Evaluation framework for network intrusion detection systems for in-vehicle CAN

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

Abstract

Modern vehicles are complex safety critical cyber physical systems, that are connected to the outside world, with all security implications it brings. Different network intrusion detection systems (NIDSs) proposed for the CAN bus, the predominant type of in-vehicle network, to improve security are hard to compare due to disparate evaluation methods adopted. In this paper we provide the means to compare CAN NIDSs on equal footing and evaluate the ones detailed in the literature. Based on this we observe some limitation of existing approaches and why in the CAN setting it is intrinsically difficult to distinguish benign from malicious payload. We argue that 'meaning-aware' detection (a concept we define) which is challenging (but perhaps not impossible) to create for this setting.

Original languageEnglish
Title of host publication2019 8th IEEE International Conference on Connected Vehicles and Expo, ICCVE 2019 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers
ISBN (Electronic)9781728101422
DOIs
Publication statusPublished - Nov 2019
Event8th IEEE International Conference on Connected Vehicles and Expo, ICCVE 2019 - Graz, Austria
Duration: 4 Nov 20198 Nov 2019

Conference

Conference8th IEEE International Conference on Connected Vehicles and Expo, ICCVE 2019
CountryAustria
CityGraz
Period4/11/198/11/19

Keywords

  • CAN bus
  • Car hacking
  • In-vehicle networks
  • Intrusion detection

Fingerprint Dive into the research topics of 'Evaluation framework for network intrusion detection systems for in-vehicle CAN'. Together they form a unique fingerprint.

Cite this