CAN-ADF: The controller area network attack detection framework
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Tariq, Shahroz | - |
dc.contributor.author | Lee, Sangyup | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.contributor.author | Woo, Simon S. | - |
dc.date.accessioned | 2021-08-30T20:31:05Z | - |
dc.date.available | 2021-08-30T20:31:05Z | - |
dc.date.created | 2021-06-18 | - |
dc.date.issued | 2020-07 | - |
dc.identifier.issn | 0167-4048 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/54922 | - |
dc.description.abstract | In recent years, there has been significant interest in developing autonomous vehicles such as self-driving cars. In-vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is widely used as the de facto standard to provide serial communications between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed due to the lack of defense mechanisms in the CAN bus. In this work, we propose CAN Bus Message Attack Detection Framework (CAN-ADF) - a comprehensive anomaly generation, detection, and evaluation system for a CAN bus. In CAN-ADF, not only various anomalies and attack characteristics can be configured but also different detection methods, and visualization frameworks are provided to effectively detect those attacks and anomalies. For the detector, we employ both a rule-based approach crafted from dynamic network traffic characteristics and Recurrent Neural Networks (RNN). For evaluation, we use 7,875,791 in-vehicle CAN packets collected from real cars, KIA Soul and Hyundai Sonata. Our detection algorithm achieves accurate intrusion detection performance, with an average accuracy of 99.45% on CAN datasets, outperforming prior approach. Furthermore, we developed a visualization tool to validate the detection of anomalies by CAN-ADF and to find new patterns in the dataset. (C) 2020 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
dc.subject | RECURRENT NEURAL-NETWORKS | - |
dc.subject | PRACTICAL EXAMPLES | - |
dc.subject | SECURITY THREATS | - |
dc.title | CAN-ADF: The controller area network attack detection framework | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.doi | 10.1016/j.cose.2020.101857 | - |
dc.identifier.scopusid | 2-s2.0-85089239061 | - |
dc.identifier.wosid | 000536764600005 | - |
dc.identifier.bibliographicCitation | COMPUTERS & SECURITY, v.94 | - |
dc.relation.isPartOf | COMPUTERS & SECURITY | - |
dc.citation.title | COMPUTERS & SECURITY | - |
dc.citation.volume | 94 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.subject.keywordPlus | RECURRENT NEURAL-NETWORKS | - |
dc.subject.keywordPlus | PRACTICAL EXAMPLES | - |
dc.subject.keywordPlus | SECURITY THREATS | - |
dc.subject.keywordAuthor | Intrusion detection | - |
dc.subject.keywordAuthor | Security and privacy | - |
dc.subject.keywordAuthor | Recurrent neural network | - |
dc.subject.keywordAuthor | Controller area network | - |
dc.subject.keywordAuthor | In-Vehicle network | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
145 Anam-ro, Seongbuk-gu, Seoul, 02841, Korea+82-2-3290-2963
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.