TY - JOUR
T1 - An experimental study towards attacker identification in automotive networks
AU - Ning, Jing
AU - Liu, Jiajia
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019
Y1 - 2019
N2 - The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.
AB - The auxiliary functions of modern vehicles have increased the number of attack surfaces. As the most important information exchange channel for vehicles, Controller Area Network (CAN) attracts more and more attention. Due to no encryption and authentication, CAN bus is vulnerable to attack. Thus, the attacker can manipulate the message with serious consequences. Several methods have been proposed to improve the security of vehicles. However, most of them have their own deficiencies. In this paper, we propose an LOF-based attack detection scheme which utilizes the voltage physical characteristics of the CAN frame to judge whether a message is transmitted by a legitimate Electronic Control Unit (ECU). As validated by extensive experiments on two vehicles, our scheme can identify the attacker with an average detection rate of 98.9%, and the false detection rate is less than 0.5%. In addition, our scheme can accurately identify attacks from external devices.
UR - http://www.scopus.com/inward/record.url?scp=85081946502&partnerID=8YFLogxK
U2 - 10.1109/GLOBECOM38437.2019.9013930
DO - 10.1109/GLOBECOM38437.2019.9013930
M3 - 会议文章
AN - SCOPUS:85081946502
SN - 2334-0983
JO - Proceedings - IEEE Global Communications Conference, GLOBECOM
JF - Proceedings - IEEE Global Communications Conference, GLOBECOM
M1 - 9013930
T2 - 2019 IEEE Global Communications Conference, GLOBECOM 2019
Y2 - 9 December 2019 through 13 December 2019
ER -