scholarly journals A Real-time Anomaly-based Intrusion Detection System for Automotive Controller Area Networks

2020 ◽  
Author(s):  
Luís Felipe Prado D'Andrada ◽  
Paulo Freitas de Araujo-Filho ◽  
Divanilson Rodrigo Campelo
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
True Positive Rate ◽  
Detection Algorithm ◽  
Cyber Attacks ◽  
Area Network ◽  
Controller Area Networks ◽  
Positive Rate ◽  
Promising Solution

The Controller Area Network (CAN) is the most pervasive in-vehiclenetwork technology in cars. However, since CAN was designed with no securityconcerns, solutions to mitigate cyber attacks on CAN networks have been pro-posed. Prior works have shown that detecting anomalies in the CAN networktraffic is a promising solution for increasing vehicle security. One of the mainchallenges in preventing a malicious CAN frame transmission is to be able todetect the anomaly before the end of the frame. This paper presents a real-timeanomaly-based Intrusion Detection System (IDS) capable of meeting this dead-line by using the Isolation Forest detection algorithm implemented in a hardwaredescription language. A true positive rate higher than 99% is achieved in testscenarios. The system requires less than 1μs to evaluate a frame’s payload, thusbeing able to detect the anomaly before the end of the frame.

scholarly journals Cybersecurity in Automotive: An Intrusion Detection System in Connected Vehicles

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1765
Author(s):  
Francesco Pascale ◽  
Ennio Andrea Adinolfi ◽  
Simone Coppola ◽  
Emanuele Santonicola
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Cyber Attacks ◽  
Connected Vehicles ◽  
Area Network ◽  
Automotive Sector ◽  
Cyber Attack ◽  
Data Set ◽  
Evaluation Parameters

Today’s modern vehicles are connected to a network and are considered smart objects of IoT, thanks to the capability to send and receive data from the network. One of the greatest challenges in the automotive sector is to make the vehicle secure and reliable. In fact, there are more connected instruments on a vehicle, such as the infotainment system and/or data interchange systems. Indeed, with the advent of new paradigms, such as Smart City and Smart Road, the vision of Internet of Things has evolved substantially. Today, we talk about the V2X systems in which the vehicle is strongly connected with the rest of the world. In this scenario, the main aim of all connected vehicles vendors is to provide a secure system to guarantee the safety of the drive and persons against a possible cyber-attack. So, in this paper, an embedded Intrusion Detection System (IDS) for the automotive sector is introduced. It works by adopting a two-step algorithm that provides detection of a possible cyber-attack. In the first step, the methodology provides a filter of all the messages on the Controller Area Network (CAN-Bus) thanks to the use of a spatial and temporal analysis; if a set of messages are possibly malicious, these are analyzed by a Bayesian network, which gives the probability that a given event can be classified as an attack. To evaluate the efficiency and effectiveness of our method, an experimental campaign was conducted to evaluate them, according to the classic evaluation parameters for a test’s accuracy. These results were compared with a common data set on cyber-attacks present in the literature. The first experimental results, obtained in a test scenario, seem to be interesting. The results show that our method has good correspondence in the presence of the most common cyber-attacks (DDoS, Fuzzy, Impersonating), obtaining a good score relative to the classic evaluation parameters for a test’s accuracy. These results have decreased performance when we test the system on a Free State Attack.

Structural Design of Intrusion Detection System

2014 ◽  
Vol 530-531 ◽  
pp. 705-708
Author(s):  
Yao Meng
Keyword(s):  
Intrusion Detection ◽  
Structural Design ◽  
Intrusion Detection System ◽  
Detection System ◽  
Algorithm Design ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Detection Algorithms ◽  
Defense Systems ◽  
Ddos Attack Detection

This paper first engine starting defense from Intrusion Detection, Intrusion detection engine analyzes the hardware platform, the overall structure of the technology and the design of the overall structure of the plug, which on the whole structure from intrusion defense systems were designed; then described in detail improved DDOS attack detection algorithm design thesis, and the design of anomaly detection algorithms.

Search on Method of Netwok Intrusion Detection Based on Support Vector Machine with Pre-Extracting Support Vector

2013 ◽  
Vol 655-657 ◽  
pp. 1787-1790
Author(s):  
Sheng Chen Yu ◽  
Li Min Sun ◽  
Yang Xue ◽  
Hui Guo ◽  
Xiao Ju Wang ◽  
...  
Keyword(s):  
Support Vector Machine ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Detection Algorithm ◽  
Support Vector ◽  
Distance Ratio ◽  
Training Time ◽  
Training Examples ◽  
Center Distance

Intrusion detection algorithm based on support vector machine with pre-extracting support vector is proposed which combines the center distance ratio and classification algorithm. Given proper thresholds, we can use the support vector as a substitute for the training examples. Then the scale of dataset is decreased and the performance of support vector machine is improved in the detection rate and the training time. The experiment result has shown that the intrusion detection system(IDS) based on support vector machine with pre-extracting support needs less training time under the same detection performance condition.

scholarly journals An Intrusion Detection System for Smart Grid Neighborhood Area Network

2021 ◽  
Author(s):  
Nasim Beigi Mohammadi
Keyword(s):  
Intrusion Detection ◽  
Smart Grid ◽  
Intrusion Detection System ◽  
Detection System ◽  
Area Network ◽  
Wormhole Attack ◽  
Detection Systems ◽  
Wireless Mesh ◽  
First Time ◽  
Neighborhood Area Network

Smart grid is expected to improve the efficiency, reliability and economics of current energy systems. Using two-way flow of electricity and information, smart grid builds an automated, highly distributed energy delivery network. In this thesis, we present the requirements for intrusion detection systems in smart grid, neighborhood area network (NAN) in particular. We propose an intrusion detection system (IDS) that considers the constraints and requirements of the NAN. It captures the communication and computation overhead constraints as well as the lack of a central point to install the IDS. The IDS is distributed on some nodes which are powerful in terms of memory, computation and the degree of connectivity. Our IDS uses an analytical approach for detecting Wormhole attack. We simulate wireless mesh NANs in OPNET Modeler and for the first time, we integrate our analytical model in Maple from MapleSoft with our OPNET simulation model.

scholarly journals Scrutinizing Attacks and Evaluating Performance Appraisal Parameters via Feature Selection in Intrusion Detection System

2021 ◽  
Author(s):  
Navroop Kaur ◽  
Meenakshi Bansal ◽  
Sukhwinder Singh S
Keyword(s):  
Feature Selection ◽  
Performance Evaluation ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Denial Of Service ◽  
Cyber Attacks ◽  
Support Vector ◽  
K Nearest Neighbor ◽  
Evaluation Parameters

Abstract In modern times the firewall and antivirus packages are not good enough to protect the organization from numerous cyber attacks. Computer IDS (Intrusion Detection System) is a crucial aspect that contributes to the success of an organization. IDS is a software application responsible for scanning organization networks for suspicious activities and policy rupturing. IDS ensures the secure and reliable functioning of the network within an organization. IDS underwent huge transformations since its origin to cope up with the advancing computer crimes. The primary motive of IDS has been to augment the competence of detecting the attacks without endangering the performance of the network. The research paper elaborates on different types and different functions performed by the IDS. The NSL KDD dataset has been considered for training and testing. The seven prominent classifiers LR (Logistic Regression), NB (Naïve Bayes), DT (Decision Tree), AB (AdaBoost), RF (Random Forest), kNN (k Nearest Neighbor), and SVM (Support Vector Machine) have been studied along with their pros and cons and the feature selection have been imposed to enhance the reading of performance evaluation parameters (Accuracy, Precision, Recall, and F1Score). The paper elaborates a detailed flowchart and algorithm depicting the procedure to perform feature selection using XGB (Extreme Gradient Booster) for four categories of attacks: DoS (Denial of Service), Probe, R2L (Remote to Local Attack), and U2R (User to Root Attack). The selected features have been ranked as per their occurrence. The implementation have been conducted at five different ratios of 60-40%, 70-30%, 90-10%, 50-50%, and 80-20%. Different classifiers scored best for different performance evaluation parameters at different ratios. NB scored with the best Accuracy and Recall values. DT and RF consistently performed with high accuracy. NB, SVM, and kNN achieved good F1Score.

The Study of the Ontology and Context Verification Based Intrusion Detection Model

2014 ◽  
Vol 644-650 ◽  
pp. 3338-3341 ◽  
Author(s):  
Guang Feng Guo
Keyword(s):  
Intrusion Detection ◽  
Knowledge Base ◽  
False Positive ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Positive Rate ◽  
False Positives ◽  
The Real ◽  
Detection Model ◽  
Positive Rate

During the 30-year development of the Intrusion Detection System, the problems such as the high false-positive rate have always plagued the users. Therefore, the ontology and context verification based intrusion detection model (OCVIDM) was put forward to connect the description of attack’s signatures and context effectively. The OCVIDM established the knowledge base of the intrusion detection ontology that was regarded as the center of efficient filtering platform of the false alerts to realize the automatic validation of the alarm and self-acting judgment of the real attacks, so as to achieve the goal of filtering the non-relevant positives alerts and reduce false positives.

Sign in / Sign up

Export Citation Format

Share Document