Skip to main content

Research Repository

Advanced Search

Context-aware anomaly detector for monitoring cyber attacks on automotive CAN bus.

Kalutarage, Harsha Kumara; Al-Kadri, M. Omar; Cheah, Madeline; Madzudzo, Garikayi

Authors

M. Omar Al-Kadri

Madeline Cheah

Garikayi Madzudzo



Contributors

Hans-Joachim Hof
Editor

Mario Fritz
Editor

Christoph Kraub
Editor

Oliver Wasenm�ller
Editor

Abstract

Automotive electronics is rapidly expanding. An average vehicle contains million lines of software codes, running on 100 of electronic control units (ECUs), in supporting number of safety, driver assistance and infotainment functions. These ECUs are networked using a Controller Area Network (CAN). Security of the CAN bus has not historically been a major concern, however, recent research demonstrate that CAN has many vulnerabilities to cyber attacks. This paper presents a contextualised anomaly detector for monitoring cyber attacks on the CAN bus. Proposed algorithm is based on message sequence modelling, using so called N-grams distributions. It utilises only benign data (one class) for training and threshold estimation. Performance of the algorithm was tested against two different attack scenarios, RPM and gear gauge messages spoofing, using data captured from a real vehicle. Experimental outcomes demonstrate that proposed algorithm is capable of detecting both attacks with 100% accuracy, using far smaller time windows (100ms) which is essential for a practically deployable automotive cyber security solution.

Citation

KALUTARAGE, H.K., AL-KADRI, M.O., CHEAH, M. and MADZUDZO, G. 2019. Context-aware anomaly detector for monitoring cyber attacks on automotive CAN bus. In Hof, H.-J., Fritz, M., Kraub, C. and Wasenmüller, O. (eds.). Proceedings of 2019 Computer science in cars symposium (CSCS 2019), 8 October 2019, Kaiserslautern, Germany. New York: ACM [online], article number 7. Available from: https://doi.org/10.1145/3359999.3360496

Conference Name 2019 Computer science in cars symposium (CSCS 2019)
Conference Location Kaiserslautern, Germany
Start Date Oct 8, 2019
Acceptance Date Sep 11, 2019
Online Publication Date Oct 8, 2019
Publication Date Oct 8, 2019
Deposit Date Sep 12, 2019
Publicly Available Date Mar 29, 2024
Publisher Association for Computing Machinery (ACM)
ISBN 9781450370042
DOI https://doi.org/10.1145/3359999.3360496
Keywords In-vehicle networks; CAN bus; Automotive cyber security; Context-aware anomaly detection
Public URL https://rgu-repository.worktribe.com/output/544552

Files




You might also like



Downloadable Citations