IdentifierIDS: A Practical Voltage-Based Intrusion Detection System for Real In-Vehicle Networks

— As innovative technologies such as autonomous driving, over-the-air technology, and vehicle-to-everything are widely applied to intelligent connected vehicles, people can gain a more convenient and safer driving experience. Although the application of these technologies facilitates our lives, they also bring a series of vulnerable interfaces (such as 5G, Bluetooth, and WiFi), which pose a significant security threat to existing in-vehicle networks. To address these threats, researchers have proposed two mainstream schemes, including message authentication and intrusion detection system (IDS), where the scheme of message authentication needs to occupy the limited bandwidth of controller area network (CAN) bus. Furthermore, most IDSs either cannot locate the sender of the attack, fail to detect aperiodic malicious frames, or require prior knowledge of which CAN identifiers (IDs) belong to which electronic control units (ECUs). To address these weaknesses, we propose a practical voltage-based IDS named IdentifierIDS for real in-vehicle networks. To the best of our knowledge, it is the first scheme to detect intrusions by establishing a voltage fingerprint for each ID without the need for prior knowledge. This allows IdentifierIDS to detect both periodic and aperiodic malicious frames without occupying the limited bandwidth of the CAN bus. As a self-learning IDS, it can adapt to different in-vehicle networks without the need for customization for them. Experiments on three real vehicles demonstrate the robustness of our scheme in different in-vehicle networks.