Abstract
Modern vehicle is considered as a system vulnerable to attacks because it is connected to the outside world via a wireless interface. Although, connectivity provides more convenience and features to the passengers, however, it also becomes a pathway for the attackers targeting in-vehicle networks. Research in vehicle security is getting attention as in-vehicle attacks can impact human life safety as modern vehicle is connected to the outside world. Controller area network (CAN) is used as a legacy protocol for in-vehicle communication, However, CAN suffers from vulnerabilities due to lack of authentication, as the information about sender is missing in CAN message. In this paper, a new CAN intrusion detection system (IDS) is proposed, the CAN messages are converted to temporal graphs and CAN intrusion is detected using machine learning algorithms. Seven graph-based properties are extracted and used as features for detecting intrusions utilizing two machine learning algorithms which are support vector machine (SVM) & k-nearest neighbors (KNN). The performance of the IDS was evaluated over three CAN bus attacks are denial of service (DoS), fuzzy & spoofing attacks on real vehicular CAN bus dataset. The experimental results showed that using graph-based features, an accuracy of 97.92% & 97.99% was achieved using SVM & KNN algorithms respectively, which is better than using traditional machine learning CAN bus features.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alshammari, A., Zohdy, M., Debnath, D., Corser, G.: Classification approach for intrusion detection in vehicle systems. Wirel. Eng. Technol. 9, 79–94 (2018)
Alves, M., Pereira, M., Ramos, H.: CAN protocol: a laboratory prototype for field bus applications (2009)
Avatefipour, O., et al.: An intelligent secured framework for cyberattack detection in electric vehicles’ CAN bus using machine learning. IEEE Access 7, 127580–127592 (2019)
Avatefipour, O., Hafeez, A., Tayyab, M., Malik, H.: Linking received packet to the transmitter through physical-fingerprinting of controller area network (2017)
Barletta, V., Caivano, D., Nannavecchia, A., Scalera, M.: Intrusion detection for in-vehicle communication networks: an unsupervised Kohonen SOM approach. Future Internet 12, 119 (2020)
Berg, J., Dickhaut, J., Mccabe, K.: Trust, reciprocity, and social history. Games Econ. Behav. 10, 122–142 (1995)
Broster, I., Burns, A.: An analysable bus-guardian for event-triggered communication (2003)
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces (2011)
Ducoffe, G, Dragan, F.: A story of diameter, radius, and (almost) helly property. Networks (2020)
Eppstein, D.: Diameter and treewidth in minor-closed graph families. Algorithmica 27, 275–291 (2000)
Hafeez, A.: A robust, reliable and deployable framework for In-vehicle security (2020)
Hafeez, A., Malik, H., Avatefipour, O., Rongali, P., Zehra, S.: Comparative study of can-bus and flexray protocols for in-vehicle communication (2017)
Hafeez, A., Ponnapali, S., Malik, H.: Exploiting channel distortion for transmitter identification for in-vehicle network security. Sae Int. J. Transp. Cybersecurity Priv. 3 (2019)
Hafeez, A., Tayyab, M., Zolo, C., Awad, S.: Finger printing of engine control units by using frequency response for secure in-vehicle communication (2018)
Hafeez, A., Topolovec, K., Awad, S.: ECU fingerprinting through parametric signal modeling and artificial neural networks for in-vehicle security against spoofing attacks (2019)
Hafeez, A., Topolovec, K., Zolo, C., Sarwar, W.: State of the Art Survey on Comparison of CAN. FlexRay, LIN Protocol and Simulation of LIN Protocol (2020)
Hafeez, A., Rehman, K., Malik, H.: State of the Art Survey on Comparison of Physical Fingerprinting-Based Intrusion Detection Techniques for In-Vehicle Security (2020)
Hanselmann, M., Strauss, T., Dormann, K., Ulmer, H.: CANet: an unsupervised intrusion detection system for high dimensional CAN bus data. Ieee Access 8, 58194–58205 (2020)
Hossain, M., Inoue, H., Ochiai, H., Fall, D., Kadobayashi, Y.: LSTM-based intrusion detection system for in-vehicle can bus communications. IEEE Access 8, 185489–185502 (2020)
Hpl, S.: Introduction to the controller area network (CAN). Appl. Rep. Sloa1011-17 (2002)
Islam, R., Refat, R., Yerram, S., Malik, H.: Graph-Based Intrusion Detection System for Controller Area Networks. IEEE Trans. Intell. Transp. Syst. (2020)
Jung, J., Park, K., Cha, J.-S.: Implementation of a network-based distributed system using the CAN protocol. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds.) KES 2005. LNCS (LNAI), vol. 3681, pp. 1104–1110. Springer, Heidelberg (2005). https://doi.org/10.1007/11552413_157
Kang, M., Kang, J.: Intrusion detection system using deep neural network for in-vehicle network security. Plos One 11, e0155781 (2016)
Kowalik, Ł: Approximation scheme for lowest outdegree orientation and graph density measures. In: Asano, T. (ed.) ISAAC 2006. LNCS, vol. 4288, pp. 557–566. Springer, Heidelberg (2006). https://doi.org/10.1007/11940128_56
Loukas, G., Vuong, T., Heartfield, R., Sakellari, G., Yoon, Y., Gan, D.: Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6, 3491–3508 (2017)
Markovitz, M., Wool, A.: Field classification, modeling and anomaly detection in unknown CAN bus networks. Veh. Commun. 9, 43–52 (2017)
Martinelli, F., Mercaldo, F., Nardone, V., Santone, A.: Car hacking identification through fuzzy logic algorithms (2017)
Minawi, O., Whelan, J., Almehmadi, A., El-khatib, K.: Machine learning-based intrusion detection system for controller area networks (2020)
Newman, M.: Random graphs with clustering. Phys. Rev. Lett. 103, 058701 (2009)
Noble, W.: What is a support vector machine? Nature Biotechnol. 24, 1565–1567 (2006)
Noldus, R., Vanmieghem, P.: Assortativity in complex networks. J. Complex Netw. 3, 507–542 (2015)
Peterson, L.: K-nearest neighbor. Scholarpedia 4, 1883 (2009)
Salo, F., Injadat, M., Nassif, A., Shami, A., Essex, A.: Data mining techniques in intrusion detection systems: a systematic literature review. IEEE Access 6, 56046–56058 (2018)
Seo, E., Song, H., Kim, H.: Gids: Gan based intrusion detection system for in-vehicle network (2018)
Song, H., Woo, J., Kim, H.: In-vehicle network intrusion detection using deep convolutional neural network. Veh. Commun. 21, 100198 (2020)
Suthaharan, S.: Machine Learning Models and Algorithms for Big Data Classification. ISIS, vol. 36. Springer, Boston (2016). https://doi.org/10.1007/978-1-4899-7641-3
Tayyab, M., Hafeez, A., Malik, H.: Spoofing attack on clock based intrusion detection system in controller area networks (2018)
Theissler, A.: Detecting known and unknown faults in automotive systems using ensemble-based anomaly detection. Knowl.-Based Syst. 123, 163–173 (2017)
Ueda, H., Kurachi, R., Takada, H., Mizutani, T., Inoue, M., Horihata, S.: Security authentication system for in-vehicle network. SEI Tech. Rev. 81, 5–9 (2015)
Wu, W., et al.: A survey of intrusion detection for in-vehicle networks. IEEE Trans. Intell. Transp. Syst. 21, 919–933 (2019)
Yang, L., Moubayed, A., Hamieh, I., Shami, A.: Tree-based intelligent intrusion detection system in internet of vehicles (2019)
Charette, R.: This Car Runs on Code-IEEE Spectrum. IEEE Spectr. Technol. Engineering, And Science News https://spectrumieee.org/green-tech/advanced-cars/this-car-runs-on-code (2009)
Lin, C.: Sangiovanni-vincentelli, A.: Cyber-security for the controller area network (CAN) communication protocol (2012)
Groza, B., Murvay, S.: Efficient protocols for secure broadcast in controller area networks. IEEE Trans. Ind. Inf. 9, 2034–2042 (2013)
Dinatale, M., Zeng, H., Giusto, P., Ghosal, A.: Understanding and using the Controller Area Network Communication Protocol: Theory and Practice. Springer, New York (2012) https://doi.org/10.1007/978-1-4614-0314-2
Acknowledgment
The authors extend their appreciation to the Deputyship for Research & Innovation, Ministry of Education in Saudi Arabia for supporting this work through the project # DRI-KSU-934. This research is also partly supported by National Science Foundation (NSF) under the award # 2035770.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Refat, R.U.D., Elkhail, A.A., Hafeez, A., Malik, H. (2022). Detecting CAN Bus Intrusion by Applying Machine Learning Method to Graph Based Features. In: Arai, K. (eds) Intelligent Systems and Applications. IntelliSys 2021. Lecture Notes in Networks and Systems, vol 296. Springer, Cham. https://doi.org/10.1007/978-3-030-82199-9_49
Download citation
DOI: https://doi.org/10.1007/978-3-030-82199-9_49
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-82198-2
Online ISBN: 978-3-030-82199-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)