Behavior Analysis for Safety and Security in Automotive Systems

Rieke, Roland; Seidemann, Marc; Talla, Elise Kengni; Zelle, Daniel; Seeger, Bernhard

doi:10.1109/pdp.2017.67

Cited by 19 publications

(5 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, the authors did not show the detection latency and the training time of the proposed model. Rieke et al [31] proposed an intrusion detection model based on Petri nets. In the first stage of the proposed model, the discovery stage, a model representing the normal behavior of the vehicle is derived offline where the Alpha algorithm is used to derive a Petri net from traces recorded from the CAN bus.…”

Section: ) Flow-based Idssmentioning

confidence: 99%

“…As can be seen in Tables 5-7, most of the reviewed works in this paper (e.g., [19], [23], [31], [33], [38], [42], [56]) used cyber features to characterize and detect intrusions. Out of 42 works reviewed in this paper, only two works, [32] and [28], have used physical features to detect attacks.…”

Section: B Features and Feature Selectionmentioning

confidence: 99%

“…We categorize the datasets used in the works reviewed in this paper into: real data that are extracted from test vehicles, simulated data refer to the data generated by simulation or prototyping, and data that are not comprehensively described in the source work. As can be seen in Figure 6, 21 works out of 42 works reviewed in this, such as [18], [31], [34], [38], and [50], have used real data, whereas 11 works, such as [5], [6], and [42], have used simulated data, and 10 works did not provide comprehensive description of the used data.…”

Section: Datasetsmentioning

confidence: 99%

“…In addition to the above metrics, some works use other metrics to evaluate the performance of proposed methods. For example, [19] and [31] used throughput to evaluate the performance of the proposed models. TrT and TsT have been used in [42] to evaluate the performance of the proposed method.…”

Section: E Evaluation Metricsmentioning

confidence: 99%

See 3 more Smart Citations

Intrusion Detection Systems for Intra-Vehicle Networks: A Review

et al. 2019

View full text Add to dashboard Cite

A modern vehicle is a complex system of sensors, electronic control units, and actuators connected through different types of intra-vehicle networks to control and monitor the state of the vehicle. In addition, modern vehicles are becoming increasingly connected to the outside world through V2X technologies. However, these provide new attack surfaces that increase the cybersecurity risk to modern vehicles. To this end, there are two distinct and key challenges that need to be addressed to ensure safety and consumer trust. While modern vehicles must be equipped with the best countermeasures against cybersecurity threats, a reliable mechanism shall be also in place to detect the potential intrusions of the system while in operation, which is termed as intrusion detection. This paper provides a structured and comprehensive review of the state of the art of the intra-vehicle intrusion detection systems (IDSs) for passenger vehicles. We first provide an overview of intra-vehicle networks before reviewing contemporary research in intra-vehicle IDSs. The approach employed is to categorize the reviewed works based on their detection technique and to examine the used feature and feature selection methods, evaluation dataset, attack type, performance metrics, and benchmark models. This paper also presents outstanding research challenges and gaps in intra-vehicle IDS research.

show abstract

Section: ) Flow-based Idssmentioning

confidence: 99%

Section: B Features and Feature Selectionmentioning

confidence: 99%

Section: Datasetsmentioning

confidence: 99%

Section: E Evaluation Metricsmentioning

confidence: 99%

See 2 more Smart Citations

Intrusion Detection Systems for Intra-Vehicle Networks: A Review

et al. 2019

View full text Add to dashboard Cite

show abstract

“…In order to enhance the security of vehicular network, there are two methods. One is to prevent the attack [11], [5], [7] and second is to detect and mitigate potential risks [16], [9], [19]. Some security protocols were designed considering the limited data payload of the CAN data frame.…”

Section: Introductionmentioning

confidence: 99%

Unsupervised real-time anomaly detection system for vehicular network security

Wang¹,

Zhao²,

Zhu³

et al. 2017

ReBICTE

View full text Add to dashboard Cite

An unsupervised machine learning based anomaly detection system by hierarchical temporal memory(HTM) based learning algorithm is proposed to enhance the security of vehicular network. Firstly,the frequency distribution of Controller Area Network (CAN) packets is extracted as a meaningfulfeature to detect attacks in the CAN traffic. Then the features of CAN packets are learned byHTM-based module to predict what it expects to happen next. Furthermore, a novel anomaly scoreis calculated to analyze the probability of each class to discriminate normal and attack status. Thesystem protects vehicles by monitoring the CAN bus to detect threats in real time, including detectinganomalies that might indicate a sophisticated adversary hiding in the vehicle’s systems. Finally, it isdemonstrated with experimental results that the proposed method can provide a real-time anomalydetection to the attack in vehicular network.

show abstract