Advertisement

An Intrusion Detection System Based on Machine Learning for CAN-Bus

  • Daxin Tian
  • Yuzhou Li
  • Yunpeng WangEmail author
  • Xuting Duan
  • Congyu Wang
  • Wenyang Wang
  • Rong Hui
  • Peng Guo
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 221)

Abstract

The CAN-Bus is currently the most widely used vehicle bus network technology, but it is designed for needs of vehicle control system, having massive data and lacking of information security mechanisms and means. The Intrusion Detection System (IDS) based on machine learning is an efficient active information security defense method and suitable for massive data processing. We use a machine learning algorithm—Gradient Boosting Decision Tree (GBDT) in IDS for CAN-Bus and propose a new feature based on entropy as the feature construction of GBDT algorithm. In detection performance, the IDS based on GBDT has a high True Positive (TP) rate and a low False Positive (FP) rate.

Keywords

CAN-Bus Information security IDS Machine learning GBDT Entropy Detection performance 

Notes

Acknowledgments

This research was supported by the National Key Research and Development Program of China (2016YFB0100902).

References

  1. 1.
    Senn, S.: Analysis and application for CAN-bus controller integrated in AVR MCU, pp. 2661–2674 (1996)Google Scholar
  2. 2.
    Ricci, C.P.: Controller area network bus (2013)Google Scholar
  3. 3.
    Taha, A.E.M., Nasser, N.: Utilizing CAN-Bus and smartphones to enforce safe and responsible driving, pp. 111–115 (2015)Google Scholar
  4. 4.
    Guerrero-Ibanez, J.A., Zeadally, S., Contreras-Castillo, J.: Integration challenges of intelligent transportation systems with connected vehicle, cloud computing, and internet of things technologies. IEEE Wirel. Commun. 22, 122–128 (2015)CrossRefGoogle Scholar
  5. 5.
    Huang, C.H., Chen, H.Y., Huang, T.F., Tzeng, Y.Y., Li, P.Y., Wu, P.S.: A self-adaptive system for vehicle information security applications. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, pp. 188–192 (2015)Google Scholar
  6. 6.
    Matsui, M.: The first experimental cryptanalysis of the data encryption standard. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 1–11. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_1 Google Scholar
  7. 7.
    Biryukov, A., Cannière, C.D.: Data encryption standard (DES) (2005)Google Scholar
  8. 8.
    Lowe, G.: An attack on the Needham-Schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)CrossRefzbMATHGoogle Scholar
  9. 9.
    Manner, J., Karagiannis, G., Mcdonald, A.: NSIS Signaling Layer Protocol (NSLP) for quality-of-service signaling. IETF 31(2), 152–160 (2010)Google Scholar
  10. 10.
    Huang, M.Y., Jasper, R.J., Wicks, T.M.: A large scale distributed intrusion detection framework based on attack strategy analysis. Comput. Netw. 31(23–24), 2465–2475 (1998)Google Scholar
  11. 11.
    Hoppe, T., Kiltz, S., Dittmann, J.: Security Threats to Automotive CAN networks – practical examples and selected short-term countermeasures. In: Harrison, Michael D., Sujan, M.-A. (eds.) SAFECOMP 2008. LNCS, vol. 5219, pp. 235–248. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-87698-4_21 CrossRefGoogle Scholar
  12. 12.
    Cheng, K., Zhang, C.: Feature-based weighted Naive Bayesian classifier. Comput. Simul. 23(10), 92–94 (2006)Google Scholar
  13. 13.
    Müter, M., Asaj, N.: Entropy-based anomaly detection for in-vehicle networks. In: Intelligent Vehicles Symposium, pp. 1110–1115 (2011)Google Scholar
  14. 14.
    Robnikšikonja, M., Kononenko, I.: Theoretical and empirical analysis of ReliefF and RReliefF. Mach. Learn. 53(1), 23–69 (2003)CrossRefzbMATHGoogle Scholar
  15. 15.
    Larson, U.E., Nilsson, D.K., Jonsson, E.: An approach to specification-based attack detection for in-vehicle networks. In: Intelligent Vehicles Symposium, pp. 220–225 (2008)Google Scholar
  16. 16.
    Friedman, J.H.: Greedy function approximation: a gradient boosting machine. Annal. Stat. 29, 1189–1232 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Hamid, Y., Sugumaran, M., Journaux, L.: Machine learning techniques for intrusion detection: a comparative analysis. In: International Conference on Informatics and Analytics (2016)Google Scholar
  18. 18.
    Xu, M., Watanachaturaporn, P., Varshney, P.K., Arora, M.K.: Decision tree regression for soft classification of remote sensing data. Remote Sens. Environ. 97, 322–336 (2005)CrossRefGoogle Scholar
  19. 19.
    Takimoto, E., Maruoka, A.: Top-down decision tree learning as information based boosting. Theor. Comput. Sci. 292, 447–464 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Iqbal, M.R.A., Rahman, S., Nabil, S.I., Chowdhury, I.U.A.: Knowledge based decision tree construction with feature importance domain knowledge. In: International Conference on Electrical & Computer Engineering, pp. 659–662 (2012)Google Scholar
  21. 21.
    Liang, J., Shi, Z., Li, D., Wierman, M.J.: Information entropy, rough entropy and knowledge granulation in incomplete information systems. Int. J. Gen. Syst. 35(6), 641–654 (2006)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Daxin Tian
    • 1
    • 3
    • 4
  • Yuzhou Li
    • 1
    • 3
    • 4
  • Yunpeng Wang
    • 1
    • 3
    • 4
    Email author
  • Xuting Duan
    • 3
  • Congyu Wang
    • 3
  • Wenyang Wang
    • 2
  • Rong Hui
    • 2
  • Peng Guo
    • 2
  1. 1.Beijing Advanced Innovation Center for Big Data and Brain ComputingBeihang UniversityBeijingChina
  2. 2.China Automotive Technology and Research Center, Automotive Engineering Research InstituteTianjinChina
  3. 3.Beijing Key Laboratory for Cooperative Vehicle Infrastructure Systems and Safety Control, School of Transportation Science and EngineeringBeihang UniversityBeijingChina
  4. 4.Jiangsu Province Collaborative Innovation Center of Modern Urban Traffic TechnologiesNanjingChina

Personalised recommendations