汽车工程 ›› 2023, Vol. 45 ›› Issue (11): 2070-2081.doi: 10.19562/j.chinasae.qcgc.2023.11.008
所属专题: 智能网联汽车技术专题-控制2023年
收稿日期:
2023-04-15
修回日期:
2023-05-22
出版日期:
2023-11-25
发布日期:
2023-11-27
通讯作者:
魏洪乾
E-mail:bit_hongqian@126.com
基金资助:
Haotian Liu1,Hongqian Wei1(),Peicheng Shi2,Youtong Zhang1
Received:
2023-04-15
Revised:
2023-05-22
Online:
2023-11-25
Published:
2023-11-27
Contact:
Hongqian Wei
E-mail:bit_hongqian@126.com
摘要:
汽车的网联化和智能化发展提高了汽车内部总线CAN(controller aera network)网络被入侵的风险。不像以太网具有完善的身份认证机制和加密传输协议,总线CAN网络采用明文传输数据,其报文非常容易被非法ECU窃取和攻击。因此,如何设计车载的入侵检测系统识别ECU的非法篡改和伪装攻击成为当前汽车网络安全研究的重点和难点。基于此,本文提出了基于帧间隔-总线电压混合特征提取的汽车ECU伪装攻击识别技术。首先,借助嵌入式设备的时间戳机制获取报文帧的帧间隔时间;同时,采样汽车总线网络的电压信号,并采用快速信号处理技术获取总线电压的特征参数(如电压众数和边沿时间等),以此构建ECU识别的指纹特征(即混合特征参数,包含帧间隔时间、电压众数、位时间、边沿时间等)。然后,利用轻量化的Softmax学习算法训练IDS模型并在线识别潜在的伪装攻击等非法入侵行为。为了验证所提方法的有效性,本文开展了基于ECU设备的硬件试验测试;结果表明,所提方法对所有合法ECU的识别精度高达98.33%,即可以通过甄别报文消息源头判断非法入侵;并且相较于传统的基于单特征指纹的方法,本文所提方法能够提高7%左右的识别精度。
刘浩天,魏洪乾,时培成,张幽彤. 基于帧间隔-总线电压混合特征的汽车ECU伪装攻击识别[J]. 汽车工程, 2023, 45(11): 2070-2081.
Haotian Liu,Hongqian Wei,Peicheng Shi,Youtong Zhang. The Masquerade Intrusion Detection Technique for Automotive ECUs Based on the Hybrid Feature Extraction of Frame Intervals and Bus Voltages[J]. Automotive Engineering, 2023, 45(11): 2070-2081.
表1
训练数据集"
编号 | 位时间/平台时间/μs | 电压/V | 时间间隔/ms | 标号 | ||||
---|---|---|---|---|---|---|---|---|
1位宽 | 2位宽 | 3位宽 | 4位宽 | 5位宽 | ||||
1 | 2.054 4/1.912 8 | 4.069 3/3.931 3 | 6.063 2/5.924 1 | 8.056 7/7.923 3 | 10.040 3/9.912 2 | 2.253 603 | 100.028 | 1 |
2 | 2.064 4/1.925 6 | 4.062 1/3.922 4 | 6.075 4/5.942 4 | 8.056 7/7.923 3 | 10.058 3/9.920 4 | 2.241 724 | 99.999 | 1 |
3 | 2.054 2/1.919 1 | 4.056 7/3.925 1 | 6.053 0/5.922 1 | 8.053 3/7.926 7 | 10.063 3/9.927 6 | 2.241 932 | 100.017 | 1 |
… | … | … | … | … | … | … | … | … |
853 | 2.048 3/1.925 3 | 4.046 2/3.924 6 | 6.062 1/5.935 2 | 8.052 1/7.920 4 | 10.035 7/9.924 5 | 2.247 594 | 99.983 | 2 |
854 | 2.044 3/1.916 4 | 4.051 7/3.924 2 | 6.059 5/5.925 4 | 8.043 3/7.916 7 | 10.053 0/9.931 1 | 2.245 453 | 99.985 | 2 |
855 | 2.048 7/1.923 3 | 4.057 1/3.934 3 | 6.038 2/5.918 3 | 8.052 1/7.924 6 | 10.049 5/9.930 0 | 2.244 266 | 99.990 | 2 |
… | … | … | … | … | … | … | … | … |
4 849 | 2.180 2/1.904 0 | 4.172 5/3.903 7 | 6.170 0/5.902 2 | 8.173 3/7.896 7 | 10.167 5/9.897 5 | 2.171 069 | 100.005 | 6 |
4 850 | 2.178 3/1.920 8 | 4.176 7/3.896 7 | 6.170 0/5.895 5 | 8.170 2/7.903 0 | 10.168 6/9.895 7 | 2.184 569 | 99.985 | 6 |
表2
不同容量验证集的准确率分布"
样本容量 | 均值/% | 最大值/% | 最小值/% | 波动区间/% |
---|---|---|---|---|
60 | 96.67 | 100.00 | 93.33 | (-3.45,3.45) |
120 | 97.67 | 99.17 | 95.83 | (-1.88,1.54) |
180 | 97.56 | 98.89 | 96.11 | (-1.48,1.37) |
240 | 97.21 | 98.33 | 95.00 | (-2.27,1.16) |
300 | 97.83 | 99.67 | 96.33 | (-1.53,1.87) |
360 | 97.56 | 98.06 | 96.39 | (-1.20,0.51) |
420 | 97.60 | 98.81 | 96.67 | (-0.95,1.24) |
480 | 97.50 | 98.33 | 96.25 | (-1.28,0.85) |
540 | 97.72 | 98.56 | 96.78 | (-0.96,0.86) |
600 | 98.11 | 98.80 | 97.46 | (-0.66,0.70) |
表5
未考虑比特填充机制的数据集"
编号 | 电压/V | 帧间隔/ms | 标号 | ||
---|---|---|---|---|---|
1 | 2.021 4 | 1.975 6 | 2.253 603 | 100.028 | 1 |
2 | 2.020 2 | 1.974 9 | 2.241 724 | 99.999 | 1 |
3 | 2.019 0 | 1.975 0 | 2.241 932 | 100.017 | 1 |
… | … | … | … | … | … |
853 | 2.017 6 | 1.975 3 | 2.247 594 | 99.983 | 2 |
854 | 2.016 1 | 1.973 6 | 2.245 453 | 99.985 | 2 |
855 | 2.014 6 | 1.973 9 | 2.244 266 | 99.990 | 2 |
… | … | … | … | … | … |
4 849 | 2.057 8 | 1.965 9 | 2.171 069 | 100.005 | 6 |
4 850 | 2.057 9 | 1.966 2 | 2.184 569 | 99.985 | 6 |
1 | GANESAN A, RAO J, SHIN K. Exploiting consistency among heterogeneous sensors for vehicle anomaly detection[C]. SAE Paper 2017-01-1654. |
2 | TAN Z, DAI N, SU Y, et al.Human-machine interaction in intelligent and connected vehicles: a review of status quo, issues and opportunities[J]IEEE Transactions on Intelligent Transportation Systems, 2021. |
3 | SIEGEL J E, ERB D C, SARMA S E. A survey of the connected vehicle landscape-architectures, enabling technologies, applications, and development areas[J]. IEEE Transactions on Intelligent Transportation Systems, 2017, 19(8) : 2391-2406. |
4 | SU Z, DAI M, XU Q, et al. Uav enabled content distribution for internet of connected vehicles in 5G heterogeneous networks[J]IEEE Transactions on Intelligent Transportation Systems, 2021,22(8): 5091-5102. |
5 | 冯志杰,何明,李彬,等.汽车信息安全攻防关键技术研究进展[J].信息安全学报,2017,2(2):1-14. |
FENG Z J, HE M, LI B, et al. Research progress on key technologies of automobile information security attack and defense[J]. Journal of Cyber Security,2017,2(2):1-14. | |
6 | DANESHVAR E, OK Y S, TAVAKOLI S, et al.Insights into upstream processing of microalgae: a review[J] Bioresource Technology, 2021, 329:124870. |
7 | ZENG W, KHALID M A S, CHOWDHURY S. In-vehicle networks outlook: achievements and challenges[J]. IEEE Communications Surveys & Tutorials, 2016, 18(3): 1552-1571. |
8 | NISHIKAWA K, HONTANI K. Challenges towards new software platform for automated driving and high computational ECU’s[C]. 2018 9th Vector Congress, 2018. |
9 | LOMBARDI M, PASCALE F, SANTANIELLO D.Two-step algorithm to detect cyber-attack over the can-bus: a preliminary case study in connected vehicles[J].ASCE-ASME Journal of Risk and Uncertainty in Engineering Systems, Part B:Mechanical Engineering, 2022. |
10 | LIN C W,SANGIOVANNI-VINCENTELLI A.Cyber-security for the controller area network (CAN) communication protocol[C]. International Conference on Cyber Security, 2012. |
11 | GROZA B,MURVAY P S.Security solutions for the controller area network: bringing authentication to in-vehicle networks[J]. IEEE Vehicular Technology Magazine, 2018,13(1): 40-47. |
12 | JO H J,CHOI W. A survey of attacks on controller area networks and corresponding countermeasures[J]. IEEE Transactions on Intelligent Transportation Systems, 2021. |
13 | LEE Hyunsung, JEONG Seong Hoon, KIM Huy Kang. OTIDS: a novel intrusion detection system for in-vehicle network by using remote frame[C]. Proc of 15th Annual Conference on Privacy, Security and Trust (PST). IEEE, 2017: 57-5709. |
14 | CHO Kyong-Tak, SHIN Kang G, PARK Taejoon. CPS approach to checking norm operation of a brake-by-wire system[C]. Proc of Proceedings of the ACM/IEEE Sixth International Conference on Cyber-Physical Systems, 2015: 41-50. |
15 | MURVAY Pal-Stefan, GROZA Bogdan. Source identification using signal characteristics in controller area networks[J]. IEEE Signal Processing Letters, 2014, 21(4): 395-399. |
16 | CHO K T, SHIN K G.Viden: attacker identification on in-vehicle networks[C]. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017: 1109-1123. |
17 | CHOI W, JOO K, JO H J, et al. VoltageIDS: low-level communication characteristics for automotive intrusion detection system[J]. IEEE Transactions on Information Forensics and Security,2018, 13(8): 2114-2129. |
18 | JO H J, KIM J H, CHOI H Y, et al.MAuth-CAN: masquerade-attack-proof authentication for in-vehicle networks[J]. IEEE Transactions on Vehicular Technology, 2020, 69(2):2204-2218. |
19 | FOSTER I, PRUDHOMME A, KOSCHER K, et al. Fast and vulnerable: a story of telematic failures[C]. Proc of 9th USENIX Workshop on Offensive Technologies (WOOT 15),2015. |
20 | SAGONG S U, YING X, CLARK A, et al. Cloaking the clock: emulating clock skew in controller area networks[C]. Proc of ACM/IEEE International Conference on Cyber-Physical Systems,2018: 32-42. |
21 | YING X, SAGONG S U, CLARK A, et al. Shape of the cloak: formal analysis of clock skew-based intrusion detection system in controller area networks[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(9): 2300-2323. |
22 | FARSI M, RATCLIFF K, BARBOSA M.An overview of controller area network[J].Computing & Control Engineering Journal,1999, 10(3):113-120. |
23 | SONG H M, KIM H K. CAN network intrusion datasets [DB/OL]. (2018-12-30)[2020-08-26]. https://ocslab.hksecurity.net/Datasets/CA-N-intrusion-dalaset. |
[1] | 胡林,谷子逸,王丹琦,王方,邹铁方,黄晶. 汽车安全性测评规程现状及趋势展望[J]. 汽车工程, 2024, 46(2): 187-200. |
[2] | 关书睿,李克强,周俊宇,石佳,孔伟伟,罗禹贡. 面向强制换道场景的智能网联汽车协同换道策略[J]. 汽车工程, 2024, 46(2): 201-210. |
[3] | 王庞伟,刘程,汪云峰,张名芳. 面向城市道路的智能网联汽车多车道轨迹优化方法[J]. 汽车工程, 2024, 46(2): 241-252. |
[4] | 左政,王云鹏,麻斌,邹博松,曹耀光,杨世春. 基于AFC-TARA的车载网络组件风险率量化评估分析[J]. 汽车工程, 2023, 45(9): 1553-1562. |
[5] | 李升波,占国建,蒋宇轩,兰志前,张宇航,邹文俊,陈晨,成波,李克强. 类脑学习型自动驾驶决控系统的关键技术[J]. 汽车工程, 2023, 45(9): 1499-1515. |
[6] | 刘济铮,王震坡,孙逢春,张雷. 异构智能网联汽车编队延迟补偿控制研究[J]. 汽车工程, 2023, 45(9): 1573-1582. |
[7] | 吴思宇,于文浩,邢星宇,张玉新,李楚照,李雪轲,古昕昱,李云巍,马小涵,路伟,王政,郝圳茂,王红,李骏. 基于关键场景的预期功能安全双闭环测试验证方法[J]. 汽车工程, 2023, 45(9): 1583-1607. |
[8] | 边有钢,张田田,谢和平,秦洪懋,杨泽宇. 车辆队列抗扰抗内切协同路径跟踪控制[J]. 汽车工程, 2023, 45(8): 1320-1332. |
[9] | 朱冰,姜泓屹,赵健,韩嘉懿,刘彦辰. 智能网联汽车协同感知信任度动态计算与评价方法[J]. 汽车工程, 2023, 45(8): 1383-1391. |
[10] | 崔英祥, 张幽彤, 魏洪乾. 基于样本熵的车载CAN网络入侵检测[J]. 汽车工程, 2023, 45(7): 1184-1191. |
[11] | 关宇昕,冀浩杰,崔哲,李贺,陈丽文. 智能网联汽车车载CAN网络入侵检测方法综述[J]. 汽车工程, 2023, 45(6): 922-935. |
[12] | 胡耘浩,李克强,向云丰,石佳,罗禹贡. 智能网联汽车通用跨平台实时仿真系统架构及应用[J]. 汽车工程, 2023, 45(3): 372-381. |
[13] | 李捷,吴晓东,许敏,刘永刚. 基于强化学习的城市场景多目标生态驾驶策略[J]. 汽车工程, 2023, 45(10): 1791-1802. |
[14] | 钱立军,陈晨,陈健,陈欣宇,熊驰. 基于Q学习模型的无信号交叉口离散车队控制[J]. 汽车工程, 2022, 44(9): 1350-1358. |
[15] | 钟文沁,孔伟伟,李志恒,于杰,罗禹贡. 不同渗透率下非信控交叉路口混合预约多车协同控制[J]. 汽车工程, 2022, 44(8): 1144-1152. |
|