摘要
车载控制器局域网(Controller Area Network,CAN)连接着智能网联汽车系统的核心电子控制单元,对于保证汽车系统的安全性至关重要。由于其缺乏足够的信息安全措施,容易遭受拒绝服务(Denial of Service,DoS)攻击、重放攻击、模糊攻击等,给汽车系统及驾乘人员带来严重安全威胁。文章通过分析车载CAN面临的信息安全威胁,提取CAN报文在报文ID、时间间隔、数据字段中的通信特征,提出一种基于长短期记忆(Long Short Term Memory,LSTM)的CAN入侵检测模型,该模型能有效保留CAN报文的时序特征,在CAN遭受攻击时检测攻击行为以及对应的攻击类型。实验结果表明,该模型的攻击检测精度达99.99%。
The controller area network(CAN) is connected to the core electronic control units of the intelligent networked automobile system, which is crucial to ensure the safety of the vehicle system. But it is vulnerable to denial of service(DoS) attack, replay attack and fuzzy attack due to its lack of adequate information security measures and thus causes serious security threat for automobiles and drivers. In order to effectively detect whether the CAN bus was attacked,the security threats and communication features were analyzed, and a model of CAN intrusion detection based on long short term memory(LSTM) was proposed, which could preserve the timing characteristics of CAN messages and effectively perform intrusion detection and attack classification. The experimental results show that the detection accuracy of the model is 99.99%.
作者
银鹰
周志洪
姚立红
YIN Ying;ZHOU Zhihong;YAO Lihong(Institute of Cyber Science and Technology,Shanghai Jiao Tong University,Shanghai 200240,China;Shanghai Key Laboratory of Integrated Administration Technologies for Information Security,Shanghai 200240,China;School of Cyber Science and Engineering,Shanghai Jiao Tong University,Shanghai 200240,China)
出处
《信息网络安全》
CSCD
北大核心
2022年第12期57-66,共10页
Netinfo Security
基金
国家自然科学基金[U20B2048]。
关键词
智能网联汽车
CAN
入侵检测
LSTM
intelligent networked automobile
CAN
intrusion detection
LSTM
作者简介
通信作者:银鹰(1977-),女,湖南,助理研究员,硕士,主要研究方向为网络安全检测与风险评估、密码应用安全和车联网安全,yyin@sjtu.edu.cn;周志洪(1979-),男,江西,讲师,博士,主要研究方向为网络安全检测与风险评估、密码应用安全和车联网安全;姚立红(1974-),女,江苏,高级工程师,博士,主要研究方向为操作系统与移动端安全、车联网安全。
