Analysis of in-vehicle networks is an open research area that gained relevance after recent reports of cyber attacks against connected vehicles. After those attacks gained international media attention, many security researchers started to propose different algorithms that are capable to model the normal behaviour of the CAN bus to detect the injection of malicious messages. However, despite the automotive area has different constraint than classical IT security, many security research have been conducted by applying sophisticated algorithm used in IT anomaly detection, thus proposing solutions that are not applicable on current Electronic Control Units (ECUs). This paper proposes a novel intrusion detection algorithm that aims to identify malicious CAN messages injected by attackers in the CAN bus of modern vehicles. Moreover, the proposed algorithm has been designed and implemented with the very strict constraint of low-end ECUs, having low computational complexity and small memory footprints. The proposed algorithm identifies anomalies in the sequence of the payloads of different classes of IDs by computing the Hamming distance between consecutive payloads. Its detection performance are evaluated through experiments carried out using real CAN traffic gathered from an unmodified licensed vehicle.
Attenzione! Scheda prodotto non ancora validata dall'Ateneo
|Data di pubblicazione:||2017|
|Titolo:||Detecting attacks to internal vehicle networks through Hamming distance|
|Autori:||Dario, Stabili; Mirco, Marchetti; Michele, Colajanni|
|Data del convegno:||September 2017|
|Nome del convegno:||IEEE 2017 AEIT International Annual Conference - Infrastructures for Energy and ICT (AEIT 2017)|
|Luogo del convegno:||Cagliari, Italy|
|Titolo del libro:||Proceedings of the IEEE 2017 AEIT International Annual Conference - Infrastructures for Energy and ICT (AEIT 2017)|
|Appare nelle tipologie:||Relazione in Atti di Convegno|
I documenti presenti in Iris Unimore sono rilasciati con licenza Creative Commons Attribuzione - Non commerciale - Non opere derivate 3.0 Italia, salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris