SAMPATH RAJAPAKSHA R WASALA MUDIYANSELAGE POLWATTE GEDARA s.rajapaksha@rgu.ac.uk
Research Student
Beyond vanilla: improved autoencoder-based ensemble in-vehicle intrusion detection system.
Rajapaksha, Sampath; Kalutarage, Harsha; Al-Kadri, M. Omar; Petrovski, Andrei; Madzudzo, Garikayi
Authors
Dr Harsha Kalutarage h.kalutarage@rgu.ac.uk
Associate Professor
M. Omar Al-Kadri
Andrei Petrovski
Garikayi Madzudzo
Abstract
Modern automobiles are equipped with a large number of electronic control units (ECUs) to provide safe driver assistance and comfortable services. The controller area network (CAN) provides near real-time data transmission between ECUs with adequate reliability for in-vehicle communication. However, the lack of security measures such as authentication and encryption makes the CAN bus vulnerable to cyberattacks, which affect the safety of passengers and the surrounding environment. Detecting attacks on the CAN bus, particularly masquerade attacks, presents significant challenges. It necessitates an intrusion detection system (IDS) that effectively utilizes both CAN ID and payload data to ensure thorough detection and protection against a wide range of attacks, all while operating within the constraints of limited computing resources. This paper introduces an ensemble IDS that combines a gated recurrent unit (GRU) network and a novel autoencoder (AE) model to identify cyberattacks on the CAN bus. AEs are expected to produce higher reconstruction errors for anomalous inputs, making them suitable for anomaly detection. However, vanilla AE models often suffer from overgeneralization, reconstructing anomalies without significant errors, resulting in many false negatives. To address this issue, this paper proposes a novel AE called Latent AE, which incorporates a shallow AE into the latent space. The Latent AE model utilizes Cramér's statistic-based feature selection technique and a transformed CAN payload data structure to enhance its efficiency. The proposed ensemble IDS enhances attack detection capabilities by leveraging the best capabilities of independent GRU and Latent AE models, while mitigating the weaknesses associated with each individual model. The evaluation of the IDS on two public datasets, encompassing 13 different attacks, including sophisticated masquerade attacks, demonstrates its superiority over baseline models with near real-time detection latency of 25ms.
Citation
RAJAPAKSHA, S., KALUTARAGE, H., AL-KADRI, M.O., PETROVSKI, A. and MADZUDZO, G. 2023. Beyond vanilla: improved autoencoder-based ensemble in-vehicle intrusion detection system. Journal of information security and applications [online], 77, article number 103570. Available from: https://doi.org/10.1016/j.jisa.2023.103570
| Journal Article Type | Article |
|---|---|
| Acceptance Date | Jul 19, 2023 |
| Online Publication Date | Aug 14, 2023 |
| Publication Date | Sep 30, 2023 |
| Deposit Date | Aug 15, 2023 |
| Publicly Available Date | Aug 15, 2023 |
| Journal | Journal of information security and applications |
| Print ISSN | 2214-2126 |
| Electronic ISSN | 2214-2134 |
| Publisher | Elsevier |
| Peer Reviewed | Peer Reviewed |
| Volume | 77 |
| Article Number | 103570 |
| DOI | https://doi.org/10.1016/j.jisa.2023.103570 |
| Keywords | Controller area networks (CANs); Automotive cybersecurity; Machine learning; Deep learning; Autoencoders; Anomaly detection |
| Public URL | https://rgu-repository.worktribe.com/output/2043355 |
Files
RAJAPAKSHA 2023 Beyond vanilla
(3.2 Mb)
PDF
Publisher Licence URL
https://creativecommons.org/licenses/by/4.0/
You might also like
AI-based intrusion detection systems for in-vehicle networks: a survey.
(2023)
Journal Article
Keep the moving vehicle secure: context-aware intrusion detection system for in-vehicle CAN bus security.
(2022)
Presentation / Conference Contribution
AI-powered vulnerability detection for secure source code development.
(2023)
Presentation / Conference Contribution
MADONNA: browser-based malicious domain detection through optimized neural network with feature analysis.
(2024)
Presentation / Conference Contribution
Enhancing security assurance in software development: AI-based vulnerable code detection with static analysis.
(2024)
Presentation / Conference Contribution
Downloadable Citations
About OpenAIR@RGU
Administrator e-mail: publications@rgu.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search