A Lightweight Intrusion Detection System for In-Vehicle Communication on CAN
Publicerad
Författare
Typ
Examensarbete för masterexamen
Program
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
In-vehicle networks (IVNs) are being equipped with an increasing number of electronic
control units (ECUs) with each new generation of vehicles. This increase in
ECUs contributes to a larger attack surface. Due to the lack of security mechanisms
in the Controller Area Network (CAN) protocol, the most widely used communication
bus for IVNs today, any ECU that is compromised can in turn compromise
other parts of the network. As the attack surfaces of vehicles increase, so does
the need for secure communications in the internal network to reduce the impact
of attacks. One commonly proposed solution is the installation of an Intrusion
Detection System (IDS) to detect attacks on the CAN bus.
In this thesis, we investigate if it is possible to implement a data-driven intrusion
detection algorithm for IVNs on low end hardware. Furthermore, we investigate
what optimizations need to be done to the IDS for it to be able to detect attacks in
a realistic environment in real-time. Using the state-of-the-art detection algorithm
casad, we test whether it is able to reliably detect online attacks in a realistic
environment.
Having chosen four categories of attacks based on previous work within the
field, the IDS was tested against them. The results of this thesis show that it is
possible to detect at least three of the four attacks. The IDS was implemented on
two different test benches where the first was used to verify our implementation,
and the second to compare and evaluate the optimizations of the algorithm. The
optimizations were done to meet the real-time requirements.
Beskrivning
Ämne/nyckelord
In-vehicle network, Intrusion Detection System, Controller Area Network, Embedded Security