计算机科学 ›› 2021, Vol. 48 ›› Issue (1): 34-39.doi: 10.11896/jsjkx.200900181
于天琪1, 胡剑凌1, 金炯2, 羊箭锋1
YU Tian-qi1, HU Jian-ling1, JIN Jiong2, YANG Jian-feng1
摘要: 随着车联网技术的快速发展和广泛部署,其在为智能网联汽车提供互联网与大数据分析等智能化服务的同时,引入了网络入侵等安全与隐私问题。传统车载网络的封闭性导致现有的车载网络通信协议,特别是部署最为广泛的控制器局域网络(Controller Area Network,CAN)总线协议,在发布时缺少隐私与安全保护机制。因此,为检测网络入侵、保护智能网联汽车安全,文中提出了一种基于支持向量数据描述(Support Vector Data Description,SVDD)的车载CAN网络入侵检测方法。该方法提取单位时间窗内CAN网络报文ID的加权自信息量和ID的归一化值作为特征信息,并在移动边缘计算服务器处构建并训练SVDD模型,目标车辆基于训练的SVDD模型进行异常特征值识别,从而实现实时的车载CAN网络入侵检测。文中采用韩国高丽大学HCR实验室公开的CAN网络数据集,对所提方法与3种传统的基于信息熵的车载网络入侵检测方法在拒绝服务攻击和伪装攻击检测准确率方面进行了对比与分析。仿真实验结果表明,在少量报文入侵时,所提方法显著提高了入侵检测的准确率。
中图分类号:
[1] LIU Z,ZHANG T.Research on automatic lane change method based on vehicle network information[J].Journal of Chongqing University of Technology (Natural Science),2020,34(4):11-17. [2] CHEN L,ZHANG D,LIANG J.The Driving active service selection method based on QoS for Internet of Vehicle environment[J].Journal of Chongqing University of Technology (Na-tural Science),2019,33(12):8-17. [3] LI Y,LUO Q,LIU J,et al.TSP security in intelligent and connected vehicles:challenges and solutions [J].IEEE Wireless Communications,2019,26(3):125-131. [4] WU W,LI R,XIE G,et al.A survey of intrusion detection for in-vehicle networks [J].IEEE Transactions on Intelligent Transportation System,2020,13(3):919-933. [5] MILLER C,VALASEK C.Remote exploitation of an unaltered passenger vehicle [R].BlackHat USA,2015. [6] KEEN SECURITY LAB.Car hacking research:Remote attack Tesla motors [EB/OL].[2020-09-24].https://www.blackhat.com/docs/us-17/thursday/us-17-Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus.pdf. [7] YOUNG C,ZAMBRENO J,OLUFOWOBI H,et al.Survey of automotive controller area network intrusion detection systems [J].IEEE Design & Test,2019,36(6):48-55. [8] CHOI W,JOO K,JO H J,et al.VoltageIDS:Low-level communication characteristics for automotive intrusion detection system[J].IEEE Transactions on Information Forensics Security,2018,13(8):2114-2129. [9] CHO K T,SHIN K G.Fingerprinting electronic control units for vehicle intrusion detection[C]//25th USENIX Conference on Security Symposium.2016:911-927. [10] SHIN K G,CHO K T.Viden:Attacker identification on in-vehicle networks[C]//ACM SIGSAC Conference on Computer Communication Security.2017:1109-1123. [11] SONG H M,KIM H R,KIM H K.Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network[C]//International Conference on Information Networks (ICOIN).2016:63-68. [12] LEE H,JEONG S H,KIM H K.OTIDS:A novel intrusion detection system for in-vehicle network by using remote frame[C]//15th IEEE PST.2017:5709-5757. [13] MÜTER M,ASAJ N.Entropy-based anomaly detection for in-vehicle networks[C]//IEEE Intelligent Vehicles Symposium.2011:1110-1115. [14] YU H,QIN G H,SUN M H,et al.Cyber security and anomaly detection method for in-vehicle CAN[J].Journal of Jilin University (Engineering Edition),2016,46(4):1246-1253. [15] WU W,HUANG Y,KURACHI R,et al.Sliding window optimized information entropy analysis method for intrusion detection on in-vehicle networks[J].IEEE Access,2018,6:45233-45245. [16] YU C,LIN B,GUI P,et al.Deployment and dimensioning of fog computing-based Internet of Vehicle infrastructure for autonomous driving[J].IEEE Internet of Things Journal,2019,6(1):149-160. [17] YU X,LIU Y,SHI X,et al.Mobile edge computing offloading strategy under Internet of Vehicles scenario[J].Computer Engineering,2020,46(11):29-34,41. [18] LING F,DUAN J,LI C,et al.Research on dynamic load balancing algorithm for C-V2X edge server[J].Computer Enginee-ring,2020,46(12):201-206,221. [19] TAX M J D,DUIN P W R.Support Vector Data Description[J].Machine Learning,2004,54:45-66. [20] Support Vector Data Description (SVDD) Toolkit [EB/OL].[2020-09-24].https://github.com/iqiukp/SVDD. |
[1] | 梁俊斌, 田凤森, 蒋婵, 王天舒. 物联网中多设备多服务器的移动边缘计算任务卸载技术综述[J]. 计算机科学, 2021, 48(1): 16-25. |
[2] | 毛莺池, 周彤, 刘鹏飞. 基于延迟接受的多用户任务卸载策略[J]. 计算机科学, 2021, 48(1): 49-57. |
[3] | 郦睿翔, 毛莺池, 郝帅. 基于近似匹配的移动边缘计算缓存管理方法[J]. 计算机科学, 2021, 48(1): 96-102. |
[4] | 郭飞雁, 唐兵. 基于用户延迟感知的移动边缘服务器放置方法[J]. 计算机科学, 2021, 48(1): 103-110. |
[5] | 葛雨明, 韩庆文, 王妙琼, 曾令秋, 李璐. 汽车大数据应用模式与挑战分析[J]. 计算机科学, 2020, 47(6): 59-65. |
[6] | 胡锦天, 王高才, 徐晓桐. 移动边缘计算中具有能耗优化的任务迁移策略[J]. 计算机科学, 2020, 47(6): 260-265. |
[7] | 冯安琪, 钱丽萍, 欧阳金源, 吴远. 车联网络通过两级量化自适应卡尔曼滤波实现车辆状态预测[J]. 计算机科学, 2020, 47(5): 230-235. |
[8] | 樊英, 张达敏, 陈忠云, 王依柔, 徐航, 王栎桥. 基于改进乌鸦算法的车载网络频谱分配方案[J]. 计算机科学, 2020, 47(12): 273-278. |
[9] | 田贤忠, 姚超, 赵晨, 丁军. 一种面向5G网络的移动边缘计算卸载策略[J]. 计算机科学, 2020, 47(11A): 286-290. |
[10] | 王春东, 罗婉薇, 莫秀良, 杨文军. 车联网互信认证与安全通信综述[J]. 计算机科学, 2020, 47(11): 1-9. |
[11] | 熊玲, 李发根, 刘志才. 车联网环境下基于区块链技术的条件隐私消息认证方案[J]. 计算机科学, 2020, 47(11): 55-59. |
[12] | 刘丹. 基于雾计算和自评估的VANET聚类与协作感知[J]. 计算机科学, 2020, 47(10): 55-62. |
[13] | 谷晓会,章国安. SDN在车载网中的应用综述[J]. 计算机科学, 2020, 47(1): 237-244. |
[14] | 薛玲玲, 樊秀梅. 基于分簇结构的车联网认知频谱分配机制[J]. 计算机科学, 2019, 46(9): 143-149. |
[15] | 王青龙, 乔瑞, 段宗涛. 针对车联网认证方案CPAV和ABV的安全分析[J]. 计算机科学, 2019, 46(4): 177-182. |
|