TOW-IDS: Intrusion Detection System Based on Three Overlapped Wavelets for Automotive Ethernet | IEEE Journals & Magazine | IEEE Xplore

TOW-IDS: Intrusion Detection System Based on Three Overlapped Wavelets for Automotive Ethernet

DatasetsAvailable

Abstract:

Devices that ensure vehicle and driver safety or provide services to drivers generate a substantial amount of network traffic. The traffic is transmitted to the In-Vehicl...Show More

Abstract:

Devices that ensure vehicle and driver safety or provide services to drivers generate a substantial amount of network traffic. The traffic is transmitted to the In-Vehicle Network (IVN) depending on the defined function. Consequently, to quickly process a lot of traffic transmitted to the IVN, an advanced network protocol such as Automotive Ethernet is necessary. However, owing to the connectivity reinforcement between devices inside a vehicle and external networks, attack vectors and vulnerabilities can be easily inherited from an established Ethernet to Automotive Ethernet. The present study proposes a method for detecting and identifying abnormalities in Automotive Ethernet based on wavelet transform and deep convolutional neural network. First, we define attack scenarios and extract normal and abnormal data corresponding to these scenarios. Second, we conduct several preprocesses, such as fixing the packet size and normalizing the network image data. Finally, we conduct extensive evaluations of the proposed method’s performance, considering the size of network image data and multi-resolution levels. The results demonstrate that the proposed method can effectively detect an abnormality. Furthermore, the results suggest that the our method is more effective in terms of time-cost compared to default ResNet and EfficientNet methods.
Page(s): 411 - 422
Date of Publication: 14 November 2022

ISSN Information:

Funding Agency:


I. Introduction

In recent years, the automotive industry has seen rapid adoption of in-vehicle systems (such as infotainment system and advanced driver assistance system (ADAS)) and a multitude of sensors (such as a vision camera, radar, and lidar) that can accurately and quickly recognize the area around a vehicle. These advanced technologies generate a large amount of network traffic during communication between networks inside the system and communication with networks outside the vehicle. As a type of integrated sensing and communication (ISAC) concept, a new network environment is required to enable fast and accurate integrated processing of data of different types of protocols generated from heterogeneous networks of a vehicle [1]. Currently, many studies and industrial efforts toward handling a large amount of network traffic in an Automotive Ethernet are underway. Furthermore, to secure compatibility with existing web or mobile services, Automotive Ethernet adopts current ICT communication protocols, including the original Transmission Control Protocol (TCP)/Internet Protocol (IP). However, this indicates that various attack vectors and vulnerabilities that had occurred in the existing communication environment can be conveyed in the Automotive Ethernet environment. Even a minor risk posed by the attack vectors and vulnerabilities can jeopardize the safety of drivers, passengers, and pedestrians around vehicles at any time. Therefore, to ensure security of the IVN and the safety of drivers, a study needs to be conducted to detect the abnormality of a vehicle network and to identify their attack types in the Automotive Ethernet environment.

This article includes datasets hosted on IEEE DataPort(TM), a data repository created by IEEE to facilitate research reproducibility or another IEEE approved repository. Click the dataset name below to access it on the data repository
Contact IEEE to Subscribe

References

References is not available for this document.