基于帧间隔-总线电压混合特征的汽车ECU伪装攻击识别

doi:10.19562/j.chinasae.qcgc.2023.11.008

摘要/Abstract

摘要：

汽车的网联化和智能化发展提高了汽车内部总线CAN（controller aera network）网络被入侵的风险。不像以太网具有完善的身份认证机制和加密传输协议，总线CAN网络采用明文传输数据，其报文非常容易被非法ECU窃取和攻击。因此，如何设计车载的入侵检测系统识别ECU的非法篡改和伪装攻击成为当前汽车网络安全研究的重点和难点。基于此，本文提出了基于帧间隔-总线电压混合特征提取的汽车ECU伪装攻击识别技术。首先，借助嵌入式设备的时间戳机制获取报文帧的帧间隔时间；同时，采样汽车总线网络的电压信号，并采用快速信号处理技术获取总线电压的特征参数（如电压众数和边沿时间等），以此构建ECU识别的指纹特征（即混合特征参数，包含帧间隔时间、电压众数、位时间、边沿时间等）。然后，利用轻量化的Softmax学习算法训练IDS模型并在线识别潜在的伪装攻击等非法入侵行为。为了验证所提方法的有效性，本文开展了基于ECU设备的硬件试验测试；结果表明，所提方法对所有合法ECU的识别精度高达98.33%，即可以通过甄别报文消息源头判断非法入侵；并且相较于传统的基于单特征指纹的方法，本文所提方法能够提高7%左右的识别精度。

关键词: 智能网联汽车, 总线网络, 伪装攻击, 混合特征提取

Abstract:

The development of networking and intelligence in automobiles has intensified the intrusion risk of automotive CAN （Controller Aera Network）. Unlike Ethernet networks with well-established identity authentication mechanisms and encrypted transmission protocols， CAN bus adopts the plaintext means of data， making the messages easily stolen and attacked by illegal ECUs. Therefore， how to design an onboard intrusion detection system （IDS） to identify illegal tampering and disguise attacks has become a key and difficult issue. Accordingly， an automotive ECU camouflage attack recognition technology based on frame interval and bus voltage hybrid feature extraction is proposed in this paper. Firstly， the frame intervals of the message frame are obtained using the timestamp mechanism of the embedded device. Meanwhile， voltage signals of the automotive bus network are sampled， and the characteristic parameters of the bus voltage （such as voltage mode and edge time） are obtained using fast signal processing technology. Thus， the hybrid features including the frame intervals， voltage modes， bit time， edge time are formulated to construct the ECU fingerprints. Then， the lightweight Softmax learning algorithm is used to train the IDS model and identify potential illegal intrusion behaviors such as disguised attacks online. In order to verify the effectiveness of the proposed method， hardware experiments based on ECU devices are conducted in this paper， and the results show that the recognition accuracy of the proposed method for all ECUs is as high as 98.33%， with illegal intrusion identified by the sources of messages. Compared to traditional methods based on single feature fingerprints， the method proposed in this article can improve recognition accuracy by about 7%.

Key words: intelligent connected vehicle, bus network, masquerade attack, hybrid-feature extraction

刘浩天,魏洪乾,时培成,张幽彤. 基于帧间隔-总线电压混合特征的汽车ECU伪装攻击识别[J]. 汽车工程, 2023, 45(11): 2070-2081.

Haotian Liu,Hongqian Wei,Peicheng Shi,Youtong Zhang. The Masquerade Intrusion Detection Technique for Automotive ECUs Based on the Hybrid Feature Extraction of Frame Intervals and Bus Voltages[J]. Automotive Engineering, 2023, 45(11): 2070-2081.

图/表 22

图1

图2

图3

图4

图5

表1

图6

图7

图8

表2

图9

图10

图11

图12

表3

图13

图14

表4

图15

表5

未考虑比特填充机制的数据集"

编号	$T b i t$ /μs	$T p l a t$ /μs	电压/V	帧间隔/ms	标号
1	2.021 4	1.975 6	2.253 603	100.028	1
2	2.020 2	1.974 9	2.241 724	99.999	1
3	2.019 0	1.975 0	2.241 932	100.017	1
…	…	…	…	…	…
853	2.017 6	1.975 3	2.247 594	99.983	2
854	2.016 1	1.973 6	2.245 453	99.985	2
855	2.014 6	1.973 9	2.244 266	99.990	2
…	…	…	…	…	…
4 849	2.057 8	1.965 9	2.171 069	100.005	6
4 850	2.057 9	1.966 2	2.184 569	99.985	6

表5

表6

图16

参考文献 23

1	GANESAN A， RAO J， SHIN K. Exploiting consistency among heterogeneous sensors for vehicle anomaly detection［C］. SAE Paper 2017-01-1654.
2	TAN Z， DAI N， SU Y， et al.Human-machine interaction in intelligent and connected vehicles： a review of status quo， issues and opportunities［J］IEEE Transactions on Intelligent Transportation Systems， 2021.
3	SIEGEL J E， ERB D C， SARMA S E. A survey of the connected vehicle landscape-architectures， enabling technologies， applications， and development areas［J］. IEEE Transactions on Intelligent Transportation Systems， 2017， 19（8）： 2391-2406.
4	SU Z， DAI M， XU Q， et al. Uav enabled content distribution for internet of connected vehicles in 5G heterogeneous networks［J］IEEE Transactions on Intelligent Transportation Systems， 2021，22（8）： 5091-5102.
5	冯志杰，何明，李彬，等.汽车信息安全攻防关键技术研究进展［J］.信息安全学报，2017，2（2）：1-14.
	FENG Z J， HE M， LI B， et al. Research progress on key technologies of automobile information security attack and defense［J］. Journal of Cyber Security，2017，2（2）：1-14.
6	DANESHVAR E， OK Y S， TAVAKOLI S， et al.Insights into upstream processing of microalgae： a review［J］ Bioresource Technology， 2021， 329：124870.
7	ZENG W， KHALID M A S， CHOWDHURY S. In-vehicle networks outlook： achievements and challenges［J］. IEEE Communications Surveys & Tutorials， 2016， 18（3）： 1552-1571.
8	NISHIKAWA K， HONTANI K. Challenges towards new software platform for automated driving and high computational ECU’s［C］. 2018 9th Vector Congress， 2018.
9	LOMBARDI M， PASCALE F， SANTANIELLO D.Two-step algorithm to detect cyber-attack over the can-bus： a preliminary case study in connected vehicles［J］.ASCE-ASME Journal of Risk and Uncertainty in Engineering Systems， Part B：Mechanical Engineering， 2022.
10	LIN C W，SANGIOVANNI-VINCENTELLI A.Cyber-security for the controller area network （CAN） communication protocol［C］. International Conference on Cyber Security， 2012.
11	GROZA B，MURVAY P S.Security solutions for the controller area network： bringing authentication to in-vehicle networks［J］. IEEE Vehicular Technology Magazine， 2018，13（1）： 40-47.
12	JO H J，CHOI W. A survey of attacks on controller area networks and corresponding countermeasures［J］. IEEE Transactions on Intelligent Transportation Systems， 2021.
13	LEE Hyunsung， JEONG Seong Hoon， KIM Huy Kang. OTIDS： a novel intrusion detection system for in-vehicle network by using remote frame［C］. Proc of 15th Annual Conference on Privacy， Security and Trust （PST）. IEEE， 2017： 57-5709.
14	CHO Kyong-Tak， SHIN Kang G， PARK Taejoon. CPS approach to checking norm operation of a brake-by-wire system［C］. Proc of Proceedings of the ACM/IEEE Sixth International Conference on Cyber-Physical Systems， 2015： 41-50.
15	MURVAY Pal-Stefan， GROZA Bogdan. Source identification using signal characteristics in controller area networks［J］. IEEE Signal Processing Letters， 2014， 21（4）： 395-399.
16	CHO K T， SHIN K G.Viden： attacker identification on in-vehicle networks［C］. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security， 2017： 1109-1123.
17	CHOI W， JOO K， JO H J， et al. VoltageIDS： low-level communication characteristics for automotive intrusion detection system［J］. IEEE Transactions on Information Forensics and Security，2018， 13（8）： 2114-2129.
18	JO H J， KIM J H， CHOI H Y， et al.MAuth-CAN： masquerade-attack-proof authentication for in-vehicle networks［J］. IEEE Transactions on Vehicular Technology， 2020， 69（2）：2204-2218.
19	FOSTER I， PRUDHOMME A， KOSCHER K， et al. Fast and vulnerable： a story of telematic failures［C］. Proc of 9th USENIX Workshop on Oﬀensive Technologies （WOOT 15），2015.
20	SAGONG S U， YING X， CLARK A， et al. Cloaking the clock： emulating clock skew in controller area networks［C］. Proc of ACM/IEEE International Conference on Cyber-Physical Systems，2018： 32-42.
21	YING X， SAGONG S U， CLARK A， et al. Shape of the cloak： formal analysis of clock skew-based intrusion detection system in controller area networks［J］. IEEE Transactions on Information Forensics and Security， 2019， 14（9）： 2300-2323.
22	FARSI M， RATCLIFF K， BARBOSA M.An overview of controller area network［J］.Computing & Control Engineering Journal，1999， 10（3）：113-120.
23	SONG H M， KIM H K. CAN network intrusion datasets ［DB/OL］. （2018-12-30）［2020-08-26］. https：//ocslab.hksecurity.net/Datasets/CA-N-intrusion-dalaset.

编号	位时间/平台时间/μs					电压/V	时间间隔/ms	标号
编号	1位宽	2位宽	3位宽	4位宽	5位宽	电压/V	时间间隔/ms	标号
1	2.054 4/1.912 8	4.069 3/3.931 3	6.063 2/5.924 1	8.056 7/7.923 3	10.040 3/9.912 2	2.253 603	100.028	1
2	2.064 4/1.925 6	4.062 1/3.922 4	6.075 4/5.942 4	8.056 7/7.923 3	10.058 3/9.920 4	2.241 724	99.999	1
3	2.054 2/1.919 1	4.056 7/3.925 1	6.053 0/5.922 1	8.053 3/7.926 7	10.063 3/9.927 6	2.241 932	100.017	1
…	…	…	…	…	…	…	…	…
853	2.048 3/1.925 3	4.046 2/3.924 6	6.062 1/5.935 2	8.052 1/7.920 4	10.035 7/9.924 5	2.247 594	99.983	2
854	2.044 3/1.916 4	4.051 7/3.924 2	6.059 5/5.925 4	8.043 3/7.916 7	10.053 0/9.931 1	2.245 453	99.985	2
855	2.048 7/1.923 3	4.057 1/3.934 3	6.038 2/5.918 3	8.052 1/7.924 6	10.049 5/9.930 0	2.244 266	99.990	2
…	…	…	…	…	…	…	…	…
4 849	2.180 2/1.904 0	4.172 5/3.903 7	6.170 0/5.902 2	8.173 3/7.896 7	10.167 5/9.897 5	2.171 069	100.005	6
4 850	2.178 3/1.920 8	4.176 7/3.896 7	6.170 0/5.895 5	8.170 2/7.903 0	10.168 6/9.895 7	2.184 569	99.985	6

样本容量	均值/%	最大值/%	最小值/%	波动区间/%
60	96.67	100.00	93.33	（-3.45，3.45）
120	97.67	99.17	95.83	（-1.88，1.54）
180	97.56	98.89	96.11	（-1.48，1.37）
240	97.21	98.33	95.00	（-2.27，1.16）
300	97.83	99.67	96.33	（-1.53，1.87）
360	97.56	98.06	96.39	（-1.20，0.51）
420	97.60	98.81	96.67	（-0.95，1.24）
480	97.50	98.33	96.25	（-1.28，0.85）
540	97.72	98.56	96.78	（-0.96，0.86）
600	98.11	98.80	97.46	（-0.66，0.70）

训练次数	准确率/%	均值/%
1	98.27	98.33
2	98.18
3	98.51
4	98.40
5	98.43
6	98.22
7	98.18
8	98.17
9	98.51
10	98.43

训练次数	准确率/%	均值/%
1	96.55	96.37
2	96.54
3	96.38
4	96.55
5	97.04
6	96.22
7	95.56
8	96.79
9	96.63
10	95.47

[1]	胡林,谷子逸,王丹琦,王方,邹铁方,黄晶. 汽车安全性测评规程现状及趋势展望[J]. 汽车工程, 2024, 46(2): 187-200.
[2]	关书睿,李克强,周俊宇,石佳,孔伟伟,罗禹贡. 面向强制换道场景的智能网联汽车协同换道策略[J]. 汽车工程, 2024, 46(2): 201-210.
[3]	王庞伟,刘程,汪云峰,张名芳. 面向城市道路的智能网联汽车多车道轨迹优化方法[J]. 汽车工程, 2024, 46(2): 241-252.
[4]	左政,王云鹏,麻斌,邹博松,曹耀光,杨世春. 基于AFC-TARA的车载网络组件风险率量化评估分析[J]. 汽车工程, 2023, 45(9): 1553-1562.
[5]	李升波,占国建,蒋宇轩,兰志前,张宇航,邹文俊,陈晨,成波,李克强. 类脑学习型自动驾驶决控系统的关键技术[J]. 汽车工程, 2023, 45(9): 1499-1515.
[6]	刘济铮,王震坡,孙逢春,张雷. 异构智能网联汽车编队延迟补偿控制研究[J]. 汽车工程, 2023, 45(9): 1573-1582.
[7]	吴思宇,于文浩,邢星宇,张玉新,李楚照,李雪轲,古昕昱,李云巍,马小涵,路伟,王政,郝圳茂,王红,李骏. 基于关键场景的预期功能安全双闭环测试验证方法[J]. 汽车工程, 2023, 45(9): 1583-1607.
[8]	边有钢,张田田,谢和平,秦洪懋,杨泽宇. 车辆队列抗扰抗内切协同路径跟踪控制[J]. 汽车工程, 2023, 45(8): 1320-1332.
[9]	朱冰,姜泓屹,赵健,韩嘉懿,刘彦辰. 智能网联汽车协同感知信任度动态计算与评价方法[J]. 汽车工程, 2023, 45(8): 1383-1391.
[10]	崔英祥, 张幽彤, 魏洪乾. 基于样本熵的车载CAN网络入侵检测[J]. 汽车工程, 2023, 45(7): 1184-1191.
[11]	关宇昕,冀浩杰,崔哲,李贺,陈丽文. 智能网联汽车车载CAN网络入侵检测方法综述[J]. 汽车工程, 2023, 45(6): 922-935.
[12]	胡耘浩,李克强,向云丰,石佳,罗禹贡. 智能网联汽车通用跨平台实时仿真系统架构及应用[J]. 汽车工程, 2023, 45(3): 372-381.
[13]	李捷,吴晓东,许敏,刘永刚. 基于强化学习的城市场景多目标生态驾驶策略[J]. 汽车工程, 2023, 45(10): 1791-1802.
[14]	钱立军,陈晨,陈健,陈欣宇,熊驰. 基于Q学习模型的无信号交叉口离散车队控制[J]. 汽车工程, 2022, 44(9): 1350-1358.
[15]	钟文沁,孔伟伟,李志恒,于杰,罗禹贡. 不同渗透率下非信控交叉路口混合预约多车协同控制[J]. 汽车工程, 2022, 44(8): 1144-1152.