Anomaly intrusion detection method for vehicular networks based on survival analysis

Abstract

In recent years, alongside with the convergence of In-vehicle network (IVN) and wireless communication technology, vehicle communication technology has been steadily progressing. Furthermore, communication with various external networks-such as cloud, vehicle-to-vehicle (V2V), and vehicle-to-infrastructure (V2I) communication networks-further reinforces the connectivity between the inside and outside of a vehicle. On the contrary, this means that the functions of existing vehicles using computer-assisted mechanical mechanisms can be manipulated and controlled by a malicious packet attack. Therefore, diversified and advanced architectures of vehicle systems can significantly increase the accessibility of the system to hackers and the possibility of an attack. This paper proposes an intrusion detection method for vehicular networks based on the survival analysis model. Our main aims were to identify malicious CAN messages and accurately detect the normality and abnormality of a vehicle network without semantic knowledge of the CAN ID function. To this end, normal and abnormal driving data were extracted from three different types of vehicles and we evaluated the performance of our proposed method by measuring the accuracy and the time complexity of anomaly detection by considering three attack scenarios and the periodic characteristics of CAN IDs. Based on the results, we concluded that a CAN ID with a long cycle affects the detection accuracy and the number of CAN IDs affects the detection speed. The difference in the detection accuracy between applying all CAN IDs and CAN IDs with a short cycle is not considerable with some differences observed in the detection accuracy depending on the chunk size and the specific attack type. High detection accuracy and low computational cost will be the essential factors for realtime processing of IVN security. Taken together, the results of the present study contribute to the current understanding of how to correctly manage vehicle communications for vehicle security and driver safety. (C) 2018 Elsevier Inc. All rights reserved.