Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
169 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic (2402.14862v1)

Published 21 Feb 2024 in cs.CR, cs.LG, and cs.NI

Abstract: Scalable service-Oriented Middleware over IP (SOME/IP) is an Ethernet communication standard protocol in the Automotive Open System Architecture (AUTOSAR), promoting ECU-to-ECU communication over the IP stack. However, SOME/IP lacks a robust security architecture, making it susceptible to potential attacks. Besides, random hardware failure of ECU will disrupt SOME/IP communication. In this paper, we propose SISSA, a SOME/IP communication traffic-based approach for modeling and analyzing in-vehicle functional safety and cyber security. Specifically, SISSA models hardware failures with the Weibull distribution and addresses five potential attacks on SOME/IP communication, including Distributed Denial-of-Services, Man-in-the-Middle, and abnormal communication processes, assuming a malicious user accesses the in-vehicle network. Subsequently, SISSA designs a series of deep learning models with various backbones to extract features from SOME/IP sessions among ECUs. We adopt residual self-attention to accelerate the model's convergence and enhance detection accuracy, determining whether an ECU is under attack, facing functional failure, or operating normally. Additionally, we have created and annotated a dataset encompassing various classes, including indicators of attack, functionality, and normalcy. This contribution is noteworthy due to the scarcity of publicly accessible datasets with such characteristics.Extensive experimental results show the effectiveness and efficiency of SISSA.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (49)
  1. M. Iorio, A. Buttiglieri, M. Reineri, F. Risso, R. Sisto, and F. Valenza, “Protecting in-vehicle services: Security-enabled some/ip middleware,” IEEE Vehicular Technology Magazine, vol. 15, no. 3, pp. 77–85, 2020.
  2. AUTOSAR. (2022) SOME/IP Protocol Specification. Accessed on 20 April 2023. [Online]. Available: https://www.autosar.org/fifleadmin/standards/R22-11/FO/AUTOSAR_PRS_SOMEIPProtocol.pdf
  3. D. Zelle, T. Lauser, D. Kern, and C. Krauß, “Analyzing and securing some/ip automotive services with formal and practical methods,” in Proceedings of the 16th International Conference on Availability, Reliability and Security, 2021, pp. 1–20.
  4. M. Iorio, M. Reineri, F. Risso, R. Sisto, and F. Valenza, “Securing some/ip for in-vehicle service protection,” IEEE Transactions on Vehicular Technology, vol. 69, no. 11, pp. 13 450–13 466, 2020.
  5. C. Miller and C. Valasek, “Remote exploitation of an unaltered passenger vehicle,” Black Hat USA, vol. 2015, no. S 91, pp. 1–91, 2015.
  6. International Organization for Standardization (ISO), “ISO-26262: Road Vehicles - Functional Safety,” International Organization for Standardization, Tech. Rep., Dec. 2016.
  7. E. Ruijters and M. Stoelinga, “Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools,” Computer science review, vol. 15, pp. 29–62, 2015.
  8. A. S. of Quality (ASQ). Failure Modes and Effects Analysis (FMEA). [Online]. Available: http://asq.org/learn-aboutquality/process-analysis-tools/overview/fmea.html
  9. J.-P. Signoret and A. Leroy, “Hazard and operability study (hazop),” Reliability Assessment of Safety and Production Systems: Analysis. Modelling. Calculations and Case Studies, pp. 157–164, 2021.
  10. C. Schmittner, Z. Ma, and P. Smith, “Fmvea for safety and security analysis of intelligent and cooperative vehicles,” in Computer Safety, Reliability, and Security: SAFECOMP 2014 Workshops: ASCoMS, DECSoS, DEVVARTS, ISSE, ReSA4CI, SASSUR. Florence, Italy, September 8-9, 2014. Proceedings 33.   Springer, 2014, pp. 282–288.
  11. W. Young and R. Porada, “System-theoretic process analysis for security (stpa-sec): Cyber security and stpa,” in 2017 STAMP Conference, 2017.
  12. J. Cui and B. Zhang, “Vera: A simplified security risk analysis method for autonomous vehicles,” IEEE Transactions on Vehicular Technology, vol. 69, no. 10, pp. 10 494–10 505, 2020.
  13. M. Müter and N. Asaj, “Entropy-based anomaly detection for in-vehicle networks,” in 2011 IEEE Intelligent Vehicles Symposium (IV).   IEEE, 2011, pp. 1110–1115.
  14. C. Miller and C. Valasek, “Adventures in automotive networks and control units,” Def Con, vol. 21, no. 260-264, pp. 15–31, 2013.
  15. M. Müter, A. Groll, and F. C. Freiling, “A structured approach to anomaly detection for in-vehicle networks,” in 2010 Sixth International Conference on Information Assurance and Security.   IEEE, 2010, pp. 92–98.
  16. K.-T. Cho and K. G. Shin, “Fingerprinting electronic control units for vehicle intrusion detection,” in 25th USENIX Security Symposium (USENIX Security 16), 2016, pp. 911–927.
  17. Y. Xun, Y. Zhao, and J. Liu, “Vehicleeids: A novel external intrusion detection system based on vehicle voltage signals,” IEEE Internet of Things Journal, vol. 9, no. 3, pp. 2124–2133, 2021.
  18. W. Choi, K. Joo, H. J. Jo, M. C. Park, and D. H. Lee, “Voltageids: Low-level communication characteristics for automotive intrusion detection system,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 8, pp. 2114–2129, 2018.
  19. N. Alkhatib, H. Ghauch, and J.-L. Danger, “Some/ip intrusion detection using deep learning-based sequential models in automotive ethernet networks,” in 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON).   IEEE, 2021, pp. 0954–0962.
  20. F. Luo, Z. Yang, Z. Zhang, Z. Wang, B. Wang, and M. Wu, “A multi-layer intrusion detection system for some/ip-based in-vehicle network,” Sensors, vol. 23, no. 9, p. 4376, 2023.
  21. N. Alkhatib, M. Mushtag, H. Ghauch et al., “Here comes said: A some/ip attention-based mechanism for intrusion detection,” in Proceedings of the Fourteenth International Conference on Ubiquitous and Future Networks (ICUFN).   IEEE, 2023, pp. 462–467.
  22. T. Gehrmann and P. Duplys, “Intrusion detection for some/ip: Challenges and opportunities,” in 2020 23rd Euromicro Conference on Digital System Design (DSD).   IEEE, 2020, pp. 583–587.
  23. AUTOSAR, “SOME/IP Protocol Specification,” in In AUTOSAR Foundation Release R19-11.   Munich, Germany: AUTOSAR, 2019, p. 696.
  24. AUTOSAR. (2022) SOME/IP Service Discovery Protocol Specification. Accessed on 20 April 2023. [Online]. Available: https://www.autosar.org/fifileadmin/standards/R22-11/FO/AUTOSAR_PRS_SOMEIPServiceDiscoveryProtocol.pdf
  25. F. Luo, Y. Jiang, Z. Zhang, Y. Ren, and S. Hou, “Threat analysis and risk assessment for connected vehicles: A survey,” Security and Communication Networks, vol. 2021, pp. 1–19, 2021.
  26. O. Henniger, A. Ruddle, H. Seudié, B. Weyl, M. Wolf, and T. Wollinger, “Securing vehicular on-board it systems: The evita project,” in VDI/VW Automotive Security Conference, 2009, p. 41.
  27. SAE Vehicle Electrical System Security Committee, “SAE J3061 Cybersecurity Guidebook for Cyber-Physical Automotive Systems,” SAE Standard, Warrendale, PA, USA, Work-in-Progress, 2017.
  28. J.-P. Monteuuis, A. Boudguiga, J. Zhang, H. Labiod, A. Servel, and P. Urien, “Sara: Security automotive risk analysis method,” in Proceedings of the 4th ACM Workshop on Cyber-Physical System Security, 2018, pp. 3–14.
  29. S. Kim, R. Shrestha, S. Kim, and R. Shrestha, “Internet of vehicles, vehicular social networks, and cybersecurity,” Automotive cyber security: introduction, challenges, and standardization, pp. 149–181, 2020.
  30. D. Ren, S. Du, and H. Zhu, “A novel attack tree based risk assessment approach for location privacy preservation in the vanets,” in 2011 IEEE International Conference on Communications (ICC).   IEEE, 2011, pp. 1–5.
  31. B. Ma, S. Yang, Z. Zuo, B. Zou, Y. Cao, X. Yan, S. Zhou, and J. Li, “An authentication and secure communication scheme for in-vehicle networks based on some/ip,” Sensors, vol. 22, no. 2, p. 647, 2022.
  32. A. Casparsen, D. G. Sϕitalic-ϕ\phiitalic_ϕrensen, J. N. Andersen, J. I. Christensen, P. Antoniou, R. Krϕitalic-ϕ\phiitalic_ϕyer, T. Madsen, and K. Gjoerup, “Closing the security gaps in some/ip through implementation of a host-based intrusion detection system,” in 2022 25th International Symposium on Wireless Personal Multimedia Communications (WPMC).   IEEE, 2022, pp. 436–441.
  33. T. Koyama, M. Tanaka, A. Miyajima, S. Ukai, T. Sugashima, and M. Egawa, “Some/ip intrusion detection system using real-time and retroactive anomaly detection,” in 2022 IEEE 95th Vehicular Technology Conference:(VTC2022-Spring).   IEEE, 2022, pp. 1–7.
  34. S. Lee, W. Choi, and D. H. Lee, “Protecting some/ip communication via authentication ticket,” Sensors, vol. 23, no. 14, p. 6293, 2023.
  35. G. Zhang, Q. Liu, C. Cao, J. Li, and Y. Li, “Bit scanner: Anomaly detection for in-vehicle can bus using binary sequence whitelisting,” Computers & Security, vol. 134, p. 103436, 2023.
  36. A. Taylor, N. Japkowicz, and S. Leblanc, “Frequency-based anomaly detection for the automotive can bus,” in 2015 World Congress on Industrial Control Systems Security (WCICSS).   IEEE, 2015, pp. 45–49.
  37. H. M. Song, H. R. Kim, and H. K. Kim, “Intrusion detection system based on the analysis of time intervals of can messages for in-vehicle network,” in 2016 international conference on information networking (ICOIN).   IEEE, 2016, pp. 63–68.
  38. A. R. Javed, S. Ur Rehman, M. U. Khan, M. Alazab, and T. Reddy, “Canintelliids: Detecting in-vehicle intrusion attacks on a controller area network using cnn and attention-based gru,” IEEE transactions on network science and engineering, vol. 8, no. 2, pp. 1456–1466, 2021.
  39. E. Seo, H. M. Song, and H. K. Kim, “Gids: Gan based intrusion detection system for in-vehicle network,” in 2018 16th Annual Conference on Privacy, Security and Trust (PST).   IEEE, 2018, pp. 1–6.
  40. T. He, L. Zhang, F. Kong, and A. Salekin, “Exploring inherent sensor redundancy for automotive anomaly detection,” in 2020 57th ACM/IEEE Design Automation Conference (DAC).   IEEE, 2020, pp. 1–6.
  41. L. Xue, Y. Liu, T. Li, K. Zhao, J. Li, L. Yu, X. Luo, Y. Zhou, and G. Gu, “{{\{{SAID}}\}}: State-aware defense against injection attacks on in-vehicle network,” in 31st USENIX Security Symposium (USENIX Security 22), 2022, pp. 1921–1938.
  42. AUTOSAR, “AUTOSAR software specification: Diagnostic event manager,” https://www.autosar.org/fileadmin/standards/R20-11/CP/AUTOSAR_SWS_DiagnosticEventManager.pdf, 2020.
  43. V. Prasanth, D. Foley, and S. Ravi, “Demystifying automotive safety and security for semiconductor developer,” in 2017 IEEE International Test Conference (ITC).   IEEE, 2017, pp. 1–10.
  44. A. Kleyner and R. Knoell, “Calculating probability metric for random hardware failures (pmhf) in the new version of iso 26262 functional safety-methodology and case studies,” SAE Technical Paper, Tech. Rep., 2018.
  45. R. Zhao, Y. Wang, Z. Xue, T. Ohtsuki, B. Adebisi, and G. Gui, “Semi-supervised federated learning based intrusion detection method for internet of things,” IEEE Internet of Things Journal, 2022.
  46. W. Chen, F. Lyu, F. Wu, P. Yang, and J. Ren, “Flag: Flexible, accurate, and long-time user load prediction in large-scale wifi system using deep rnn,” IEEE Internet of Things Journal, vol. 8, no. 22, pp. 16 510–16 521, 2021.
  47. J. Gao, L. Gan, F. Buschendorf, L. Zhang, H. Liu, P. Li, X. Dong, and T. Lu, “Omni scada intrusion detection using deep learning algorithms,” IEEE Internet of Things Journal, vol. 8, no. 2, pp. 951–961, 2020.
  48. Egomania. (2016) Some-ip generator. [Online]. Available: https://github.com/Egomania/SOME-IP_Generator
  49. IEEE 802.1 Working Group. (2019) Ieee 802.1 time-sensitive networking task group. [Online]. Available: https://1.ieee802.org/tsn/802-1dg/

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now