Nowadays, modern vehicles are becoming even more connected, intelligent, and smart. A modern vehicle encloses several cyber-physical systems such as actuators and sensors, which are controlled by electronic control units (ECUs). Such ECUs are connected through in-vehicle networks, and, in turn, such networks are connected to the Internet of Vehicles (IoV) to provide advanced and smart features. However, the increase in vehicle connectivity and computerization, although it brings clear advantages, it introduces serious safety problems that can also endanger the life of the driver and passengers of the vehicle, as well as that of pedestrians. Such problems are mainly caused by the security weaknesses affecting the Controller Area Network (CAN) bus, used to exchange data between ECUs. In this paper, we provide two algorithms that implement a data-driven anomaly detection system. The first algorithm (Cluster-based Learning Algorithm), is used to learn the behavior of messages passing on the CAN bus, for baselining purposes, while the second one (Data-driven Anomaly Detection Algorithm) is used to perform real-time classification of such messages (licit or illicit) for early alerting in the presence of malicious usages. The experimental results, obtained by using data coming from a real vehicle, have shown that our approach is capable of performing better than other anomaly-detection based approaches.

A Cluster-based Multidimensional Approach for Detecting Attacks on Connected Vehicles

D'Angelo, Gianni
;
Castiglione, Arcangelo;Palmieri, Francesco
2020-01-01

Abstract

Nowadays, modern vehicles are becoming even more connected, intelligent, and smart. A modern vehicle encloses several cyber-physical systems such as actuators and sensors, which are controlled by electronic control units (ECUs). Such ECUs are connected through in-vehicle networks, and, in turn, such networks are connected to the Internet of Vehicles (IoV) to provide advanced and smart features. However, the increase in vehicle connectivity and computerization, although it brings clear advantages, it introduces serious safety problems that can also endanger the life of the driver and passengers of the vehicle, as well as that of pedestrians. Such problems are mainly caused by the security weaknesses affecting the Controller Area Network (CAN) bus, used to exchange data between ECUs. In this paper, we provide two algorithms that implement a data-driven anomaly detection system. The first algorithm (Cluster-based Learning Algorithm), is used to learn the behavior of messages passing on the CAN bus, for baselining purposes, while the second one (Data-driven Anomaly Detection Algorithm) is used to perform real-time classification of such messages (licit or illicit) for early alerting in the presence of malicious usages. The experimental results, obtained by using data coming from a real vehicle, have shown that our approach is capable of performing better than other anomaly-detection based approaches.
2020
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4763863
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 38
  • ???jsp.display-item.citation.isi??? 27
social impact