TY - GEN
T1 - Domain-Specific Anomaly Detection for In-Vehicle Networks
AU - Kristianto, Edy
AU - Lin, Po Ching
AU - Hwang, Ren Hung
N1 - Publisher Copyright:
© 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
PY - 2022
Y1 - 2022
N2 - Connecting components such as electronic control units (ECUs) via an in-vehicle network (IVN) is common in modern vehicles. However, if compromised, the components may send malicious messages to impact the operations of a vehicle and even hurt driving safety. Several in-vehicle intrusion detection system (IDS) solutions based on machine learning have been presented in the literature to detect unknown attacks. Such IDSs are deployed on a central gateway or within each ECU. We note that some vehicles have implemented domain gateways/controllers and automotive Ethernet to support the increasing bandwidth and complexity of the IVN. The domain gateways can take over the computation load from the ECUs. Therefore, each domain gateway can be a promising place to implement an IDS to detect and block malicious messages in its domain. We can optimize the domain-specific IDS model to classify malicious or normal messages in each domain and make it lightweight. In this work, we present two models of lightweight unsupervised IDS solutions for the domain gateway model. Our designs have only 2,708 and 49,454 parameters, fewer than the state-of-the-art designs. Their training and testing time are also shorter, achieving high accuracy from 0.90 to 1.00 in detecting the malicious messages on each domain gateway.
AB - Connecting components such as electronic control units (ECUs) via an in-vehicle network (IVN) is common in modern vehicles. However, if compromised, the components may send malicious messages to impact the operations of a vehicle and even hurt driving safety. Several in-vehicle intrusion detection system (IDS) solutions based on machine learning have been presented in the literature to detect unknown attacks. Such IDSs are deployed on a central gateway or within each ECU. We note that some vehicles have implemented domain gateways/controllers and automotive Ethernet to support the increasing bandwidth and complexity of the IVN. The domain gateways can take over the computation load from the ECUs. Therefore, each domain gateway can be a promising place to implement an IDS to detect and block malicious messages in its domain. We can optimize the domain-specific IDS model to classify malicious or normal messages in each domain and make it lightweight. In this work, we present two models of lightweight unsupervised IDS solutions for the domain gateway model. Our designs have only 2,708 and 49,454 parameters, fewer than the state-of-the-art designs. Their training and testing time are also shorter, achieving high accuracy from 0.90 to 1.00 in detecting the malicious messages on each domain gateway.
KW - CAN bus
KW - Domain-specific
KW - In-vehicle intrusion detection
UR - http://www.scopus.com/inward/record.url?scp=85150988447&partnerID=8YFLogxK
U2 - 10.1007/978-981-19-9582-8_56
DO - 10.1007/978-981-19-9582-8_56
M3 - Conference contribution
AN - SCOPUS:85150988447
SN - 9789811995811
T3 - Communications in Computer and Information Science
SP - 637
EP - 648
BT - New Trends in Computer Technologies and Applications - 25th International Computer Symposium, ICS 2022, Proceedings
A2 - Hsieh, Sun-Yuan
A2 - Hung, Ling-Ju
A2 - Peng, Sheng-Lung
A2 - Klasing, Ralf
A2 - Lee, Chia-Wei
PB - Springer Science and Business Media Deutschland GmbH
T2 - 25th International Computer Symposium on New Trends in Computer Technologies and Applications, ICS 2022
Y2 - 15 December 2022 through 17 December 2022
ER -