With the rapid development of the Internet of Things (IoT) and the Internet of Vehicles (IoV) technologies, smart vehicles have replaced conventional ones by providing more advanced driving-related features. IoV systems typically consist of Intra-Vehicle Networks (IVNs) in which many Electronic Control units (ECUs) directly and indirectly communicate among them through the Controller Area Network (CAN) bus. However, the growth of such vehicles has also increased the number of network and physical attacks focused on exploiting security weaknesses affecting the CAN protocol. Such problems can also endanger the life of the driver and passengers of the vehicle, as well as that of pedestrians. Therefore, to face this security issue, we propose a novel anomaly detector capable of considering the vehicle-related state over time. To accomplish this, we combine different most famous algorithms to consider all possible relationships between CAN messages and arrange them as corresponding associative rules. The presented approach, also compared with the state-of-the-art solutions, can effectively detect different kinds of attacks (DoS, Fuzzy, GEAR and RPM) by only considering CAN messages collected during attack-free operating scenarios.
An Association Rules-Based Approach for Anomaly Detection on CAN-bus
D'Angelo G.;Ficco M.
;
2023-01-01
Abstract
With the rapid development of the Internet of Things (IoT) and the Internet of Vehicles (IoV) technologies, smart vehicles have replaced conventional ones by providing more advanced driving-related features. IoV systems typically consist of Intra-Vehicle Networks (IVNs) in which many Electronic Control units (ECUs) directly and indirectly communicate among them through the Controller Area Network (CAN) bus. However, the growth of such vehicles has also increased the number of network and physical attacks focused on exploiting security weaknesses affecting the CAN protocol. Such problems can also endanger the life of the driver and passengers of the vehicle, as well as that of pedestrians. Therefore, to face this security issue, we propose a novel anomaly detector capable of considering the vehicle-related state over time. To accomplish this, we combine different most famous algorithms to consider all possible relationships between CAN messages and arrange them as corresponding associative rules. The presented approach, also compared with the state-of-the-art solutions, can effectively detect different kinds of attacks (DoS, Fuzzy, GEAR and RPM) by only considering CAN messages collected during attack-free operating scenarios.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.