A Lightweight Intrusion Detection System for In-Vehicle Communication on CAN

dc.contributor.authorThiringer, David
dc.contributor.authorKvarnström, Sebastian
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data och informationstekniksv
dc.contributor.examinerTomas, Olovsson
dc.date.accessioned2019-12-19T09:01:08Z
dc.date.available2019-12-19T09:01:08Z
dc.date.issued2019sv
dc.date.submitted2019
dc.description.abstractIn-vehicle networks (IVNs) are being equipped with an increasing number of electronic control units (ECUs) with each new generation of vehicles. This increase in ECUs contributes to a larger attack surface. Due to the lack of security mechanisms in the Controller Area Network (CAN) protocol, the most widely used communication bus for IVNs today, any ECU that is compromised can in turn compromise other parts of the network. As the attack surfaces of vehicles increase, so does the need for secure communications in the internal network to reduce the impact of attacks. One commonly proposed solution is the installation of an Intrusion Detection System (IDS) to detect attacks on the CAN bus. In this thesis, we investigate if it is possible to implement a data-driven intrusion detection algorithm for IVNs on low end hardware. Furthermore, we investigate what optimizations need to be done to the IDS for it to be able to detect attacks in a realistic environment in real-time. Using the state-of-the-art detection algorithm casad, we test whether it is able to reliably detect online attacks in a realistic environment. Having chosen four categories of attacks based on previous work within the field, the IDS was tested against them. The results of this thesis show that it is possible to detect at least three of the four attacks. The IDS was implemented on two different test benches where the first was used to verify our implementation, and the second to compare and evaluate the optimizations of the algorithm. The optimizations were done to meet the real-time requirements.sv
dc.identifier.coursecodeDATX05sv
dc.identifier.urihttps://hdl.handle.net/20.500.12380/300606
dc.language.isoengsv
dc.setspec.uppsokTechnology
dc.subjectIn-vehicle networksv
dc.subjectIntrusion Detection Systemsv
dc.subjectController Area Networksv
dc.subjectEmbedded Securitysv
dc.titleA Lightweight Intrusion Detection System for In-Vehicle Communication on CANsv
dc.type.degreeExamensarbete för masterexamensv
dc.type.uppsokH

Ladda ner

Original bundle

Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
CSE 19-125 Kvarnström Thiringer.pdf
Storlek:
6.21 MB
Format:
Adobe Portable Document Format
Beskrivning:
CSE 19-125 Kvarnström Thiringer

License bundle

Visar 1 - 1 av 1
Hämtar...
Bild (thumbnail)
Namn:
license.txt
Storlek:
1.14 KB
Format:
Item-specific license agreed upon to submission
Beskrivning: