REAL
MagyarClear Cookie - decide language by browser settings

Improving CAN anomaly detection with correlation-based signal clustering

Koltai, Beatrix and Gazdag, András and Ács, Gergely (2023) Improving CAN anomaly detection with correlation-based signal clustering. INFOCOMMUNICATIONS JOURNAL, 15 (4). pp. 17-25. ISSN 2061-2079

[img]
Preview
 Text
InfocomJournal_2023_4_3.pdf
Download (1MB) | Preview

Abstract

Communication on the Controller Area Network (CAN) in vehicles is notably lacking in security measures, rendering it susceptible to remote attacks. These cyberattacks can potentially compromise safety-critical vehicle subsystems, and therefore endanger passengers and others around them. Identifying these intrusions could be done by monitoring the CAN traffic and detecting abnormalities in sensor measurements. To achieve this, we propose integrating time-series forecasting and signal correlation analysis to improve the detection accuracy of an onboard intrusion detection system (IDS). We predict sets of correlated signals collectively and report anomaly if their combined prediction error surpasses a predefined threshold. We show that this integrated approach enables the identification of a broader spectrum of attacks and significantly outperforms existing state-of-the-art solutions.

Item Type: Article
Subjects: Q Science / természettudomány > QA Mathematics / matematika > QA76.16-QA76.165 Communication networks, media, information society / kommunikációs hálózatok, média, információs társadalom
SWORD Depositor: MTMT SWORD
Depositing User: MTMT SWORD
Date Deposited: 31 Jan 2024 13:35
Last Modified: 31 Jan 2024 13:35
URI: http://real.mtak.hu/id/eprint/186787

Actions (login required)

Edit Item Edit Item
EPrints Logo
Repository of the Academy's Library is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.