Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
97 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

A Lightweight FPGA-based IDS-ECU Architecture for Automotive CAN (2401.12234v1)

Published 19 Jan 2024 in cs.AR, cs.CR, cs.LG, cs.SY, and eess.SY

Abstract: Recent years have seen an exponential rise in complex software-driven functionality in vehicles, leading to a rising number of electronic control units (ECUs), network capabilities, and interfaces. These expanded capabilities also bring-in new planes of vulnerabilities making intrusion detection and management a critical capability; however, this can often result in more ECUs and network elements due to the high computational overheads. In this paper, we present a consolidated ECU architecture incorporating an Intrusion Detection System (IDS) for Automotive Controller Area Network (CAN) along with traditional ECU functionality on an off-the-shelf hybrid FPGA device, with near-zero overhead for the ECU functionality. We propose two quantised multi-layer perceptrons (QMLP's) as isolated IDSs for detecting a range of attack vectors including Denial-of-Service, Fuzzing and Spoofing, which are accelerated using off-the-shelf deep-learning processing unit (DPU) IP block from Xilinx, operating fully transparently to the software on the ECU. The proposed models achieve the state-of-the-art classification accuracy for all the attacks, while we observed a 15x reduction in power consumption when compared against the GPU-based implementation of the same models quantised using Nvidia libraries. We also achieved a 2.3x speed up in per-message processing latency (at 0.24 ms from the arrival of a CAN message) to meet the strict end-to-end latency on critical CAN nodes and a 2.6x reduction in power consumption for inference when compared to the state-of-the-art IDS models on embedded IDS and loosely coupled IDS accelerators (GPUs) discussed in the literature.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (56)
  1. S. Nie, L. Liu, and Y. Du, “Free-fall: Hacking Tesla from wireless to CAN bus,” Briefing, Black Hat USA, vol. 25, pp. 1–16, 2017.
  2. K. Iehira, H. Inoue, and K. Ishida, “Spoofing attack using bus-off attacks against a specific ECU of the CAN bus,” in Proc. IEEE Communications & Networking Conference (CCNC), pp. 1–4, IEEE, 2018.
  3. Z. Cai, A. Wang, W. Zhang, M. Gruffke, and H. Schweppe, “0-days & mitigations: Roadways to exploit and secure connected BMW cars,” Black Hat USA, vol. 2019, p. 39, 2019.
  4. A. Greenberg, “After Jeep hack, Chrysler recalls 1.4 m vehicles for bug fix,” Wired, 2015.
  5. R. B. GmbH, “CAN Specification, Version 2.0,” 1991.
  6. U. E. Larson, D. K. Nilsson, and E. Jonsson, “An approach to specification-based attack detection for in-vehicle networks,” in Proc. IEEE Intelligent Vehicles Symposium, pp. 220–225, IEEE, 2008.
  7. C. Miller and C. Valasek, “Adventures in automotive networks and control units,” Def Con, vol. 21, no. 260-264, pp. 15–31, 2013.
  8. I. Studnia, E. Alata, V. Nicomette, M. Kaâniche, and Y. Laarouchi, “A language-based intrusion detection approach for automotive embedded networks,” International Journal of Embedded Systems, 2018.
  9. E. Seo, H. M. Song, and H. K. Kim, “GIDS: GAN based intrusion detection system for in-vehicle network,” in Proc. Conf. on Privacy, Security and Trust (PST), pp. 1–6, IEEE, 2018.
  10. H. M. Song, J. Woo, and H. K. Kim, “In-vehicle network intrusion detection using deep convolutional neural network,” Vehicular Communications, vol. 21, p. 100198, 2020.
  11. K. Agrawal, T. Alladi, A. Agrawal, V. Chamola, and A. Benslimane, “NovelADS: A Novel Anomaly Detection System for Intra-Vehicular Networks,” IEEE Transactions on Intelligent Transportation Systems, 2022.
  12. P. Cheng, K. Xu, S. Li, and M. Han, “TCAN-IDS: Intrusion Detection System for Internet of Vehicle Using Temporal Convolutional Attention Network,” Symmetry, vol. 14, no. 2, p. 310, 2022.
  13. H. Ma, J. Cao, B. Mi, D. Huang, Y. Liu, and S. Li, “A GRU-Based Lightweight System for CAN Intrusion Detection in Real Time,” Security and Communication Networks, vol. 2022, 2022.
  14. A. K. Desta, S. Ohira, I. Arai, and K. Fujikawa, “MLIDS: Handling Raw High-Dimensional CAN Bus Data Using Long Short-Term Memory Networks for Intrusion Detection in In-Vehicle Networks,” in Proc. Intl. Telecommunication Networks and Applications Conference (ITNAC), pp. 1–7, IEEE, 2020.
  15. K. Cho, J. Kim, D. Y. Choi, Y. H. Yoon, J. H. Oh, S. E. Lee, et al., “An FPGA-based ECU for remote reconfiguration in automotive systems,” Micromachines, vol. 12, no. 11, p. 1309, 2021.
  16. S. Shreejith, S. A. Fahmy, and M. Lukasiewycz, “Reconfigurable computing in next-generation automotive networks,” IEEE Embedded Systems Letters, vol. 5, no. 1, pp. 12–15, 2013.
  17. Zynq-Ultrascale-Plus-Product-Selection-Guide, “https://www.xilinx.com/content/dam/xilinx/support/documents/selection-guides/zynq-ultrascale-plus-product-selection-guide.pdf,” 2018.
  18. K. Vipin, S. Shreejith, S. A. Fahmy, and A. Easwaran, “Mapping time-critical safety-critical cyber physical systems to hybrid FPGAs,” in Proc. Intl. Conf. on Cyber-Physical Systems, Networks, and Applications, pp. 31–36, 2014.
  19. R. B. GmbH, Engine Control Unit MS 6. Robert Bosch GmbH,, 2015.
  20. F. Hartwich et al., “CAN with flexible data-rate,” in Proc. iCC, pp. 1–9, Citeseer, 2012.
  21. M. Bozdal, M. Samie, and I. Jennions, “A Survey on CAN Bus Protocol: Attacks, Challenges, and Potential Solutions,” in Proc. Intl. Conf. on Computing, Electronics Communications Engineering (iCCECE), pp. 201–205, 2018.
  22. S. Mukherjee, H. Shirazi, I. Ray, J. Daily, and R. Gamble, “Practical DoS attacks on embedded networks in commercial vehicles,” in Proc. Intl Conference on Information Systems Security, Springer, 2016.
  23. M. Enev, A. Takakuwa, K. Koscher, and T. Kohno, “Automobile Driver Fingerprinting.,” Proc. Priv. Enhancing Technol., vol. 2016, no. 1, pp. 34–50, 2016.
  24. K. Koscher, S. Savage, F. Roesner, S. Patel, T. Kohno, A. Czeskis, D. McCoy, B. Kantor, D. Anderson, H. Shacham, et al., “Experimental security analysis of a modern automobile,” in Proc. IEEE Symposium on Security and Privacy, pp. 447–462, IEEE Computer Society, 2010.
  25. A. Palanca, E. Evenchick, F. Maggi, and S. Zanero, “A stealth, selective, link-layer denial-of-service attack against automotive networks,” in Proc. Intl. Conf. on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 185–206, Springer, 2017.
  26. O. Y. Al-Jarrah, C. Maple, M. Dianati, D. Oxtoby, and A. Mouzakitis, “Intrusion detection systems for intra-vehicle networks: A review,” IEEE Access, vol. 7, pp. 21266–21289, 2019.
  27. T. P. Vuong, G. Loukas, and D. Gan, “Performance evaluation of cyber-physical intrusion detection on a robotic vehicle,” in Proc. Intl. Conf. on Computer and Information Technology, pp. 2106–2113, IEEE, 2015.
  28. S. N. Narayanan, S. Mittal, and A. Joshi, “Using data analytics to detect anomalous states in vehicles,” arXiv preprint arXiv:1512.08048, 2015.
  29. M. Weber, S. Klug, E. Sax, and B. Zimmer, “Embedded hybrid anomaly detection for automotive CAN communication,” in Proc. European Congress on Embedded Real Time Software and Systems, 2018.
  30. D. K. Vasistha, Detecting anomalies in controller area network for automobiles. PhD thesis, 2017.
  31. K.-T. Cho and K. G. Shin, “Fingerprinting electronic control units for vehicle intrusion detection,” in 25th {normal-{\{{USENIX}normal-}\}} Security Symposium ({normal-{\{{USENIX}normal-}\}} Security 16), pp. 911–927, 2016.
  32. K.-T. Cho and K. G. Shin, “Viden: Attacker identification on in-vehicle networks,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1109–1123, 2017.
  33. H. Lee, S. H. Jeong, and H. K. Kim, “OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame,” in 2017 15th Annual Conference on Privacy, Security and Trust (PST), pp. 57–5709, IEEE, 2017.
  34. W. Wu, Y. Huang, R. Kurachi, G. Zeng, G. Xie, R. Li, and K. Li, “Sliding window optimized information entropy analysis method for intrusion detection on in-vehicle networks,” IEEE Access, vol. 6, 2018.
  35. A. Alshammari, M. A. Zohdy, D. Debnath, and G. Corser, “Classification approach for intrusion detection in vehicle systems,” Wireless Engineering and Technology, vol. 9, no. 4, pp. 79–94, 2018.
  36. L. Yang, A. Moubayed, I. Hamieh, and A. Shami, “Tree-based intelligent intrusion detection system in internet of vehicles,” in 2019 IEEE global communications conference (GLOBECOM), pp. 1–6, IEEE, 2019.
  37. S. Khandelwal, E. Wadhwa, and S. Shreejith, “Deep Learning-based Embedded Intrusion Detection System for Automotive CAN,” in Proc. Intl. Conf. on Application-specific Systems, Architectures and Processors (ASAP), pp. 88–92, IEEE, 2022.
  38. S. Khandelwal and S. Shreejith, “A Lightweight Multi-Attack CAN Intrusion Detection System on Hybrid FPGAs,” in Proc. Intl. Conf. on Field Programmable Logic and Applications (FPL), pp. 425–429, IEEE, 2022.
  39. P. F. De Araujo-Filho, A. J. Pinheiro, G. Kaddoum, D. R. Campelo, and F. L. Soares, “An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks with a Low-Cost Platform,” IEEE Access, vol. 9, pp. 166855–166869, 2021.
  40. A. K. Desta, S. Ohira, I. Arai, and K. Fujikawa, “Rec-CNN: In-vehicle networks intrusion detection using convolutional neural networks trained on recurrence plots,” Vehicular Communications, 2022.
  41. L. Yang, A. Moubayed, and A. Shami, “MTH-IDS: A Multitiered Hybrid Intrusion Detection System for Internet of Vehicles,” IEEE Internet of Things Journal, vol. 9, no. 1, pp. 616–632, 2021.
  42. Q. Xiao, Y. Liang, L. Lu, S. Yan, and Y.-W. Tai, “Exploring heterogeneous algorithms for accelerating deep convolutional neural networks on FPGAs,” in Proc. Design Automation Conference, pp. 1–6, 2017.
  43. “A survey and taxonomy of FPGA-based deep learning accelerators,” Journal of Systems Architecture, vol. 98, pp. 331–345, 2019.
  44. C. Wang, L. Gong, Q. Yu, X. Li, Y. Xie, and X. Zhou, “DLAU: A scalable deep learning accelerator unit on FPGA,” IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 36, no. 3, pp. 513–517, 2016.
  45. H. Sharma, J. Park, E. Amaro, B. Thwaites, P. Kotha, A. Gupta, J. K. Kim, A. Mishra, and H. Esmaeilzadeh, “Dnnweaver: From high-level deep network models to FPGA acceleration,” in The Workshop on Cognitive Architectures, 2016.
  46. E. Wang, J. J. Davis, P. Y. Cheung, and G. A. Constantinides, “LUTNet: Rethinking inference in FPGA soft logic,” in Proc. Intl. Symposium on Field-Programmable Custom Computing Machines, IEEE, 2019.
  47. Y. Umuroglu, N. J. Fraser, G. Gambardella, M. Blott, P. Leong, M. Jahre, and K. Vissers, “Finn: A framework for fast, scalable binarized neural network inference,” in Proc. Intl. Symposium on Field-Programmable Gate Arrays (FPGA), pp. 65–74, 2017.
  48. Xilinx, “Vitis AI User Guide,” 2021.
  49. Xilinx, “Zynq DPU v3.2,” 2020.
  50. S. Shreejith and S. A. Fahmy, “Smart network interfaces for advanced automotive applications,” IEEE Micro, vol. 38, no. 2, pp. 72–80, 2018.
  51. F. Fons and M. Fons, “FPGA-based automotive ECU design addresses AUTOSAR and ISO 26262 standards,” Xcell journal, vol. 78, p. 20, 2012.
  52. J. Zhou, P. Joshi, H. Zeng, and R. Li, “Btmonitor: Bit-time-based intrusion detection and attacker identification in controller area network,” ACM Transactions on Embedded Computing Systems (TECS), vol. 18, no. 6, pp. 1–23, 2019.
  53. Y. Yang, Z. Duan, and M. Tehranipoor, “Identify a Spoofing Attack on an In-Vehicle CAN Bus Based on the Deep Features of an ECU Fingerprint Signal,” Smart Cities, vol. 3, no. 1, pp. 17–30, 2020.
  54. M. Casillo, S. Coppola, M. De Santo, F. Pascale, and E. Santonicola, “Embedded Intrusion Detection System for Detecting Attacks over CAN-BUS,” in Proc. Intl. Conf. on System Reliability and Safety (ICSRS), pp. 136–141, 2019.
  55. CAR Hacking Dataset, “https://ocslab.hksecurity.net/datasets/can-intrusion-dataset,” 2020.
  56. S. Wu, G. Li, F. Chen, and L. Shi, “Training and inference with integers in deep neural networks,” arXiv preprint arXiv:1802.04680, 2018.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
  1. Shashwat Khandelwal (11 papers)
  2. Shreejith Shanker (10 papers)
Citations (7)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now