Litcius/Paper detail

An Anomaly Detection Method Based on Multiple LSTM-Autoencoder Models for In-Vehicle Network

Taeguen Kim, Jiyoon Kim, Ilsun You

2023Electronics23 citationsDOIOpen Access PDF

Abstract

The CAN (Controller Area Network) protocol is widely adopted for in-vehicle networks due to its cost efficiency and reliable transmission. However, despite its popularity, the protocol lacks built-in security mechanisms, making it vulnerable to attacks such as flooding, fuzzing, and DoS. These attacks can exploit vulnerabilities and disrupt the expected behavior of the in-vehicle network. One of the main reasons for these security concerns is that the protocol relies on broadcast frames for communication between ECUs (Electronic Control Units) within the network. To tackle this issue, we present an intrusion detection system that leverages multiple LSTM-Autoencoders. The proposed system utilizes diverse features, including transmission interval and payload value changes, to capture various characteristics of normal network behavior. The system effectively detects anomalies by analyzing different types of features separately using the LSTM-Autoencoder model. In our evaluation, we conducted experiments using real vehicle network traffic, and the results demonstrated the system’s high precision with a 99% detection rate in identifying anomalies.

Topics & Concepts

Computer scienceAutoencoderIntrusion detection systemFuzz testingExploitPayload (computing)Flooding (psychology)Anomaly detectionProtocol (science)Transmission (telecommunications)Real-time computingNetwork securityArtificial intelligenceComputer networkArtificial neural networkComputer securityNetwork packetTelecommunicationsSoftwareMedicinePathologyAlternative medicinePsychologyProgramming languagePsychotherapistVehicular Ad Hoc Networks (VANETs)Autonomous Vehicle Technology and SafetyAnomaly Detection Techniques and Applications
An Anomaly Detection Method Based on Multiple LSTM-Autoencoder Models for In-Vehicle Network | Litcius