently studying for a bachelor’s degree at the School of Cyberspace Security, Shanghai Jiao Tong University, China. His main research interests are the security of Internet of Things and Big Data Analysis.

References

F. Amato, R. Nardone and A. Santone, et al. “CAN-Bus Attack Detection With Deep Learning [J].” IEEE Transactions on Intelligent Transportation Systems, pp. 5081–5090, 2021.

“Upstream security’s 2020 global automotive cybersecurity report.” [Online]. Available: https://upstream.auto/upstream-security-global-automotive-cybersecurity-report-2020/. [Accessed 15 March 2023].

“Hackers steal Tesla Model X in two and a half minutes: Bypass new encryption technology”. [Online]. 2020, Available: https://www.thepaper.cn/newsDetail_forward_10116839. [Accessed 15 March 2023].

“BLACKHAT issues reading: new attack that enter the system for auto remote keyless. ROLLBACK.” [Online]. 2022, Available: http://blog.nsfocus.net/blackhat/. [Accessed 15 March 2023].

M. Yan, J. Li, and G. Harpak, “Security research report on mercedes benz cars”, Black Hat USA, 2020, 38.

Gmiden M, Gmiden M H, Trabelsi H. “An intrusion detection method for securing in-vehicle CAN bus[C].” Sciences and Techniques of Automatic Control and Computer Engineering (STA), 17th International Conference on. IEEE. pp. 176–180, 2016.

T. Liu, H. Jin, and A. Li, et al. “Bi-LSTM Model for Time Series Leaf Area Index Estimation Using Multiple Satellite Products[J].” IEEE Geoscience and Remote Sensing Letters, pp. 1–5, 2012.

T. C. M. Donmez, “Anomaly Detection in Vehicular CAN Bus Using Message Identifier Sequences[J].” IEEE Access, pp. 105–108, 2021.

Peng J, Zhang Z H, He H. “A Method for Detecting Abnormality of CAN Bus in Vehicle[J].” Chinese Journal of Scientific Instrument. pp. 28–33, 2017.

Woo S, Jo H J, Lee D H. “A practical wireless attack on the connected car and security protocol for in-vehicle CAN[J].” IEEE Transactions on Intelligent Transportation Systems, pp. 993–1006, 2015.

S.-F. Lokman, A. T. Bin Othman and M.-H. Abu-Bakar. “Optimized Structure of Convolutional Neural Networks for Controller Area Network Classification[C].” 14th International Conference on Natural Computation, Fuzzing Systems and Knowledge Discovery (ICNC-FSKD), pp. 475–481, 2018.

Huang Y, Qin G H, Liu T, et al. “Strategy for ensuring in-vehicle infotainment security[C].” Applied Mechanics and Materials. pp. 5460–5465, 2014.

T. Liu, H. Jin, and A. Li, et al. “Bi-LSTM Model for Time Series Leaf Area Index Estimation Using Multiple Satellite Products[J].” IEEE Geoscience and Remote Sensing Letters, pp. 1–5, 2012.

Song H M, Kim H R, Kim H K. “Intrusion detection system based on the analysis of time intervals of CAN messages for the in-vehicle network[C].” International conference on information networking (ICOIN). pp. 63–68, 2016.

Qin J, Li M, Shi L, et al. “Optimal denial-of-service attack scheduling with energy constraint over packet-dropping networks[J].” IEEE Transaction on Automatic Control, pp. 1648–1663, 2018.

T. C. M. Donmez, “Anomaly Detection in Vehicular CAN Bus Using Message Identifier Sequences[J].” IEEE Access, pp. 109–108, 2021.

E. Seo, H.M. Song, H.K. Kim. “GIDS: GAN based intrusion detection system for in-vehicle network[C].” 2018 16th Annual Conference on Privacy, Security and Trust (PST), pp. 1–6, 2018.

Hyunjae Kang, Byung Il Kwak, Young Hun Lee, et al. “Car Hacking: Attack and Defense, 2020 Dataset.” https://dx.doi.org/10.21227/qvr7-n418. [Accessed 15 March 2023].

T. Zhang, X. Liu, H. Lin, et al. “End-to-end Answer Selection via Attention-Based Bi-LSTM Network[C].” 1st IEEE International Conference on Hot Information-Centric Networking (HotICN), pp. 264–265, 2018.

T. Liu, H. Jin, and A. Li, et al. “Bi-LSTM Model for Time Series Leaf Area Index Estimation Using Multiple Satellite Products[J].” IEEE Geoscience and Remote Sensing Letters, pp. 1–5, 2012.

A. K. Desta, S. Ohira, I. Arai, et al. “ID Sequence Analysis for Intrusion Detection in the CAN bus using Long Short Term Memory Networks[C].” IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), pp. 1–6, 2020.

Ullah S, Khan MA, and Ahmad J, et al. “HDL-IDS: A Hybrid Deep Learning Architecture for Intrusion Detection in the Internet of Vehicles.” Sensors 22, no. 4: 1340.

Downloads

Published

2023-08-12

How to Cite

1.
Kan X, Zhou Z, Yao L, Zuo Y. Research on Anomaly Detection in Vehicular CAN Based on Bi-LSTM. JCSANDM [Internet]. 2023 Aug. 12 [cited 2024 Nov. 22];12(05):629-52. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/21515

Issue

2023: Vol 12 Iss 5

Section

Cyber Security Issues and Solutions

License

Copyright (c) 2023 Journal of Cyber Security and Mobility

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.