基于帧间隔-总线电压混合特征的汽车ECU伪装攻击识别

doi:10.19562/j.chinasae.qcgc.2023.11.008

Abstract

Abstract:

The development of networking and intelligence in automobiles has intensified the intrusion risk of automotive CAN （Controller Aera Network）. Unlike Ethernet networks with well-established identity authentication mechanisms and encrypted transmission protocols， CAN bus adopts the plaintext means of data， making the messages easily stolen and attacked by illegal ECUs. Therefore， how to design an onboard intrusion detection system （IDS） to identify illegal tampering and disguise attacks has become a key and difficult issue. Accordingly， an automotive ECU camouflage attack recognition technology based on frame interval and bus voltage hybrid feature extraction is proposed in this paper. Firstly， the frame intervals of the message frame are obtained using the timestamp mechanism of the embedded device. Meanwhile， voltage signals of the automotive bus network are sampled， and the characteristic parameters of the bus voltage （such as voltage mode and edge time） are obtained using fast signal processing technology. Thus， the hybrid features including the frame intervals， voltage modes， bit time， edge time are formulated to construct the ECU fingerprints. Then， the lightweight Softmax learning algorithm is used to train the IDS model and identify potential illegal intrusion behaviors such as disguised attacks online. In order to verify the effectiveness of the proposed method， hardware experiments based on ECU devices are conducted in this paper， and the results show that the recognition accuracy of the proposed method for all ECUs is as high as 98.33%， with illegal intrusion identified by the sources of messages. Compared to traditional methods based on single feature fingerprints， the method proposed in this article can improve recognition accuracy by about 7%.

Key words: intelligent connected vehicle, bus network, masquerade attack, hybrid-feature extraction

Haotian Liu,Hongqian Wei,Peicheng Shi,Youtong Zhang. The Masquerade Intrusion Detection Technique for Automotive ECUs Based on the Hybrid Feature Extraction of Frame Intervals and Bus Voltages[J].Automotive Engineering, 2023, 45(11): 2070-2081.

Figures/Tables 22

编号	$T b i t$ /μs	$T p l a t$ /μs	电压/V	帧间隔/ms	标号
1	2.021 4	1.975 6	2.253 603	100.028	1
2	2.020 2	1.974 9	2.241 724	99.999	1
3	2.019 0	1.975 0	2.241 932	100.017	1
…	…	…	…	…	…
853	2.017 6	1.975 3	2.247 594	99.983	2
854	2.016 1	1.973 6	2.245 453	99.985	2
855	2.014 6	1.973 9	2.244 266	99.990	2
…	…	…	…	…	…
4 849	2.057 8	1.965 9	2.171 069	100.005	6
4 850	2.057 9	1.966 2	2.184 569	99.985	6

References 23

1	GANESAN A， RAO J， SHIN K. Exploiting consistency among heterogeneous sensors for vehicle anomaly detection［C］. SAE Paper 2017-01-1654.
2	TAN Z， DAI N， SU Y， et al.Human-machine interaction in intelligent and connected vehicles： a review of status quo， issues and opportunities［J］IEEE Transactions on Intelligent Transportation Systems， 2021.
3	SIEGEL J E， ERB D C， SARMA S E. A survey of the connected vehicle landscape-architectures， enabling technologies， applications， and development areas［J］. IEEE Transactions on Intelligent Transportation Systems， 2017， 19（8）： 2391-2406.
4	SU Z， DAI M， XU Q， et al. Uav enabled content distribution for internet of connected vehicles in 5G heterogeneous networks［J］IEEE Transactions on Intelligent Transportation Systems， 2021，22（8）： 5091-5102.
5	冯志杰，何明，李彬，等.汽车信息安全攻防关键技术研究进展［J］.信息安全学报，2017，2（2）：1-14.
	FENG Z J， HE M， LI B， et al. Research progress on key technologies of automobile information security attack and defense［J］. Journal of Cyber Security，2017，2（2）：1-14.
6	DANESHVAR E， OK Y S， TAVAKOLI S， et al.Insights into upstream processing of microalgae： a review［J］ Bioresource Technology， 2021， 329：124870.
7	ZENG W， KHALID M A S， CHOWDHURY S. In-vehicle networks outlook： achievements and challenges［J］. IEEE Communications Surveys & Tutorials， 2016， 18（3）： 1552-1571.
8	NISHIKAWA K， HONTANI K. Challenges towards new software platform for automated driving and high computational ECU’s［C］. 2018 9th Vector Congress， 2018.
9	LOMBARDI M， PASCALE F， SANTANIELLO D.Two-step algorithm to detect cyber-attack over the can-bus： a preliminary case study in connected vehicles［J］.ASCE-ASME Journal of Risk and Uncertainty in Engineering Systems， Part B：Mechanical Engineering， 2022.
10	LIN C W，SANGIOVANNI-VINCENTELLI A.Cyber-security for the controller area network （CAN） communication protocol［C］. International Conference on Cyber Security， 2012.
11	GROZA B，MURVAY P S.Security solutions for the controller area network： bringing authentication to in-vehicle networks［J］. IEEE Vehicular Technology Magazine， 2018，13（1）： 40-47.
12	JO H J，CHOI W. A survey of attacks on controller area networks and corresponding countermeasures［J］. IEEE Transactions on Intelligent Transportation Systems， 2021.
13	LEE Hyunsung， JEONG Seong Hoon， KIM Huy Kang. OTIDS： a novel intrusion detection system for in-vehicle network by using remote frame［C］. Proc of 15th Annual Conference on Privacy， Security and Trust （PST）. IEEE， 2017： 57-5709.
14	CHO Kyong-Tak， SHIN Kang G， PARK Taejoon. CPS approach to checking norm operation of a brake-by-wire system［C］. Proc of Proceedings of the ACM/IEEE Sixth International Conference on Cyber-Physical Systems， 2015： 41-50.
15	MURVAY Pal-Stefan， GROZA Bogdan. Source identification using signal characteristics in controller area networks［J］. IEEE Signal Processing Letters， 2014， 21（4）： 395-399.
16	CHO K T， SHIN K G.Viden： attacker identification on in-vehicle networks［C］. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security， 2017： 1109-1123.
17	CHOI W， JOO K， JO H J， et al. VoltageIDS： low-level communication characteristics for automotive intrusion detection system［J］. IEEE Transactions on Information Forensics and Security，2018， 13（8）： 2114-2129.
18	JO H J， KIM J H， CHOI H Y， et al.MAuth-CAN： masquerade-attack-proof authentication for in-vehicle networks［J］. IEEE Transactions on Vehicular Technology， 2020， 69（2）：2204-2218.
19	FOSTER I， PRUDHOMME A， KOSCHER K， et al. Fast and vulnerable： a story of telematic failures［C］. Proc of 9th USENIX Workshop on Oﬀensive Technologies （WOOT 15），2015.
20	SAGONG S U， YING X， CLARK A， et al. Cloaking the clock： emulating clock skew in controller area networks［C］. Proc of ACM/IEEE International Conference on Cyber-Physical Systems，2018： 32-42.
21	YING X， SAGONG S U， CLARK A， et al. Shape of the cloak： formal analysis of clock skew-based intrusion detection system in controller area networks［J］. IEEE Transactions on Information Forensics and Security， 2019， 14（9）： 2300-2323.
22	FARSI M， RATCLIFF K， BARBOSA M.An overview of controller area network［J］.Computing & Control Engineering Journal，1999， 10（3）：113-120.
23	SONG H M， KIM H K. CAN network intrusion datasets ［DB/OL］. （2018-12-30）［2020-08-26］. https：//ocslab.hksecurity.net/Datasets/CA-N-intrusion-dalaset.

[1]	HAO Han, WANG Si-南, LI Xiao, LIU Zong-Wei, ZHAO Fu-Quan. [J]. , 2017, 39(1): 1 -8 .
[2]	XU Cheng-Shan, JIANG Fa-Chao, SONG Sen-Nan, TIAN Guang-Yu. [J]. , 2017, 39(1): 9 -14 .
[3]	TANG You-Ming, YAN Ling-Bo, LUO Qian, CAO Li-Bo. [J]. , 2016, 38(12): 1452 -1458 .
[4]	JIANG Ting, DAI Bing. [J]. , 2016, 38(12): 1459 -1466 .
[5]	ZHANG Yi-Bing, 吕Jian-Jun , YUAN Guang-Hui. [J]. , 2016, 38(12): 1467 -1470 .
[6]	ZHANG Lei, LU Jian-Wei, JIANG Jun-Zhao, YAN Pei-Lei, LI Lei. [J]. , 2016, 38(12): 1477 -1482 .
[7]	CUI An, LI Bin, WANG Xue-Liang, ZHANG Shi-Zhan. [J]. , 2016, 38(12): 1521 -1525 .
[8]	CHU Liang, ZHAO Di, LI Wen-Hui. [J]. , 2017, 39(1): 61 -65 .
[9]	QIN Xiao-Hui, WANG Jian-Qiang, XIE Bo-Yuan, HU Man-Jiang, LI Ke-Qiang. [J]. , 2017, 39(1): 73 -78 .
[10]	ZHAO Liang, ZHANG Qiang, GUO Kong-Hui. [J]. , 2017, 39(1): 86 -91 .

编号	位时间/平台时间/μs					电压/V	时间间隔/ms	标号
编号	1位宽	2位宽	3位宽	4位宽	5位宽	电压/V	时间间隔/ms	标号
1	2.054 4/1.912 8	4.069 3/3.931 3	6.063 2/5.924 1	8.056 7/7.923 3	10.040 3/9.912 2	2.253 603	100.028	1
2	2.064 4/1.925 6	4.062 1/3.922 4	6.075 4/5.942 4	8.056 7/7.923 3	10.058 3/9.920 4	2.241 724	99.999	1
3	2.054 2/1.919 1	4.056 7/3.925 1	6.053 0/5.922 1	8.053 3/7.926 7	10.063 3/9.927 6	2.241 932	100.017	1
…	…	…	…	…	…	…	…	…
853	2.048 3/1.925 3	4.046 2/3.924 6	6.062 1/5.935 2	8.052 1/7.920 4	10.035 7/9.924 5	2.247 594	99.983	2
854	2.044 3/1.916 4	4.051 7/3.924 2	6.059 5/5.925 4	8.043 3/7.916 7	10.053 0/9.931 1	2.245 453	99.985	2
855	2.048 7/1.923 3	4.057 1/3.934 3	6.038 2/5.918 3	8.052 1/7.924 6	10.049 5/9.930 0	2.244 266	99.990	2
…	…	…	…	…	…	…	…	…
4 849	2.180 2/1.904 0	4.172 5/3.903 7	6.170 0/5.902 2	8.173 3/7.896 7	10.167 5/9.897 5	2.171 069	100.005	6
4 850	2.178 3/1.920 8	4.176 7/3.896 7	6.170 0/5.895 5	8.170 2/7.903 0	10.168 6/9.895 7	2.184 569	99.985	6

样本容量	均值/%	最大值/%	最小值/%	波动区间/%
60	96.67	100.00	93.33	（-3.45，3.45）
120	97.67	99.17	95.83	（-1.88，1.54）
180	97.56	98.89	96.11	（-1.48，1.37）
240	97.21	98.33	95.00	（-2.27，1.16）
300	97.83	99.67	96.33	（-1.53，1.87）
360	97.56	98.06	96.39	（-1.20，0.51）
420	97.60	98.81	96.67	（-0.95，1.24）
480	97.50	98.33	96.25	（-1.28，0.85）
540	97.72	98.56	96.78	（-0.96，0.86）
600	98.11	98.80	97.46	（-0.66，0.70）

训练次数	准确率/%	均值/%
1	98.27	98.33
2	98.18
3	98.51
4	98.40
5	98.43
6	98.22
7	98.18
8	98.17
9	98.51
10	98.43

训练次数	准确率/%	均值/%
1	96.55	96.37
2	96.54
3	96.38
4	96.55
5	97.04
6	96.22
7	95.56
8	96.79
9	96.63
10	95.47

[1]	Pangwei Wang,Cheng Liu,Yunfeng Wang,Mingfang Zhang. Multi-lane Trajectory Optimization for Intelligent Connected Vehicles in Urban Road Network [J]. Automotive Engineering, 2024, 46(2): 241-252.
[2]	Siyu Wu,Wenhao Yu,Xingyu Xing,Yuxin Zhang,Chuzhao Li,Xueke Li,Xinyu Gu,Yunwei Li,Xiaohan Ma,Wei Lu,Zheng Wang,Zhenmao Hao,Hong Wang,Jun Li. Methodology of Critical Scenarios-Based Dual-Loop Testing and Verification for Safety of the Intended Functionality [J]. Automotive Engineering, 2023, 45(9): 1583-1607.
[3]	Zheng Zuo,Yunpeng Wang,Bin Ma,Bosong Zou,Yaoguang Cao,Shichun Yang. Quantitative Evaluation and Analysis of On-board Network Components Risk Rate Based on AFC-TARA [J]. Automotive Engineering, 2023, 45(9): 1553-1562.
[4]	Bing Zhu,Hongyi Jiang,Jian Zhao,Jiayi Han,Yanchen Liu. A Method for Dynamically Calculating and Evaluating the Trustworthiness of Collaborative Perception of Intelligent Connected Vehicles [J]. Automotive Engineering, 2023, 45(8): 1383-1391.
[5]	Yingxiang Cui, Youtong Zhang, Hongqian Wei. An Intrusion Detection System for In-vehicle CAN Network Based on Sample Entropy [J]. Automotive Engineering, 2023, 45(7): 1184-1191.
[6]	Pengfei Li,Yugong Luo,Chang Liu,Weiwei Kong. Control Strategies Design of Intelligent and Connected Vehicle Platoon Under Emergency Conditions [J]. Automotive Engineering, 2022, 44(3): 299-307.
[7]	Yisong Chen,Yunxiang Xing,Xiaoqin Xiong,Libo Lan,Ying Cao,Yongtao Liu. Research on Technical and Economic Evaluation System of Intelligent Connected Vehicles Based on Patent Analysis [J]. Automotive Engineering, 2021, 43(9): 1271-1277.
[8]	Hongqing Tian,Feng Ding,Xunjia Zheng,Heye Huang,Jianqiang Wang. Motion Planning Based on Virtual Force of Potential Field for Intelligent Connected Vehicles [J]. Automotive Engineering, 2021, 43(4): 518-526.
[9]	Xiangmo Zhao,Xinrui Zhang,Runmin Wang,Zhigang Xu,Haijin Fan. Cooperative Optimization Control Method of Traffic Signals and Vehicle Trajectories at Connected Intersection [J]. Automotive Engineering, 2021, 43(11): 1577-1586.
[10]	Li Keqiang, Chang Xueyang, Li Jiawen, Xu Qing, Gao Bolin, Pan Jian. Cloud Control System for Intelligent and Connected Vehicles and Its Application [J]. Automotive Engineering, 2020, 42(12): 1595-1605.
[11]	Yan Gang, Xiao Kun, Chu Wenbo. Research on Virtualization Technology for ComputingPlatform of Intelligent Connected Vehicles [J]. Automotive Engineering, 2020, 42(1): 33-37.

The Masquerade Intrusion Detection Technique for Automotive ECUs Based on the Hybrid Feature Extraction of Frame Intervals and Bus Voltages

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 22

References 23

Related Articles 11

Metrics

Comments

Recommended 10