Loading…
An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform
The controller area network (CAN), which is still today the most used in-vehicle network, does not provide any security or authentication mechanism by design. Since current vehicles, which have numerous connectivity technologies, such as Bluetooth, Wi-Fi, and cellular radio, can be easily accessed f...
Saved in:
Published in: | IEEE access 2021, Vol.9, p.166855-166869 |
---|---|
Main Authors: | , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | cdi_FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3 |
---|---|
cites | cdi_FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3 |
container_end_page | 166869 |
container_issue | |
container_start_page | 166855 |
container_title | IEEE access |
container_volume | 9 |
creator | Freitas De Araujo-Filho, Paulo Pinheiro, Antonio J. Kaddoum, Georges Campelo, Divanilson R. Soares, Fabio L. |
description | The controller area network (CAN), which is still today the most used in-vehicle network, does not provide any security or authentication mechanism by design. Since current vehicles, which have numerous connectivity technologies, such as Bluetooth, Wi-Fi, and cellular radio, can be easily accessed from the exterior world, they can be easy targets of cyber-attacks. It is therefore urgently necessary to enhance vehicle security by detecting and stopping cyber-attacks. In this paper, we propose a novel unsupervised intrusion prevention system (IPS) for automotive CANs that detects and hinders attacks without modifying the architecture of the electronic control units (ECUs) or requiring information that is restricted to car manufacturers. We compare two machine learning algorithms' ability to detect fuzzing and spoofing attacks, and evaluate which of them is most accurate with the fewest number of data bytes. The fewer data bytes required, the sooner detection can start and the sooner attacking frames can be detected. Experiment results show that our proposed detection mechanism achieves accuracy higher than 99%, F1-scores higher than 97%, and detection times shorter than 80 ~\mu s for the types of attacks considered. Moreover, when compared to four state-of-the-art intrusion detection systems, it is the only solution that is capable of discarding attacking frames before damage occurs while being deployed on inexpensive Raspberry Pi. Such an inexpensive deployment is particularly desirable, as cost is one of the automotive industry's primary concerns. |
doi_str_mv | 10.1109/ACCESS.2021.3136147 |
format | article |
fullrecord | <record><control><sourceid>proquest_doaj_</sourceid><recordid>TN_cdi_proquest_journals_2613365797</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9654211</ieee_id><doaj_id>oai_doaj_org_article_61b63ea341dd49e8bd9f23c4d9e1c10a</doaj_id><sourcerecordid>2613365797</sourcerecordid><originalsourceid>FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3</originalsourceid><addsrcrecordid>eNpNUU1rGzEUXEoLDWl-QS6CnteVVh-76m1Z3MZg2oBbehT6eErl2qtUklP87yt3Q-i7vMcwM29gmuaW4BUhWH4Yp2m926063JEVJVQQ1r9qrjoiZEs5Fa__u982NznvcZ2hQry_asw4o7X3wQaYC9rMJZ1yiDO6T_BUkcu5O-cCR-RjQtP45SO6C7ODFOYHNJ0NpHYsRdtfGf0I5SfSaBv_tFPMBd0fdKmi47vmjdeHDDfP-7r5_mn9bbprt18_b6Zx21qGh9ICNwZzsLQfpGGed5IbThnXTBDaddT0XDrrDbaMOmu9w9ppr70EYY0YPL1uNouvi3qvHlM46nRWUQf1D4jpQelUgj2AEsQICpoy4hyTMBgnfUctcxKIJVhXr_eL12OKv0-Qi9rHU5prfNXVOFTwXvaVRReWTTHnBP7lK8Hq0o1aulGXbtRzN1V1u6gCALwopOCsI4T-BQCEisM</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2613365797</pqid></control><display><type>article</type><title>An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform</title><source>IEEE Xplore Open Access Journals</source><creator>Freitas De Araujo-Filho, Paulo ; Pinheiro, Antonio J. ; Kaddoum, Georges ; Campelo, Divanilson R. ; Soares, Fabio L.</creator><creatorcontrib>Freitas De Araujo-Filho, Paulo ; Pinheiro, Antonio J. ; Kaddoum, Georges ; Campelo, Divanilson R. ; Soares, Fabio L.</creatorcontrib><description>The controller area network (CAN), which is still today the most used in-vehicle network, does not provide any security or authentication mechanism by design. Since current vehicles, which have numerous connectivity technologies, such as Bluetooth, Wi-Fi, and cellular radio, can be easily accessed from the exterior world, they can be easy targets of cyber-attacks. It is therefore urgently necessary to enhance vehicle security by detecting and stopping cyber-attacks. In this paper, we propose a novel unsupervised intrusion prevention system (IPS) for automotive CANs that detects and hinders attacks without modifying the architecture of the electronic control units (ECUs) or requiring information that is restricted to car manufacturers. We compare two machine learning algorithms' ability to detect fuzzing and spoofing attacks, and evaluate which of them is most accurate with the fewest number of data bytes. The fewer data bytes required, the sooner detection can start and the sooner attacking frames can be detected. Experiment results show that our proposed detection mechanism achieves accuracy higher than 99%, F1-scores higher than 97%, and detection times shorter than <inline-formula> <tex-math notation="LaTeX">80 ~\mu s </tex-math></inline-formula> for the types of attacks considered. Moreover, when compared to four state-of-the-art intrusion detection systems, it is the only solution that is capable of discarding attacking frames before damage occurs while being deployed on inexpensive Raspberry Pi. Such an inexpensive deployment is particularly desirable, as cost is one of the automotive industry's primary concerns.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2021.3136147</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Algorithms ; Automobile industry ; Automobiles ; Automotive electronics ; Bluetooth ; Cellular radio ; Control equipment ; Controller area network ; controller area network (CAN) ; Cybersecurity ; Electronic control ; Hardware ; Intrusion detection ; Intrusion detection system (IDS) ; Intrusion detection systems ; intrusion prevention system (IPS) ; IP networks ; Machine learning ; Machine learning algorithms ; Security ; Spoofing ; Timing</subject><ispartof>IEEE access, 2021, Vol.9, p.166855-166869</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3</citedby><cites>FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3</cites><orcidid>0000-0002-5025-6624 ; 0000-0001-8851-2665 ; 0000-0002-1178-2648 ; 0000-0001-8440-4237 ; 0000-0001-6367-9872</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9654211$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,4024,27633,27923,27924,27925,54933</link.rule.ids></links><search><creatorcontrib>Freitas De Araujo-Filho, Paulo</creatorcontrib><creatorcontrib>Pinheiro, Antonio J.</creatorcontrib><creatorcontrib>Kaddoum, Georges</creatorcontrib><creatorcontrib>Campelo, Divanilson R.</creatorcontrib><creatorcontrib>Soares, Fabio L.</creatorcontrib><title>An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform</title><title>IEEE access</title><addtitle>Access</addtitle><description>The controller area network (CAN), which is still today the most used in-vehicle network, does not provide any security or authentication mechanism by design. Since current vehicles, which have numerous connectivity technologies, such as Bluetooth, Wi-Fi, and cellular radio, can be easily accessed from the exterior world, they can be easy targets of cyber-attacks. It is therefore urgently necessary to enhance vehicle security by detecting and stopping cyber-attacks. In this paper, we propose a novel unsupervised intrusion prevention system (IPS) for automotive CANs that detects and hinders attacks without modifying the architecture of the electronic control units (ECUs) or requiring information that is restricted to car manufacturers. We compare two machine learning algorithms' ability to detect fuzzing and spoofing attacks, and evaluate which of them is most accurate with the fewest number of data bytes. The fewer data bytes required, the sooner detection can start and the sooner attacking frames can be detected. Experiment results show that our proposed detection mechanism achieves accuracy higher than 99%, F1-scores higher than 97%, and detection times shorter than <inline-formula> <tex-math notation="LaTeX">80 ~\mu s </tex-math></inline-formula> for the types of attacks considered. Moreover, when compared to four state-of-the-art intrusion detection systems, it is the only solution that is capable of discarding attacking frames before damage occurs while being deployed on inexpensive Raspberry Pi. Such an inexpensive deployment is particularly desirable, as cost is one of the automotive industry's primary concerns.</description><subject>Algorithms</subject><subject>Automobile industry</subject><subject>Automobiles</subject><subject>Automotive electronics</subject><subject>Bluetooth</subject><subject>Cellular radio</subject><subject>Control equipment</subject><subject>Controller area network</subject><subject>controller area network (CAN)</subject><subject>Cybersecurity</subject><subject>Electronic control</subject><subject>Hardware</subject><subject>Intrusion detection</subject><subject>Intrusion detection system (IDS)</subject><subject>Intrusion detection systems</subject><subject>intrusion prevention system (IPS)</subject><subject>IP networks</subject><subject>Machine learning</subject><subject>Machine learning algorithms</subject><subject>Security</subject><subject>Spoofing</subject><subject>Timing</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>DOA</sourceid><recordid>eNpNUU1rGzEUXEoLDWl-QS6CnteVVh-76m1Z3MZg2oBbehT6eErl2qtUklP87yt3Q-i7vMcwM29gmuaW4BUhWH4Yp2m926063JEVJVQQ1r9qrjoiZEs5Fa__u982NznvcZ2hQry_asw4o7X3wQaYC9rMJZ1yiDO6T_BUkcu5O-cCR-RjQtP45SO6C7ODFOYHNJ0NpHYsRdtfGf0I5SfSaBv_tFPMBd0fdKmi47vmjdeHDDfP-7r5_mn9bbprt18_b6Zx21qGh9ICNwZzsLQfpGGed5IbThnXTBDaddT0XDrrDbaMOmu9w9ppr70EYY0YPL1uNouvi3qvHlM46nRWUQf1D4jpQelUgj2AEsQICpoy4hyTMBgnfUctcxKIJVhXr_eL12OKv0-Qi9rHU5prfNXVOFTwXvaVRReWTTHnBP7lK8Hq0o1aulGXbtRzN1V1u6gCALwopOCsI4T-BQCEisM</recordid><startdate>2021</startdate><enddate>2021</enddate><creator>Freitas De Araujo-Filho, Paulo</creator><creator>Pinheiro, Antonio J.</creator><creator>Kaddoum, Georges</creator><creator>Campelo, Divanilson R.</creator><creator>Soares, Fabio L.</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0002-5025-6624</orcidid><orcidid>https://orcid.org/0000-0001-8851-2665</orcidid><orcidid>https://orcid.org/0000-0002-1178-2648</orcidid><orcidid>https://orcid.org/0000-0001-8440-4237</orcidid><orcidid>https://orcid.org/0000-0001-6367-9872</orcidid></search><sort><creationdate>2021</creationdate><title>An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform</title><author>Freitas De Araujo-Filho, Paulo ; Pinheiro, Antonio J. ; Kaddoum, Georges ; Campelo, Divanilson R. ; Soares, Fabio L.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Automobile industry</topic><topic>Automobiles</topic><topic>Automotive electronics</topic><topic>Bluetooth</topic><topic>Cellular radio</topic><topic>Control equipment</topic><topic>Controller area network</topic><topic>controller area network (CAN)</topic><topic>Cybersecurity</topic><topic>Electronic control</topic><topic>Hardware</topic><topic>Intrusion detection</topic><topic>Intrusion detection system (IDS)</topic><topic>Intrusion detection systems</topic><topic>intrusion prevention system (IPS)</topic><topic>IP networks</topic><topic>Machine learning</topic><topic>Machine learning algorithms</topic><topic>Security</topic><topic>Spoofing</topic><topic>Timing</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Freitas De Araujo-Filho, Paulo</creatorcontrib><creatorcontrib>Pinheiro, Antonio J.</creatorcontrib><creatorcontrib>Kaddoum, Georges</creatorcontrib><creatorcontrib>Campelo, Divanilson R.</creatorcontrib><creatorcontrib>Soares, Fabio L.</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005–Present</collection><collection>IEEE Xplore Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE/IET Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Freitas De Araujo-Filho, Paulo</au><au>Pinheiro, Antonio J.</au><au>Kaddoum, Georges</au><au>Campelo, Divanilson R.</au><au>Soares, Fabio L.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2021</date><risdate>2021</risdate><volume>9</volume><spage>166855</spage><epage>166869</epage><pages>166855-166869</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>The controller area network (CAN), which is still today the most used in-vehicle network, does not provide any security or authentication mechanism by design. Since current vehicles, which have numerous connectivity technologies, such as Bluetooth, Wi-Fi, and cellular radio, can be easily accessed from the exterior world, they can be easy targets of cyber-attacks. It is therefore urgently necessary to enhance vehicle security by detecting and stopping cyber-attacks. In this paper, we propose a novel unsupervised intrusion prevention system (IPS) for automotive CANs that detects and hinders attacks without modifying the architecture of the electronic control units (ECUs) or requiring information that is restricted to car manufacturers. We compare two machine learning algorithms' ability to detect fuzzing and spoofing attacks, and evaluate which of them is most accurate with the fewest number of data bytes. The fewer data bytes required, the sooner detection can start and the sooner attacking frames can be detected. Experiment results show that our proposed detection mechanism achieves accuracy higher than 99%, F1-scores higher than 97%, and detection times shorter than <inline-formula> <tex-math notation="LaTeX">80 ~\mu s </tex-math></inline-formula> for the types of attacks considered. Moreover, when compared to four state-of-the-art intrusion detection systems, it is the only solution that is capable of discarding attacking frames before damage occurs while being deployed on inexpensive Raspberry Pi. Such an inexpensive deployment is particularly desirable, as cost is one of the automotive industry's primary concerns.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2021.3136147</doi><tpages>15</tpages><orcidid>https://orcid.org/0000-0002-5025-6624</orcidid><orcidid>https://orcid.org/0000-0001-8851-2665</orcidid><orcidid>https://orcid.org/0000-0002-1178-2648</orcidid><orcidid>https://orcid.org/0000-0001-8440-4237</orcidid><orcidid>https://orcid.org/0000-0001-6367-9872</orcidid><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | ISSN: 2169-3536 |
ispartof | IEEE access, 2021, Vol.9, p.166855-166869 |
issn | 2169-3536 2169-3536 |
language | eng |
recordid | cdi_proquest_journals_2613365797 |
source | IEEE Xplore Open Access Journals |
subjects | Algorithms Automobile industry Automobiles Automotive electronics Bluetooth Cellular radio Control equipment Controller area network controller area network (CAN) Cybersecurity Electronic control Hardware Intrusion detection Intrusion detection system (IDS) Intrusion detection systems intrusion prevention system (IPS) IP networks Machine learning Machine learning algorithms Security Spoofing Timing |
title | An Efficient Intrusion Prevention System for CAN: Hindering Cyber-Attacks With a Low-Cost Platform |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T08%3A47%3A02IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_doaj_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20Efficient%20Intrusion%20Prevention%20System%20for%20CAN:%20Hindering%20Cyber-Attacks%20With%20a%20Low-Cost%20Platform&rft.jtitle=IEEE%20access&rft.au=Freitas%20De%20Araujo-Filho,%20Paulo&rft.date=2021&rft.volume=9&rft.spage=166855&rft.epage=166869&rft.pages=166855-166869&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2021.3136147&rft_dat=%3Cproquest_doaj_%3E2613365797%3C/proquest_doaj_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c408t-e5bb05ec3789b4f5295b5345a4613223b759dcfb0c43dccfd0adafaf9e6cb68f3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2613365797&rft_id=info:pmid/&rft_ieee_id=9654211&rfr_iscdi=true |