Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus

Connected vehicles have recently attracted considerable attention for revolutionizing the transportation industry. Although connectivity brings about a vast number of benefits, it can give rise to a wider attack surface as more physical access interfaces have been introduced. In particular, anomalou...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on vehicular technology 2022-10, Vol.71 (10), p.10426-10441
Main Authors: Sun, Heng, Sun, Mengsi, Weng, Jian, Liu, Zhiquan
Format: Article
Language:English
Subjects:
Buses (vehicles)
Control equipment
Controller area network
dynamic time warping
Electronic control
Feature extraction
Intrusion
Intrusion detection
Methodology
Parameter robustness
Payloads
Protocols
Security
Sequences
Similarity
Sun
Transportation industry
Transportation networks
Vehicle dynamics
vehicle security
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63
cites cdi_FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63
container_end_page 10441
container_issue 10
container_start_page 10426
container_title IEEE transactions on vehicular technology
container_volume 71
creator Sun, Heng
Sun, Mengsi
Weng, Jian
Liu, Zhiquan
description Connected vehicles have recently attracted considerable attention for revolutionizing the transportation industry. Although connectivity brings about a vast number of benefits, it can give rise to a wider attack surface as more physical access interfaces have been introduced. In particular, anomalous behaviour of the Electronic Control Units (ECUs) caused by malicious attacks can result in serious consequences and possibly lead to fatal accidents. Hence, it is important to develop methodologies that can sniff vehicular data and detect it for further attack analysis. In this article, we develop a novel similarity-based intrusion detection methodology named SIDuDTW, which identifies malicious messages inside vehicle network, e.g., Controller Area Network (CAN), by using Dynamic Time Warping (DTW) distance between CAN ID sequences. Subsequently, the theoretical analysis for the recurring sequence pattern, wave splitting strategies, similarity metric, and optimal parameters providing strong robustness against several kinds of attacks in SIDuDTW are detailed. A series of experiments demonstrate that the developed methodology can detect attacks with high accuracy. In addition, this proposed methodology significantly outperforms the intrusion detection capabilities of existing approaches in terms of basic injection, replay and suppression attacks. It is envisioned that this work will contribute to the development of safer autonomous vehicle conceptualized as a key unit within broader smart city.
doi_str_mv 10.1109/TVT.2022.3185111
format article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2726110860</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9808189</ieee_id><sourcerecordid>2726110860</sourcerecordid><originalsourceid>FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63</originalsourceid><addsrcrecordid>eNo9kEFLAzEQRoMoWKt3wUvA89ZMkk02x9pWLRQVutVjyKaJpLS7Ndk99N-7pcXTzMD7hpmH0D2QEQBRT-VXOaKE0hGDIgeACzQAxVSmWK4u0YAQKDKV8_wa3aS06UfOFQzQ57g220MKCTcez6d46X47V1uX8DLswtbE0B7wKoX6B0_LbxxqPK_b2KXQ1HjqWmfbY-ebiCfjd_zcpVt05c02ubtzHaLVy6ycvGWLj9f5ZLzILFXQZkxYEKwSUFFpFGHSMc8F4aaSlBippDBgDbXMcS9pVRXOW-UM5X4trVoLNkSPp7372PQnp1Zvmi72zyRNJRW9k0KQniInysYmpei83sewM_GggeijN91700dv-uytjzycIsE594-rghRQKPYHJC1n7g</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2726110860</pqid></control><display><type>article</type><title>Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus</title><source>IEEE Electronic Library (IEL) Journals</source><creator>Sun, Heng ; Sun, Mengsi ; Weng, Jian ; Liu, Zhiquan</creator><creatorcontrib>Sun, Heng ; Sun, Mengsi ; Weng, Jian ; Liu, Zhiquan</creatorcontrib><description>Connected vehicles have recently attracted considerable attention for revolutionizing the transportation industry. Although connectivity brings about a vast number of benefits, it can give rise to a wider attack surface as more physical access interfaces have been introduced. In particular, anomalous behaviour of the Electronic Control Units (ECUs) caused by malicious attacks can result in serious consequences and possibly lead to fatal accidents. Hence, it is important to develop methodologies that can sniff vehicular data and detect it for further attack analysis. In this article, we develop a novel similarity-based intrusion detection methodology named SIDuDTW, which identifies malicious messages inside vehicle network, e.g., Controller Area Network (CAN), by using Dynamic Time Warping (DTW) distance between CAN ID sequences. Subsequently, the theoretical analysis for the recurring sequence pattern, wave splitting strategies, similarity metric, and optimal parameters providing strong robustness against several kinds of attacks in SIDuDTW are detailed. A series of experiments demonstrate that the developed methodology can detect attacks with high accuracy. In addition, this proposed methodology significantly outperforms the intrusion detection capabilities of existing approaches in terms of basic injection, replay and suppression attacks. It is envisioned that this work will contribute to the development of safer autonomous vehicle conceptualized as a key unit within broader smart city.</description><identifier>ISSN: 0018-9545</identifier><identifier>EISSN: 1939-9359</identifier><identifier>DOI: 10.1109/TVT.2022.3185111</identifier><identifier>CODEN: ITVTAB</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Buses (vehicles) ; Control equipment ; Controller area network ; dynamic time warping ; Electronic control ; Feature extraction ; Intrusion ; Intrusion detection ; Methodology ; Parameter robustness ; Payloads ; Protocols ; Security ; Sequences ; Similarity ; Sun ; Transportation industry ; Transportation networks ; Vehicle dynamics ; vehicle security</subject><ispartof>IEEE transactions on vehicular technology, 2022-10, Vol.71 (10), p.10426-10441</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2022</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63</citedby><cites>FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63</cites><orcidid>0000-0002-3934-2177 ; 0000-0003-4067-8230 ; 0000-0001-9027-1119 ; 0000-0002-4393-6402</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9808189$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,27901,27902,54771</link.rule.ids></links><search><creatorcontrib>Sun, Heng</creatorcontrib><creatorcontrib>Sun, Mengsi</creatorcontrib><creatorcontrib>Weng, Jian</creatorcontrib><creatorcontrib>Liu, Zhiquan</creatorcontrib><title>Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus</title><title>IEEE transactions on vehicular technology</title><addtitle>TVT</addtitle><description>Connected vehicles have recently attracted considerable attention for revolutionizing the transportation industry. Although connectivity brings about a vast number of benefits, it can give rise to a wider attack surface as more physical access interfaces have been introduced. In particular, anomalous behaviour of the Electronic Control Units (ECUs) caused by malicious attacks can result in serious consequences and possibly lead to fatal accidents. Hence, it is important to develop methodologies that can sniff vehicular data and detect it for further attack analysis. In this article, we develop a novel similarity-based intrusion detection methodology named SIDuDTW, which identifies malicious messages inside vehicle network, e.g., Controller Area Network (CAN), by using Dynamic Time Warping (DTW) distance between CAN ID sequences. Subsequently, the theoretical analysis for the recurring sequence pattern, wave splitting strategies, similarity metric, and optimal parameters providing strong robustness against several kinds of attacks in SIDuDTW are detailed. A series of experiments demonstrate that the developed methodology can detect attacks with high accuracy. In addition, this proposed methodology significantly outperforms the intrusion detection capabilities of existing approaches in terms of basic injection, replay and suppression attacks. It is envisioned that this work will contribute to the development of safer autonomous vehicle conceptualized as a key unit within broader smart city.</description><subject>Buses (vehicles)</subject><subject>Control equipment</subject><subject>Controller area network</subject><subject>dynamic time warping</subject><subject>Electronic control</subject><subject>Feature extraction</subject><subject>Intrusion</subject><subject>Intrusion detection</subject><subject>Methodology</subject><subject>Parameter robustness</subject><subject>Payloads</subject><subject>Protocols</subject><subject>Security</subject><subject>Sequences</subject><subject>Similarity</subject><subject>Sun</subject><subject>Transportation industry</subject><subject>Transportation networks</subject><subject>Vehicle dynamics</subject><subject>vehicle security</subject><issn>0018-9545</issn><issn>1939-9359</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNo9kEFLAzEQRoMoWKt3wUvA89ZMkk02x9pWLRQVutVjyKaJpLS7Ndk99N-7pcXTzMD7hpmH0D2QEQBRT-VXOaKE0hGDIgeACzQAxVSmWK4u0YAQKDKV8_wa3aS06UfOFQzQ57g220MKCTcez6d46X47V1uX8DLswtbE0B7wKoX6B0_LbxxqPK_b2KXQ1HjqWmfbY-ebiCfjd_zcpVt05c02ubtzHaLVy6ycvGWLj9f5ZLzILFXQZkxYEKwSUFFpFGHSMc8F4aaSlBippDBgDbXMcS9pVRXOW-UM5X4trVoLNkSPp7372PQnp1Zvmi72zyRNJRW9k0KQniInysYmpei83sewM_GggeijN91700dv-uytjzycIsE594-rghRQKPYHJC1n7g</recordid><startdate>20221001</startdate><enddate>20221001</enddate><creator>Sun, Heng</creator><creator>Sun, Mengsi</creator><creator>Weng, Jian</creator><creator>Liu, Zhiquan</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>FR3</scope><scope>KR7</scope><scope>L7M</scope><orcidid>https://orcid.org/0000-0002-3934-2177</orcidid><orcidid>https://orcid.org/0000-0003-4067-8230</orcidid><orcidid>https://orcid.org/0000-0001-9027-1119</orcidid><orcidid>https://orcid.org/0000-0002-4393-6402</orcidid></search><sort><creationdate>20221001</creationdate><title>Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus</title><author>Sun, Heng ; Sun, Mengsi ; Weng, Jian ; Liu, Zhiquan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Buses (vehicles)</topic><topic>Control equipment</topic><topic>Controller area network</topic><topic>dynamic time warping</topic><topic>Electronic control</topic><topic>Feature extraction</topic><topic>Intrusion</topic><topic>Intrusion detection</topic><topic>Methodology</topic><topic>Parameter robustness</topic><topic>Payloads</topic><topic>Protocols</topic><topic>Security</topic><topic>Sequences</topic><topic>Similarity</topic><topic>Sun</topic><topic>Transportation industry</topic><topic>Transportation networks</topic><topic>Vehicle dynamics</topic><topic>vehicle security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Sun, Heng</creatorcontrib><creatorcontrib>Sun, Mengsi</creatorcontrib><creatorcontrib>Weng, Jian</creatorcontrib><creatorcontrib>Liu, Zhiquan</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><jtitle>IEEE transactions on vehicular technology</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Sun, Heng</au><au>Sun, Mengsi</au><au>Weng, Jian</au><au>Liu, Zhiquan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus</atitle><jtitle>IEEE transactions on vehicular technology</jtitle><stitle>TVT</stitle><date>2022-10-01</date><risdate>2022</risdate><volume>71</volume><issue>10</issue><spage>10426</spage><epage>10441</epage><pages>10426-10441</pages><issn>0018-9545</issn><eissn>1939-9359</eissn><coden>ITVTAB</coden><abstract>Connected vehicles have recently attracted considerable attention for revolutionizing the transportation industry. Although connectivity brings about a vast number of benefits, it can give rise to a wider attack surface as more physical access interfaces have been introduced. In particular, anomalous behaviour of the Electronic Control Units (ECUs) caused by malicious attacks can result in serious consequences and possibly lead to fatal accidents. Hence, it is important to develop methodologies that can sniff vehicular data and detect it for further attack analysis. In this article, we develop a novel similarity-based intrusion detection methodology named SIDuDTW, which identifies malicious messages inside vehicle network, e.g., Controller Area Network (CAN), by using Dynamic Time Warping (DTW) distance between CAN ID sequences. Subsequently, the theoretical analysis for the recurring sequence pattern, wave splitting strategies, similarity metric, and optimal parameters providing strong robustness against several kinds of attacks in SIDuDTW are detailed. A series of experiments demonstrate that the developed methodology can detect attacks with high accuracy. In addition, this proposed methodology significantly outperforms the intrusion detection capabilities of existing approaches in terms of basic injection, replay and suppression attacks. It is envisioned that this work will contribute to the development of safer autonomous vehicle conceptualized as a key unit within broader smart city.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TVT.2022.3185111</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0002-3934-2177</orcidid><orcidid>https://orcid.org/0000-0003-4067-8230</orcidid><orcidid>https://orcid.org/0000-0001-9027-1119</orcidid><orcidid>https://orcid.org/0000-0002-4393-6402</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0018-9545
ispartof IEEE transactions on vehicular technology, 2022-10, Vol.71 (10), p.10426-10441
issn 0018-9545
1939-9359
language eng
recordid cdi_proquest_journals_2726110860
source IEEE Electronic Library (IEL) Journals
subjects Buses (vehicles)
Control equipment
Controller area network
dynamic time warping
Electronic control
Feature extraction
Intrusion
Intrusion detection
Methodology
Parameter robustness
Payloads
Protocols
Security
Sequences
Similarity
Sun
Transportation industry
Transportation networks
Vehicle dynamics
vehicle security
title Analysis of ID Sequences Similarity Using DTW in Intrusion Detection for CAN Bus
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-09T22%3A03%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Analysis%20of%20ID%20Sequences%20Similarity%20Using%20DTW%20in%20Intrusion%20Detection%20for%20CAN%20Bus&rft.jtitle=IEEE%20transactions%20on%20vehicular%20technology&rft.au=Sun,%20Heng&rft.date=2022-10-01&rft.volume=71&rft.issue=10&rft.spage=10426&rft.epage=10441&rft.pages=10426-10441&rft.issn=0018-9545&rft.eissn=1939-9359&rft.coden=ITVTAB&rft_id=info:doi/10.1109/TVT.2022.3185111&rft_dat=%3Cproquest_cross%3E2726110860%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c291t-36c163b61b27a9037e3f4604ab720a7976a1ca2c3e4f72bb8efc9ea24fd7c9d63%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2726110860&rft_id=info:pmid/&rft_ieee_id=9808189&rfr_iscdi=true