基于证据深度学习的CAN网络入侵检测框架

doi:10.19562/j.chinasae.qcgc.2024.11.010

汽车工程 ›› 2024, Vol. 46 ›› Issue (11): 2039-2045.doi: 10.19562/j.chinasae.qcgc.2024.11.010

基于证据深度学习的CAN网络入侵检测框架

石琴^1,^2,³,李志伟^1,^2,³,程腾^1,^2,³(),张强^1,^2,^3,⁴,王文冲⁴

^1.安徽省自动驾驶汽车安全技术安徽省重点实验室，合肥 230009
^2.安徽省智慧交通车路协同工程研究中心，合肥 230000
^3.合肥工业大学汽车与交通工程学院，合肥 230000
^4.奇瑞汽车股份有限公司，芜湖 241000

收稿日期:2024-04-30 修回日期:2024-06-06 出版日期:2024-11-25 发布日期:2024-11-22
通讯作者: 程腾 E-mail:cht616@hfut.edu.cn
基金资助:
安徽省自然科学基金(2208085MF171);中央高校基本科研业务费专项基金(JZ2023YQTD0073);安徽省重点研究与开发计划项目(202304A05020087);北京市自然科学基金(7232222)

Intrusion Detection Framework for CAN Networks Based on Evidence Deep Learning

Qin Shi^1,^2,³,Zhiwei Li^1,^2,³,Teng Cheng^1,^2,³(),Qiang Zhang^1,^2,^3,⁴,Wenchong Wang⁴

^1.Key Laboratory for Automated Vehicle Safety Technology of Anhui Province，Hefei University of Technology，Hefei 230009
^2.Engineering Research Center for Intelligent Transportation and Cooperative Vehicle-Infrastructure of Anhui Province，Hefei 230000
^3.School of Automotive and Transportation Engineering，Hefei University of Technology，Hefei 230000
^4.Chery Automobile Co. ，Ltd. ，Wuhu 241000

Received:2024-04-30 Revised:2024-06-06 Online:2024-11-25 Published:2024-11-22
Contact: Teng Cheng E-mail:cht616@hfut.edu.cn

摘要/Abstract

摘要：

随着移动通信技术在智能自动驾驶系统中的持续发展，保障车载通信数据的安全已成为交通系统安全的一个重要环节，面对黑客可能通过CAN总线网络远程操控车辆的威胁，现有网络框架虽能检测已知攻击，但在识别未知攻击时表现不佳。为此，本研究提出一种融合证据深度学习的检测框架，该框架由数据预处理模块、数据分析模块和攻击检测模块组成。预处理模块通过独立热编码技术，以提升数据质量和适应性；数据分析模块通过生成对抗网络（GAN）技术增强该框架的泛化能力并模拟攻击场景；攻击检测模块应用了证据深度学习，提高了框架在应对未知攻击时的不确定性处理能力。该框架在开源汽车黑客数据集和基于奇瑞EXEED RX车型自主构建的数据集上进行了测试。实验结果表明，该框架在检测未知攻击时，相比于传统的基于softmax的分类网络综合性能提高了24.5%。

关键词: 入侵检测, 证据深度学习, 不确定度, 损失函数

Abstract:

With the continuous development of mobile communication technologies in intelligent autonomous driving systems， securing vehicular communication data has become pivotal for transportation safety. Faced with threats of hackers remotely manipulating vehicles through the CAN bus network， existing frameworks can detect known attacks but falter in identifying location-based attacks. A detection framework integrating evidence-based deep learning is proposed in this paper， comprising data preprocessing， analysis， and attack detection modules. The preprocessing module employs independent hot encoding to enhance data quality and adaptability. The analysis module utilizes Generative Adversarial Networks （GANs） to bolster the framework's generalization and simulate attack scenarios. The attack detection module harnesses evidence-based deep learning to enhance the framework's capability in handling uncertainties from unknown attacks.The framework is tested on an open-source car hacking dataset and a dataset constructed based on the Chery EXEED RX model. The test results show that the framework improves the overall performance by 24.5% in detecting unknown attacks compared to traditional classification probability-based networks.

Key words: intrusion detection, evidence deep learning, uncertainty, loss function

石琴,李志伟,程腾,张强,王文冲. 基于证据深度学习的CAN网络入侵检测框架[J]. 汽车工程, 2024, 46(11): 2039-2045.

Qin Shi,Zhiwei Li,Teng Cheng,Qiang Zhang,Wenchong Wang. Intrusion Detection Framework for CAN Networks Based on Evidence Deep Learning[J]. Automotive Engineering, 2024, 46(11): 2039-2045.

图/表 8

图1

图2

表1

图3

表2

表3

表4

表5

参考文献 20

1	JEONG H H， SHEN Y C， JEONG J P， et al. A comprehensive survey on vehicular networking for safe and efficient driving in smart transportation： a focus on systems， protocols， and applications［J］. Vehicular Communications， 2021， 31： 100349.
2	ALIWA E， RANA O， PERERA C， et al. Cyberattacks and countermeasures for in-vehicle networks［J］. ACM Computing Surveys （CSUR）， 2021， 54（1）：1-37.
3	关宇昕，冀浩杰，崔哲，等.智能网联汽车车载CAN网络入侵检测方法综述［J］.汽车工程，2023，45（6）：922-935.
	GUAN Y X， JI H J， CUI Z， et al. An overview of intrusion detection methods for in-vehicle CAN network of intelligent networked vehicles［J］. Automotive Engineering， 2023，45（6）：922-935.
4	AKSU D， AYDIN M A. MGA-IDS： optimal feature subset selection for anomaly detection framework on in-vehicle networks-CAN bus based on genetic algorithm and intrusion detection approach［J］. Computers & Security， 2022， 118： 102717.
5	WEI P， WANG B， DAI X， et al. A novel intrusion detection model for the CAN bus packet of in-vehicle network based on attention mechanism and autoencoder［J］. Digital Communications and Networks， 2023， 9（1）： 14-21.
6	SWESSI D， IDOUDI H. Comparative study of ensemble learning techniques for fuzzy attack detection in in-vehicle networks［C］. International Conference on Advanced Information Networking and Applications. Cham： Springer International Publishing， 2022： 598-610.
7	GROZA B， MURVAY P S. Efficient intrusion detection with bloom filtering in controller area networks［J］. IEEE Transactions on Information Forensics and Security， 2018， 14（4）： 1037-1051.
8	HOANG T N， KIM D. Supervised contrastive ResNet and transfer learning for the in-vehicle intrusion detection system［J］. Expert Systems with Applications， 2024， 238： 122181.
9	SUN Y， OCHIAI H， ESAKI H. Intrusion detection with segmented federated learning for large-scale multiple lans［C］. 2020 International Joint Conference on Neural Networks （IJCNN）. IEEE， 2020： 1-8.
10	MCHERGUI A， MOULAHI T， ZEADALLY S. Survey on artificial intelligence （AI） techniques for vehicular ad-hoc networks （VANETs）［J］. Vehicular Communications， 2022， 34： 100403.
11	KIM K， KIM J S， JEONG S， et al. Cybersecurity for autonomous vehicles： review of attacks and defense［J］. Computers & Security， 2021， 103： 102150.
12	WU W， LI R， XIE G， et al. A survey of intrusion detection for in-vehicle networks［J］. IEEE Transactions on Intelligent Transportation Systems， 2019， 21（3）： 919-933.
13	LIANG J， CHEN J， ZHU Y， et al. A novel Intrusion Detection System for Vehicular Ad Hoc Networks （VANETs） based on differences of traffic flow and position［J］. Applied Soft Computing， 2019， 75： 712-727.
14	MUSA U S， CHAKRABORTY S， ABDULLAHI M M， et al. A review on intrusion detection system using machine learning techniques［C］. 2021 International Conference on Computing， Communication， and Intelligent Systems （ICCCIS）. IEEE， 2021： 541-549.
15	GAL Y. Uncertainty in deep learning［D］. University of Cambridge， 2016.
16	GUO C， PLEISS G， SUN Y， et al. On calibration of modern neural networks［C］. International Conference on Machine Learning. PMLR， 2017： 1321-1330.
17	SENSOY M， KAPLAN L， KANDEMIR M. Evidential deep learning to quantify classification uncertainty［J］. Advances in Neural Information Processing Systems， 2018， 31.
18	MUKHOTI J， GAL Y. Evaluating bayesian deep learning methods for semantic segmentation［J］. arXiv preprint arXiv：， 2018.
19	KRISHNAN R， TICKOO O. Improving model calibration with accuracy versus uncertainty optimization［J］. Advances in Neural Information Processing Systems， 2020， 33： 18237-18248.
20	MUKHOTI J， KULHARIA V， SANYAL A， et al. Calibrating deep neural networks using focal loss［J］. Advances in Neural Information Processing Systems， 2020， 33： 15288-15299.

攻击类型	消息总数	正常消息	攻击消息
DoS攻击	3 665 771	3 078 250	587 521
Fuzzy攻击	3 838 860	3 347 013	491 847
GEAR攻击	4 443 142	3 845 890	597 252
RPM攻击	4 621 702	3 845 890	654 897
正常消息	988 987	988 987	0

攻击类型	消息总数	正常消息	攻击消息
DoS攻击	3 298 815	2 985 348	313 467
Fuzzy攻击	3 454 577	3 087 217	367 360
GEAR攻击	3 998 368	3 645 241	353 127
RPM攻击	4 159 054	3 904 785	254 269
正常消息	889 986	889 986	0

[1]	汪想,刘蓬勃,赵剑,范科峰,李琳辉. 基于BEGAN的汽车CAN网络入侵检测数据增强方法研究[J]. 汽车工程, 2024, 46(8): 1394-1402.
[2]	程腾,倪昊,张强,王文冲,石琴. 基于虚拟点云的二阶段多模态融合网络[J]. 汽车工程, 2024, 46(2): 222-229.
[3]	崔英祥, 张幽彤, 魏洪乾. 基于样本熵的车载CAN网络入侵检测[J]. 汽车工程, 2023, 45(7): 1184-1191.
[4]	吕辉,钟顺江,李振聪,曹懿莎,上官文斌,赵克刚. 基于多维子平行六面体模型的可靠性分析方法及应用[J]. 汽车工程, 2023, 45(6): 1090-1098.
[5]	关宇昕,冀浩杰,崔哲,李贺,陈丽文. 智能网联汽车车载CAN网络入侵检测方法综述[J]. 汽车工程, 2023, 45(6): 922-935.
[6]	姚宇捷,彭育辉,陈泽辉,何维堃,吴庆,黄炜,陈文强. 支持抗光照目标检测的改进YOLO算法[J]. 汽车工程, 2023, 45(5): 777-785.
[7]	石琴,陈雅芳,程腾,张强,王文冲,石本义. 基于局部平面引导层的无监督单目红外图像深度估计[J]. 汽车工程, 2023, 45(12): 2291-2298.
[8]	张炳力,秦浩然,江尚,郑杰禹,吴正海. 基于RetinaNet及优化损失函数的夜间车辆检测方法[J]. 汽车工程, 2021, 43(8): 1195-1202.
[9]	白中浩, 李智强, 蒋彬辉, 王鹏辉. 基于改进YOLOv2模型的驾驶辅助系统实时行人检测^*[J]. 汽车工程, 2019, 41(12): 1416-1423.

基于证据深度学习的CAN网络入侵检测框架

Intrusion Detection Framework for CAN Networks Based on Evidence Deep Learning

RichHTML

PDF (PC)

赞

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 20

相关文章 9

Metrics

本文评价

推荐阅读 10