Towards a Lightweight Intrusion Detection Framework for In-Vehicle Networks

Basavaraj, Dheeraj; Tayeb, Shahab

doi:10.3390/jsan11010006

Cited by 35 publications

(16 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, our framework is compared to some well-known machine learning models as well as statistical models mentioned in [21]- [23], [27]. The dataset, which contains benign data and malicious data generated from Attack A, Attack B, Attack C, and Attack D is divided into 70% training data and 30% for testing and validation.…”

Section: Resultsmentioning

confidence: 99%

“…The processed data are fed to CNN to extract the feature map and then LSTM is applied to extract the temporal dependencies and the extracted features are finally fed to a fully connected neural network (NN) to classify the output. Dheeraj et al proposed IDS where the data are preprocessed and encoded to be fed to a deep neural network (DNN) to detect anomalies in CAN data [21].…”

Section: A In-vehicle Communication Idssmentioning

confidence: 99%

See 1 more Smart Citation

An Intelligent, Two-Stage, In-Vehicle Diagnostic-Based Secured Framework

et al. 2022

View full text Add to dashboard Cite

Recent research interests have been directed to study the security of vehicles due to the advancement of their technologies. Due to the rapid growth and accelerated development of electronic control units (ECUs), they are countered to be exploited by external attacks. As a result, recent research efforts have been focused on investigating alternative countermeasures that might be implemented by introducing different intrusion detection systems (IDSs). The problem with some of IDSs is the location of their deployment because of the ECU limitations and constraints. Other introduced IDSs require severe changes in the in-vehicle network, which is not preferred by vehicle manufacturers. In this research, we introduce a novel design of a framework to check the state of the vehicle and capture possible attacks by detecting any malicious data in the diagnostic parameters of the vehicle. The framework is divided into two phases: the specific-based detection phase and the anomaly-based detection phase. The proposed system employs the extreme gradient boosting (XGBoost) algorithm to detect anomalies in diagnostic data and it is optimized by a non-dominated sorting genetic algorithm II (NSGA-II). The model is verified against two datasets collected from real vehicles. To generate anomalies in datasets, an attack generation algorithm is introduced. The model is trained on a dataset that contains different attack types and verified blindly against various attacks that have not been seen before. The framework's experimental results show that it can detect abnormalities with accuracy 97.00% for the Seat Leon 2018 dataset and 97.49% for the KIA SOUL dataset.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: A In-vehicle Communication Idssmentioning

confidence: 99%

An Intelligent, Two-Stage, In-Vehicle Diagnostic-Based Secured Framework

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Thereafter, a oneclass SVM filters out malicious CAN frames from each malicious window. Basavaraj and Tayeb [22] proposed a DNN-based IDS and evaluated its performance on two real datasets where they achieved a detection accuracy of 98.67% on known attacks.…”

Section: Related Workmentioning

confidence: 99%

A Novel Detection Approach of Unknown Cyber-Attacks for Intra-Vehicle Networks Using Recurrence Plots and Neural Networks

Al-Jarrah

Haloui

Dianati

et al. 2023

IEEE Open J. Veh. Technol.

View full text Add to dashboard Cite

Proliferation of connected services in modern vehicles could make them vulnerable to a wide range of cyber-attacks through intra-vehicle networks that connect various vehicle systems. Designers usually equip vehicles with predesigned counter-measures, but these may not be effective against novel cyber-attacks. Intrusion Detection Systems (IDSs) serve as an additional layer of defence when conventional measures that are implemented by the designers fail. Several intrusion detection techniques, such as rule-based IDS, have been proposed in the literature but these techniques have limited capability in detecting novel cyber-attacks. This paper proposes a new Machine Learning (ML)-based IDS for detecting novel cyber-attacks in intra-vehicle networks, specifically in Controller Area Networks (CANs). The proposed IDS generates high-level representations of CAN messages transmitted on the bus exploiting their temporal properties as well as the intra and inter message dependencies through the use of Recurrence Plot (RP), which are then fed into a bespoke Neural Network, designed and trained to detect novel intrusions. Evaluations of the performance of the proposed IDS in comparison with that of the state-of-the-art existing IDS schemes namely Decision Tree (DT), Random Forest (RF) and other well-known approaches demonstrate the superiority of the proposed IDS in this paper.

show abstract

“…This model comes into place to fix weaknesses of the client-server model, as removing one or more bots will not ease the problem due to the huge botnet of independent bots. Several IDSes were proposed and developed during the last couple of years; examples can be found in [11][12][13][14][15].…”

Section: Related Workmentioning

confidence: 99%

ELBA-IoT: An Ensemble Learning Model for Botnet Attack Detection in IoT Networks

Al‐Haija

Al-Dala’ien

2022

JSAN

View full text Add to dashboard Cite

Due to the prompt expansion and development of intelligent systems and autonomous, energy-aware sensing devices, the Internet of Things (IoT) has remarkably grown and obstructed nearly all applications in our daily life. However, constraints in computation, storage, and communication capabilities of IoT devices has led to an increase in IoT-based botnet attacks. To mitigate this threat, there is a need for a lightweight and anomaly-based detection system that can build profiles for normal and malicious activities over IoT networks. In this paper, we propose an ensemble learning model for botnet attack detection in IoT networks called ELBA-IoT that profiles behavior features of IoT networks and uses ensemble learning to identify anomalous network traffic from compromised IoT devices. In addition, our IoT-based botnet detection approach characterizes the evaluation of three different machine learning techniques that belong to decision tree techniques (AdaBoosted, RUSBoosted, and bagged). To evaluate ELBA-IoT, we used the N-BaIoT-2021 dataset, which comprises records of both normal IoT network traffic and botnet attack traffic of infected IoT devices. The experimental results demonstrate that our proposed ELBA-IoT can detect the botnet attacks launched from the compromised IoT devices with high detection accuracy (99.6%) and low inference overhead (40 µ-seconds). We also contrast ELBA-IoT results with other state-of-the-art results and demonstrate that ELBA-IoT is superior.

show abstract

Towards a Lightweight Intrusion Detection Framework for In-Vehicle Networks

Cited by 35 publications

References 25 publications

An Intelligent, Two-Stage, In-Vehicle Diagnostic-Based Secured Framework

An Intelligent, Two-Stage, In-Vehicle Diagnostic-Based Secured Framework

A Novel Detection Approach of Unknown Cyber-Attacks for Intra-Vehicle Networks Using Recurrence Plots and Neural Networks

ELBA-IoT: An Ensemble Learning Model for Botnet Attack Detection in IoT Networks

Contact Info

Product

Resources

About