CANEDA-IDS: An Event-Driven Architecture for Intrusion Detection in CAN Networks
Abstract
In this work, we present an event-driven architecture for intrusion detection in vehicular CAN (Controller Area Network) networks. The effectiveness of the proposed architecture was evaluated using the ATAM (Architecture Tradeoff Analysis Method), which allowed for the identification of trade-offs between different quality attributes. Additionally, we conducted a compliance analysis with the ISO/IEC 25010 quality standards. The results indicate that the proposed architecture contributes to enhancing the security of vehicular CAN networks. Finally, the compliance analysis revealed that the architecture meets the critical requirements for robustness, adaptability, and reliability.
Keywords:
Intrusion Detection System, Controller Area Network, Event-Driven Architecture
References
Buscemi, A., Turcanu, I., Castignani, G., Panchenko, A., Engel, T., and Shin, K. G. (2023). A survey on controller area network reverse engineering. IEEE Communications Surveys & Tutorials.
Clements, P. C., Kazman, R., and Klein, M. (2001). Evaluating software architectures.
Desai, M., Shetty, R., Padte, V., Parulekar, M., and Ramrajkar, S. (2013). Controller area network for intelligent vehicular systems. In 2013 International Conference on Advances in Technology and Engineering (ICATE), pages 1–6. IEEE.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Eugster, P. T., Felber, P. A., Guerraoui, R., and Kermarrec, A.-M. (2003). The many faces of publish/subscribe. ACM computing surveys (CSUR), 35(2):114–131.
Hindy, H., Bayne, E., Bures, M., Atkinson, R., Tachtatzis, C., and Bellekens, X. (2020). Machine learning based iot intrusion detection system: An mqtt case study (mqtt-iot-ids2020 dataset). In International networking conference, pages 73–84. Springer.
Kazman, R., Klein, M., Barbacci, M., Longstaff, T., Lipson, H., and Carriere, J. (1998). The architecture tradeoff analysis method. In Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193), pages 68–78.
Kazman, R., Klein, M., and Clements, P. (2000). ATAM: Method for architecture evaluation. Carnegie Mellon University, Software Engineering Institute Pittsburgh, PA.
Khan, M. A., Khan, M. A., Jan, S. U., Ahmad, J., Jamal, S. S., Shah, A. A., Pitropakis, N., and Buchanan, W. J. (2021). A deep learning-based intrusion detection system for mqtt enabled iot. Sensors, 21(21):7016.
Lazzari, L. and Farias, K. (2023). Uncovering the hidden potential of event-driven architecture: A research agenda.
Lee, J., Kang, S., Chun, H., Park, B., and Lim, C. (2009). Analysis of van-core system architecture- a case study of applying the atam. In 2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing, pages 358–363.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (xai). IEEE Access, 10:102831–102841.
Putrama, I. M., Dermawan, K. T., Dantes, G. R., and Aryanto, K. Y. E. (2017). Architectural evaluation of data center system using architecture tradeoff analysis method (atam): A case study. In 2017 International Conference on Advanced Informatics, Concepts, Theory, and Applications (ICAICTA).
Quincozes, S., Emilio, T., and Kazienko, J. (2019). MQTT protocol: fundamentals, tools and future directions. IEEE Latin America Transactions, 17(09):1439–1448.
Rajapaksha, S., Kalutarage, H., Al-Kadri, M. O., Petrovski, A., Madzudzo, G., and Cheah, M. (2023). Ai-based intrusion detection systems for in-vehicle networks: A survey. ACM Computing Surveys, 55(11):1–40.
Reselman, B. (2021). Architectural messaging patterns: an illustrated guide. Accessed on August, 2024.
Zhou, M., Han, L., Lu, H., and Fu, C. (2020). Distributed collaborative intrusion detection system for vehicular ad hoc networks based on invariant. Computer Networks, 172:107174.
Clements, P. C., Kazman, R., and Klein, M. (2001). Evaluating software architectures.
Desai, M., Shetty, R., Padte, V., Parulekar, M., and Ramrajkar, S. (2013). Controller area network for intelligent vehicular systems. In 2013 International Conference on Advances in Technology and Engineering (ICATE), pages 1–6. IEEE.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Eugster, P. T., Felber, P. A., Guerraoui, R., and Kermarrec, A.-M. (2003). The many faces of publish/subscribe. ACM computing surveys (CSUR), 35(2):114–131.
Hindy, H., Bayne, E., Bures, M., Atkinson, R., Tachtatzis, C., and Bellekens, X. (2020). Machine learning based iot intrusion detection system: An mqtt case study (mqtt-iot-ids2020 dataset). In International networking conference, pages 73–84. Springer.
Kazman, R., Klein, M., Barbacci, M., Longstaff, T., Lipson, H., and Carriere, J. (1998). The architecture tradeoff analysis method. In Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193), pages 68–78.
Kazman, R., Klein, M., and Clements, P. (2000). ATAM: Method for architecture evaluation. Carnegie Mellon University, Software Engineering Institute Pittsburgh, PA.
Khan, M. A., Khan, M. A., Jan, S. U., Ahmad, J., Jamal, S. S., Shah, A. A., Pitropakis, N., and Buchanan, W. J. (2021). A deep learning-based intrusion detection system for mqtt enabled iot. Sensors, 21(21):7016.
Lazzari, L. and Farias, K. (2023). Uncovering the hidden potential of event-driven architecture: A research agenda.
Lee, J., Kang, S., Chun, H., Park, B., and Lim, C. (2009). Analysis of van-core system architecture- a case study of applying the atam. In 2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing, pages 358–363.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (xai). IEEE Access, 10:102831–102841.
Putrama, I. M., Dermawan, K. T., Dantes, G. R., and Aryanto, K. Y. E. (2017). Architectural evaluation of data center system using architecture tradeoff analysis method (atam): A case study. In 2017 International Conference on Advanced Informatics, Concepts, Theory, and Applications (ICAICTA).
Quincozes, S., Emilio, T., and Kazienko, J. (2019). MQTT protocol: fundamentals, tools and future directions. IEEE Latin America Transactions, 17(09):1439–1448.
Rajapaksha, S., Kalutarage, H., Al-Kadri, M. O., Petrovski, A., Madzudzo, G., and Cheah, M. (2023). Ai-based intrusion detection systems for in-vehicle networks: A survey. ACM Computing Surveys, 55(11):1–40.
Reselman, B. (2021). Architectural messaging patterns: an illustrated guide. Accessed on August, 2024.
Zhou, M., Han, L., Lu, H., and Fu, C. (2020). Distributed collaborative intrusion detection system for vehicular ad hoc networks based on invariant. Computer Networks, 172:107174.
Published
2024-11-11
How to Cite
DRESCH, Felipe N.; SCHERER, Felipe H.; QUINCOZES, Silvio E.; KREUTZ, Diego.
CANEDA-IDS: An Event-Driven Architecture for Intrusion Detection in CAN Networks. In: REGIONAL SCHOOL OF SOFTWARE ENGINEERING (ERES), 8. , 2024, Santiago/RS.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 11-20.
DOI: https://doi.org/10.5753/eres.2024.4316.
