Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Real-Time Zero-Day Intrusion Detection System for Automotive Controller Area Network on FPGAs (2401.10724v1)

Published 19 Jan 2024 in cs.CR, cs.LG, cs.SY, and eess.SY

Abstract: Increasing automation in vehicles enabled by increased connectivity to the outside world has exposed vulnerabilities in previously siloed automotive networks like controller area networks (CAN). Attributes of CAN such as broadcast-based communication among electronic control units (ECUs) that lowered deployment costs are now being exploited to carry out active injection attacks like denial of service (DoS), fuzzing, and spoofing attacks. Research literature has proposed multiple supervised machine learning models deployed as Intrusion detection systems (IDSs) to detect such malicious activity; however, these are largely limited to identifying previously known attack vectors. With the ever-increasing complexity of active injection attacks, detecting zero-day (novel) attacks in these networks in real-time (to prevent propagation) becomes a problem of particular interest. This paper presents an unsupervised-learning-based convolutional autoencoder architecture for detecting zero-day attacks, which is trained only on benign (attack-free) CAN messages. We quantise the model using Vitis-AI tools from AMD/Xilinx targeting a resource-constrained Zynq Ultrascale platform as our IDS-ECU system for integration. The proposed model successfully achieves equal or higher classification accuracy (> 99.5%) on unseen DoS, fuzzing, and spoofing attacks from a publicly available attack dataset when compared to the state-of-the-art unsupervised learning-based IDSs. Additionally, by cleverly overlapping IDS operation on a window of CAN messages with the reception, the model is able to meet line-rate detection (0.43 ms per window) of high-speed CAN, which when coupled with the low energy consumption per inference, makes this architecture ideally suited for detecting zero-day attacks on critical CAN networks.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (44)
  1. R. B. GmbH, “CAN Specification, Version 2.0,” 1991.
  2. S. Nie, L. Liu, and Y. Du, “Free-fall: Hacking Tesla from wireless to CAN bus,” Briefing, Black Hat USA, vol. 25, pp. 1–16, 2017.
  3. K. Iehira, H. Inoue, and K. Ishida, “Spoofing attack using bus-off attacks against a specific ECU of the CAN bus,” in Proc. IEEE Communications & Networking Conference (CCNC), pp. 1–4, IEEE, 2018.
  4. Z. Cai, A. Wang, W. Zhang, M. Gruffke, and H. Schweppe, “0-days & mitigations: Roadways to exploit and secure connected BMW cars,” Black Hat USA, vol. 2019, p. 39, 2019.
  5. C. Miller and C. Valasek, “Remote exploitation of an unaltered passenger vehicle,” Black Hat USA, vol. 2015, no. S 91, 2015.
  6. M. Enev, A. Takakuwa, K. Koscher, and T. Kohno, “Automobile Driver Fingerprinting.,” Proc. Priv. Enhancing Technol., 2016.
  7. U. E. Larson, D. K. Nilsson, and E. Jonsson, “An approach to specification-based attack detection for in-vehicle networks,” in Proc. IEEE Intelligent Vehicles Symposium, pp. 220–225, 2008.
  8. C. Miller and C. Valasek, “Adventures in automotive networks and control units,” Def Con, vol. 21, no. 260-264, pp. 15–31, 2013.
  9. I. Studnia, E. Alata, V. Nicomette, M. Kaâniche, and Y. Laarouchi, “A language-based intrusion detection approach for automotive embedded networks,” International Journal of Embedded Systems, vol. 10, no. 1, 2018.
  10. S. N. Narayanan, S. Mittal, and A. Joshi, “Using data analytics to detect anomalous states in vehicles,” arXiv preprint arXiv:1512.08048, 2015.
  11. A. Alshammari, M. A. Zohdy, D. Debnath, and G. Corser, “Classification approach for intrusion detection in vehicle systems,” Wireless Engineering and Technology, vol. 9, no. 4, pp. 79–94, 2018.
  12. L. Yang, A. Moubayed, I. Hamieh, and A. Shami, “Tree-based intelligent intrusion detection system in internet of vehicles,” in Proc. Global Communications Conference (GLOBECOM), pp. 1–6, IEEE, 2019.
  13. H. M. Song, J. Woo, and H. K. Kim, “In-vehicle network intrusion detection using deep convolutional neural network,” Vehicular Communications, vol. 21, p. 100198, 2020.
  14. S. Tariq, S. Lee, and S. S. Woo, “CANTransfer: transfer learning based intrusion detection on a controller area network using convolutional LSTM network,” in Proc. ACM Sym. on Applied Computing, 2020.
  15. S. Khandelwal and S. Shreejith, “A Lightweight FPGA-based IDS-ECU Architecture for Automotive CAN,” in 2022 International Conference on Field-Programmable Technology (ICFPT), pp. 1–9, 2022.
  16. L. Yang, A. Moubayed, and A. Shami, “MTH-IDS: A Multitiered Hybrid Intrusion Detection System for Internet of Vehicles,” IEEE Internet of Things Journal, vol. 9, no. 1, pp. 616–632, 2021.
  17. E. Seo, H. M. Song, and H. K. Kim, “GIDS: GAN based intrusion detection system for in-vehicle network,” in Proc. Conf. on Privacy, Security and Trust (PST), pp. 1–6, IEEE, 2018.
  18. Upstream Report, “https://upstream.auto/reports/global-automotive-cybersecurity-report/,” 2023.
  19. K. Vipin, S. Shreejith, S. A. Fahmy, and A. Easwaran, “Mapping time-critical safety-critical cyber physical systems to hybrid FPGAs,” in Proc. Intl. Conf. on Cyber-Physical Systems, Networks, and Applications, pp. 31–36, 2014.
  20. Xilinx, “Vitis AI User Guide,” 2021.
  21. F. Hartwich et al., “CAN with flexible data-rate,” in Proc. iCC, pp. 1–9, Citeseer, 2012.
  22. M. Bozdal, M. Samie, and I. Jennions, “A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions,” in Proc. Intl. Conf. on Computing, Electronics Communications Engineering (iCCECE), pp. 201–205, 2018.
  23. S. Mukherjee, H. Shirazi, I. Ray, J. Daily, and R. Gamble, “Practical DoS attacks on embedded networks in commercial vehicles,” in Proc. Intl Conference on Information Systems Security, Springer, 2016.
  24. K. Koscher, S. Savage, F. Roesner, S. Patel, T. Kohno, A. Czeskis, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., “Experimental security analysis of a modern automobile,” in Proc. IEEE Sym. on Security and Privacy, pp. 447–462, IEEE Computer Society, 2010.
  25. A. Palanca, E. Evenchick, F. Maggi, and S. Zanero, “A stealth, selective, link-layer denial-of-service attack against automotive networks,” in Proc. Intl. Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 185–206, Springer, 2017.
  26. T. P. Vuong, G. Loukas, and D. Gan, “Performance evaluation of cyber-physical intrusion detection on a robotic vehicle,” in Proc. Intl. Conf. on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, pp. 2106–2113, IEEE, 2015.
  27. D. Stabili, M. Marchetti, and M. Colajanni, “Detecting attacks to internal vehicle networks through hamming distance,” in AEIT Intl. Annual Conference, pp. 1–6, IEEE, 2017.
  28. M. Weber, S. Klug, E. Sax, and B. Zimmer, “Embedded hybrid anomaly detection for automotive CAN communication,” in Proc. European Congress on Embedded Real Time Software and Systems (ERTS), 2018.
  29. K.-T. Cho and K. G. Shin, “Fingerprinting electronic control units for vehicle intrusion detection,” in Proc. {normal-{\{{USENIX}normal-}\}} Security Symposium ({normal-{\{{USENIX}normal-}\}} Security), pp. 911–927, 2016.
  30. A. K. Desta, S. Ohira, I. Arai, and K. Fujikawa, “Rec-CNN: In-vehicle networks intrusion detection using convolutional neural networks trained on recurrence plots,” Vehicular Communications, vol. 35, 2022.
  31. P. F. De Araujo-Filho, A. J. Pinheiro, G. Kaddoum, D. R. Campelo, and F. L. Soares, “An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks with a Low-Cost Platform,” IEEE Access, vol. 9, pp. 166855–166869, 2021.
  32. A. K. Desta, S. Ohira, I. Arai, and K. Fujikawa, “MLIDS: Handling Raw High-Dimensional CAN Bus Data Using Long Short-Term Memory Networks for Intrusion Detection in In-Vehicle Networks,” in Proc. Intl. Telecommunication Networks and Applications Conference (ITNAC), pp. 1–7, IEEE, 2020.
  33. K. Agrawal, T. Alladi, A. Agrawal, V. Chamola, and A. Benslimane, “NovelADS: A Novel Anomaly Detection System for Intra-Vehicular Networks,” IEEE Transactions on Intelligent Transportation Systems, 2022.
  34. P. Cheng, K. Xu, S. Li, and M. Han, “TCAN-IDS: Intrusion Detection System for Internet of Vehicle Using Temporal Convolutional Attention Network,” Symmetry, vol. 14, no. 2, p. 310, 2022.
  35. W. Lo, H. Alqahtani, K. Thakur, A. Almadhor, S. Chander, and G. Kumar, “A hybrid deep learning based intrusion detection system using spatial-temporal representation of in-vehicle network traffic,” Vehicular Communications, vol. 35, p. 100471, 2022.
  36. H. Ma, J. Cao, B. Mi, D. Huang, Y. Liu, and S. Li, “A GRU-Based Lightweight System for CAN Intrusion Detection in Real Time,” Security and Communication Networks, vol. 2022, 2022.
  37. M. Sakurada and T. Yairi, “Anomaly detection using autoencoders with nonlinear dimensionality reduction,” in Proc. of the MLSDA 2014 2nd workshop on machine learning for sensory data analysis, 2014.
  38. L. Gondara, “Medical image denoising using convolutional denoising autoencoders,” in 2016 IEEE 16th international conference on data mining workshops (ICDMW), pp. 241–246, IEEE, 2016.
  39. Y. Bengio, L. Yao, G. Alain, and P. Vincent, “Generalized denoising auto-encoders as generative models,” Advances in neural information processing systems, vol. 26, 2013.
  40. E. Govorkova, E. Puljak, T. Aarrestad, T. James, V. Loncar, M. Pierini, A. A. Pol, N. Ghielmetti, M. Graczyk, S. Summers, et al., “Autoencoders on field-programmable gate arrays for real-time, unsupervised new physics detection at 40 mhz at the large hadron collider,” Nature Machine Intelligence, vol. 4, no. 2, pp. 154–161, 2022.
  41. Xilinx, “Zynq DPU v3.2,” 2020.
  42. F. Fons and M. Fons, “FPGA-based automotive ECU design addresses AUTOSAR and ISO 26262 standards,” Xcell journal, 2012.
  43. CAR Hacking Dataset, “https://ocslab.hksecurity.net/datasets/can-intrusion-dataset,” 2020.
  44. S. Wu, G. Li, F. Chen, and L. Shi, “Training and inference with integers in deep neural networks,” arXiv preprint arXiv:1802.04680, 2018.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
  1. Shashwat Khandelwal (11 papers)
  2. Shreejith Shanker (10 papers)
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets