CIVID - Collaborative In-vehicle Intrusion Detection
Examensarbete för masterexamen
Software engineering and technology (MPSOF), MSc
Context: Developments within the automotive domain have caused an increased vulnerability to attacks against connected vehicles. To mitigate this threat, vehicles utilize intrusion detection systems. Problem: Intrusion detection systems can be very effective in detecting and stopping ongoing attacks against vehicles. However, these systems are not infallible and would benefit from increased accuracy in their attack detection. Objective: By leveraging the access that these connected vehicles have to other ve hicles and the outside world, this thesis has designed and evaluated a framework for collaborative intrusion detection (CIVID) with the stated goal of increasing detec tion accuracy. Approach: A design science methodology has been applied to conceptualize the problem, design a solution and validate this solution through the simulation of a virtual vehicle fleet. Result: The aforementioned validation of the collaborative framework shows a marginal increase in accuracy measures through the utilization of a collaborative intrusion detection approach. However, the results also show that the implemen tation of CIVID yields increased time-to-detection of security events that require consultation. Conclusion: Despite showing increased accuracy measures, it is unclear whether or not the costs and risks associated with the CIVID framework outweigh the marginal improvements in accuracy measures that it provides. Also, there are many additional challenges that need to be dealt with when implementing the CIVID framework, such as trust- and resource management. How these are to be implemented as well as alternative implementations of the CIVID framework, is left to be explored in future research.
Automotive , AUTOSAR , Anomaly-based detection , Collaborative IDS In-vehicle networks , Intrusion detection systems