A Survey of Intrusion Detection for In-Vehicle Networks

Wu, Wufei; Li, Renfa; Xie, Guoqi; An, Jiyao; Bai, Yang; Zhou, Jia; Li, Keqin

doi:10.1109/tits.2019.2908074

Cited by 263 publications

(134 citation statements)

References 52 publications

Supporting

Mentioning

100

Contrasting

Order By: Relevance

“…However, due to the low computing power of the ECU, solving the problems of vehicle network information security is still a huge challenge [1]. In order to resist forgery attacks, tampering attacks, replay attacks, and privacy leak attacks, researchers have studied many authentication schemes in the IoV or in-vehicle network [3,12]. Research on authentication protocols based on privacy protection policies is the main method to ensure the integrity, reliability, and identity privacy of message transmission.…”

Section: Related Workmentioning

confidence: 99%

“…The rise of IoV technology has not only changed the way people travel, but also made people's driving environment more and more comfortable [1]. However, the interconnection of networks between vehicles brings various information security, which makes the attack surface of the internal vehicle networks rise sharply, especially for remote attacks [2,3]. In 2013, Toyota Prius cars were attacked by a hacker through the On-Board Diagnostic (OBD) interface and the braking systems were illegally manipulated, which caused traffic accidents [2].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Zero-knowledge identity authentication for internet of vehicles: Improvement and application

et al. 2020

View full text Add to dashboard Cite

The popularity of Internet of Vehicles (IoV) has made people's driving environment more comfortable and convenient. However, with the integration of external networks and the vehicle networks, the vulnerabilities of the Controller Area Network (CAN) are exposed, allowing attackers to remotely invade vehicle networks through external devices. Based on the remote attack model for vulnerabilities of the in-vehicle CAN, we designed an efficient and safe identity authentication scheme based on Feige-Fiat-Shamir (FFS) zero-knowledge identification scheme with extremely high soundness. We used the method of zero-one reversal and two-to-one verification to solve the problem that FFS cannot effectively resist guessing attacks. Then, we carried out a theoretical analysis of the scheme's security and evaluated it on the software and hardware platform. Finally, regarding time overhead, under the same parameters, compared with the existing scheme, the scheme can complete the authentication within 6.1ms without having to go through multiple rounds of interaction, which reduces the additional authentication delay and enables all private keys to participate in one round of authentication, thereby eliminating the possibility that a private key may not be involved in the original protocol. Regarding security and soundness, as long as private keys are not cracked, the scheme can resist guessing attacks, which is more secure than the existing scheme.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Zero-knowledge identity authentication for internet of vehicles: Improvement and application

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In the last few years, with the increase of security threats and the huge enormous volume of traffic, several approaches have been proposed to detect anomalies [17]- [19]. Network anomaly detection consists of two main approaches: Signature-based and Profile-based.…”

Section: Introductionmentioning

confidence: 99%

Long Short-Term Memory and Fuzzy Logic for Anomaly Detection and Mitigation in Software-Defined Network Environment

et al. 2020

View full text Add to dashboard Cite

Computer networks become complex and dynamic structures. As a result of this fact, the configuration and the managing of this whole structure is a challenging activity. Software-Defined Networks(SDN) is a new network paradigm that, through an abstraction of network plans, seeks to separate the control plane and data plane, and tends as an objective to overcome the limitations in terms of network infrastructure configuration. As in the traditional network environment, the SDN environment is also liable to security vulnerabilities. This work presents a system of detection and mitigation of Distributed Denial of Service (DDoS) attacks and Portscan attacks in SDN environments (LSTM-FUZZY). The LSTM-FUZZY system presented in this work has three distinct phases: characterization, anomaly detection, and mitigation. The system was tested in two scenarios. In the first scenario, we applied IP flows collected from the SDN Floodlight controllers through emulation on Mininet. On the other hand, in the second scenario, the CICDDoS 2019 dataset was applied. The results gained show that the efficiency of the system to assist in network management, detect and mitigate the occurrence of the attacks.

show abstract

“…Since 2010, many instances of car hacking through the on-board diagnostics II (OBD-II) port for in-vehicle diagnosis and the infotainment system have been reported [ 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 ]. Thus, security measures for modern cars against hacking threats also have been actively researched [ 7 , 9 , 10 ]. Because vehicular security is an important issue today, we need a reliable solution to protect vehicles in motion.…”

Section: Introductionmentioning

confidence: 99%

A Multiple Rényi Entropy Based Intrusion Detection System for Connected Vehicles

Kim

Lim

et al. 2020

Entropy

View full text Add to dashboard Cite

In this paper, we propose an intrusion detection system based on the estimation of the Rényi entropy with multiple orders. The Rényi entropy is a generalized notion of entropy that includes the Shannon entropy and the min-entropy as special cases. In 2018, Kim proposed an efficient estimation method for the Rényi entropy with an arbitrary real order α . In this work, we utilize this method to construct a multiple order, Rényi entropy based intrusion detection system (IDS) for vehicular systems with various network connections. The proposed method estimates the Rényi entropies simultaneously with three distinct orders, two, three, and four, based on the controller area network (CAN)-IDs of consecutively generated frames. The collected frames are split into blocks with a fixed number of frames, and the entropies are evaluated based on these blocks. For a more accurate estimation against each type of attack, we also propose a retrospective sliding window method for decision of attacks based on the estimated entropies. For fair comparison, we utilized the CAN-ID attack data set generated by a research team from Korea University. Our results show that the proposed method can show the false negative and positive errors of less than 1% simultaneously.

show abstract

A Survey of Intrusion Detection for In-Vehicle Networks

Cited by 263 publications

References 52 publications

Zero-knowledge identity authentication for internet of vehicles: Improvement and application

Zero-knowledge identity authentication for internet of vehicles: Improvement and application

Long Short-Term Memory and Fuzzy Logic for Anomaly Detection and Mitigation in Software-Defined Network Environment

A Multiple Rényi Entropy Based Intrusion Detection System for Connected Vehicles

Contact Info

Product

Resources

About