skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A Framework for Consistent and Repeatable Controller Area Network IDS Evaluation
The landscape of automotive vehicle attack surfaces continues to grow, and vulnerabilities in the controller area network (CAN) expose vehicles to cyber-physical risks and attacks that can endanger the safety of passengers and pedestrians. Intrusion detection systems (IDS) for CAN have emerged as a key mitigation approach for these risks, but uniform methods to compare proposed IDS techniques are lacking. In this paper, we present a framework for comparative performance analysis of state-of-the-art IDSs for CAN bus to provide a consistent methodology to evaluate and assess proposed approaches. This framework relies on previously published datasets comprising message logs recorded from a real vehicle CAN bus coupled with traditional classifier performance metrics to reduce the discrepancies that arise when comparing IDS approaches from disparate sources.  more » « less
Award ID(s):
2046705 2001789
PAR ID:
10396686
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
Fourth International Workshop on Automotive and Autonomous Vehicle Security
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, Proceedings of SAI Intelligent Systems Conference)
    Modern vehicle is considered as a system vulnerable to attacks because it is connected to the outside world via a wireless interface. Although, connectivity provides more convenience and features to the passengers, however, it also becomes a pathway for the attackers targeting in-vehicle networks. Research in vehicle security is getting attention as in-vehicle attacks can impact human life safety as modern vehicle is connected to the outside world. Controller area network (CAN) is used as a legacy protocol for in-vehicle communication, However, CAN suffers from vulnerabilities due to lack of authentication, as the information about sender is missing in CAN message. In this paper, a new CAN intrusion detection system (IDS) is proposed, the CAN messages are converted to temporal graphs and CAN intrusion is detected using machine learning algorithms. Seven graph-based properties are extracted and used as features for detecting intrusions utilizing two machine learning algorithms which are support vector machine (SVM) & k-nearest neighbors (KNN). The performance of the IDS was evaluated over three CAN bus attacks are denial of service (DoS), fuzzy & spoofing attacks on real vehicular CAN bus dataset. The experimental results showed that using graph-based features, an accuracy of 97.92% & 97.99% was achieved using SVM & KNN algorithms respectively, which is better than using traditional machine learning CAN bus features. 
    more » « less
  2. ; ; (, Springer Nature Switzerland)
    Hei, X; Garcia, L; Kim, T; Kim, K (Ed.)
    The Controller Area Network (CAN) is widely used in the automotive industry for its ability to create inexpensive and fast networks. However, it lacks an authentication scheme, making vehicles vulnerable to spoofing attacks. Evidence shows that attackers can remotely control vehicles, posing serious risks to passengers and pedestrians. Several strategies have been proposed to ensure CAN data integrity by identifying senders based on physical layer characteristics, but high computational costs limit their practical use. This paper presents a framework to efficiently identify CAN bus system senders by fingerprinting them. By modeling the CAN sender identification problem as an image classification task, the need for expensive handcrafted feature engineering is eliminated, improving accuracy using deep neural networks. Experimental results show the proposed methodology achieves a maximum identification accuracy of 98.34%, surpassing the state-of-the-art method’s 97.13%. The approach also significantly reduces computational costs, cutting data processing time by a factor of 27, making it feasible for real-time application in vehicles. When tested on an actual vehicle, the proposed methodology achieved a no-attack detection rate of 97.78% and an attack detection rate of 100%, resulting in a combined accuracy of 98.89%. These results highlight the framework’s potential to enhance vehicle cybersecurity by reliably and efficiently identifying CAN bus senders. 
    more » « less
  3. ; ; ; ; (, IEEE Transactions on Intelligent Transportation Systems)
    Exclusive bus lane strategy is widely adopted in many cities to improve bus operation effciency and reliability. With the development of connected vehicle technologies, the dynamic bus lane (DBL) strategy was proposed, with allowing general vehicles to share use of the bus lane to improve traffc effciency in general purpose lanes (GPLs). Previous studies have rarely considered the eco-driving strategy of connected and automated vehicles/buses (CAVs/CABs) in GPLs under the mixed traffc conditions, and how to ensure bus priority with DBL control. In this study, a novel DBL control strategy was developed under the partially connected vehicle environment. A trajectory planning method while considering the joint effects of bus stop and signal phase for CAB was adopted, an eco-driving strategy for CAVs in GPL was proposed using a trigonometry trajectory planning method. And a novel DBL control method was established by integrated trajectory planning for both the CAVs and CABs to ensure bus operation priority. Numerical experiments were conducted to evaluate performance of the proposed novel DBL control in terms of travel time and energy consumption of general vehicles at the different levels of CAV market penetration rates (MPRs). Results indicated that about 16%-42% energy savings can be achieved with MPR varying from 20% to 100%, and the travel time can be improved by about 4%-10%. Meanwhile, sensitivity analysis was conducted to quantify the impacts of key parameters, including vehicle target speeds, heterogeneous traffc fow, random arrival interval of cars, position of bus stop, traffc volume in GPL 
    more » « less
  4. ; (, ACM)
    Modern smart vehicles have a Controller Area Network (CAN) that supports intra-vehicle communication between intelligent Electronic Control Units (ECUs). The CAN is known to be vulnerable to various cyber attacks. In this paper, we propose a unified framework that can detect multiple types of cyber attacks (viz., Denial of Service, Fuzzy, Impersonation) affecting the CAN. Specifically, we construct a feature by observing the timing information of CAN packets exchanged over the CAN bus network over partitioned time windows to construct a low dimensional representation of the entire CAN network as a time series latent space. Then, we apply a two tier anomaly based intrusion detection model that keeps track of short term and long term memory of deviations in the initial time series latent space, to create a 'stateful latent space'. Then, we learn the boundaries of the benign stateful latent space that specify the attack detection criterion. To find hyper-parameters of our proposed model, we formulate a preference based multi-objective optimization problem that optimizes security objectives tailored for a network-wide time series anomaly based intrusion detector by balancing trade-offs between false alarm count, time to detection, and missed detection rate. We use real benign and attack datasets collected from a Kia Soul vehicle to validate our framework and show how our performance outperforms existing works. 
    more » « less
  5. ; ; ; (, Proceedings of the 24th International Conference on Logic for Programming, Artificial Intelligence and Reasoning (LPAR 2023))
    Piskac, Ruzica; Voronkov, Andrei (Ed.)
    Neural networks have become critical components of reactive systems in various do- mains within computer science. Despite their excellent performance, using neural networks entails numerous risks that stem from our lack of ability to understand and reason about their behavior. Due to these risks, various formal methods have been proposed for verify- ing neural networks; but unfortunately, these typically struggle with scalability barriers. Recent attempts have demonstrated that abstraction-refinement approaches could play a significant role in mitigating these limitations; but these approaches can often produce net- works that are so abstract, that they become unsuitable for verification. To deal with this issue, we present CEGARETTE, a novel verification mechanism where both the system and the property are abstracted and refined simultaneously. We observe that this approach allows us to produce abstract networks which are both small and sufficiently accurate, allowing for quick verification times while avoiding a large number of refinement steps. For evaluation purposes, we implemented CEGARETTE as an extension to the recently proposed CEGAR-NN framework. Our results are highly promising, and demonstrate a significant improvement in performance over multiple benchmarks. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email