CANEDA-IDS: Uma Arquitetura Orientada a Eventos para Detecção de Intrusão em Redes CAN
Resumo
Neste trabalho, apresentamos uma arquitetura orientada a eventos para a detecção de intrusões em redes veiculares CAN (Controller Area Network). A eficácia da arquitetura proposta foi avaliada utilizando o método ATAM (Architecture Tradeoff Analysis Method), que permitiu a identificação de trade-offs entre diferentes atributos de qualidade. Além disso, realizamos uma análise de conformidade com os padrões de qualidade da ISO/IEC 25010. Os resultados indicam que a arquitetura proposta contribui para aumentar a segurança das redes CAN veiculares. Por fim, a análise de conformidade demonstrou que a arquitetura atende aos requisitos críticos de robustez, adaptabilidade e confiabilidade.
Palavras-chave:
Sistema de Detecção de Intrusão, Controller Area Network, Arquitetura Orientada a Eventos
Referências
Buscemi, A., Turcanu, I., Castignani, G., Panchenko, A., Engel, T., and Shin, K. G. (2023). A survey on controller area network reverse engineering. IEEE Communications Surveys & Tutorials.
Clements, P. C., Kazman, R., and Klein, M. (2001). Evaluating software architectures.
Desai, M., Shetty, R., Padte, V., Parulekar, M., and Ramrajkar, S. (2013). Controller area network for intelligent vehicular systems. In 2013 International Conference on Advances in Technology and Engineering (ICATE), pages 1–6. IEEE.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Eugster, P. T., Felber, P. A., Guerraoui, R., and Kermarrec, A.-M. (2003). The many faces of publish/subscribe. ACM computing surveys (CSUR), 35(2):114–131.
Hindy, H., Bayne, E., Bures, M., Atkinson, R., Tachtatzis, C., and Bellekens, X. (2020). Machine learning based iot intrusion detection system: An mqtt case study (mqtt-iot-ids2020 dataset). In International networking conference, pages 73–84. Springer.
Kazman, R., Klein, M., Barbacci, M., Longstaff, T., Lipson, H., and Carriere, J. (1998). The architecture tradeoff analysis method. In Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193), pages 68–78.
Kazman, R., Klein, M., and Clements, P. (2000). ATAM: Method for architecture evaluation. Carnegie Mellon University, Software Engineering Institute Pittsburgh, PA.
Khan, M. A., Khan, M. A., Jan, S. U., Ahmad, J., Jamal, S. S., Shah, A. A., Pitropakis, N., and Buchanan, W. J. (2021). A deep learning-based intrusion detection system for mqtt enabled iot. Sensors, 21(21):7016.
Lazzari, L. and Farias, K. (2023). Uncovering the hidden potential of event-driven architecture: A research agenda.
Lee, J., Kang, S., Chun, H., Park, B., and Lim, C. (2009). Analysis of van-core system architecture- a case study of applying the atam. In 2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing, pages 358–363.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (xai). IEEE Access, 10:102831–102841.
Putrama, I. M., Dermawan, K. T., Dantes, G. R., and Aryanto, K. Y. E. (2017). Architectural evaluation of data center system using architecture tradeoff analysis method (atam): A case study. In 2017 International Conference on Advanced Informatics, Concepts, Theory, and Applications (ICAICTA).
Quincozes, S., Emilio, T., and Kazienko, J. (2019). MQTT protocol: fundamentals, tools and future directions. IEEE Latin America Transactions, 17(09):1439–1448.
Rajapaksha, S., Kalutarage, H., Al-Kadri, M. O., Petrovski, A., Madzudzo, G., and Cheah, M. (2023). Ai-based intrusion detection systems for in-vehicle networks: A survey. ACM Computing Surveys, 55(11):1–40.
Reselman, B. (2021). Architectural messaging patterns: an illustrated guide. Accessed on August, 2024.
Zhou, M., Han, L., Lu, H., and Fu, C. (2020). Distributed collaborative intrusion detection system for vehicular ad hoc networks based on invariant. Computer Networks, 172:107174.
Clements, P. C., Kazman, R., and Klein, M. (2001). Evaluating software architectures.
Desai, M., Shetty, R., Padte, V., Parulekar, M., and Ramrajkar, S. (2013). Controller area network for intelligent vehicular systems. In 2013 International Conference on Advances in Technology and Engineering (ICATE), pages 1–6. IEEE.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Eugster, P. T., Felber, P. A., Guerraoui, R., and Kermarrec, A.-M. (2003). The many faces of publish/subscribe. ACM computing surveys (CSUR), 35(2):114–131.
Hindy, H., Bayne, E., Bures, M., Atkinson, R., Tachtatzis, C., and Bellekens, X. (2020). Machine learning based iot intrusion detection system: An mqtt case study (mqtt-iot-ids2020 dataset). In International networking conference, pages 73–84. Springer.
Kazman, R., Klein, M., Barbacci, M., Longstaff, T., Lipson, H., and Carriere, J. (1998). The architecture tradeoff analysis method. In Proceedings. Fourth IEEE International Conference on Engineering of Complex Computer Systems (Cat. No.98EX193), pages 68–78.
Kazman, R., Klein, M., and Clements, P. (2000). ATAM: Method for architecture evaluation. Carnegie Mellon University, Software Engineering Institute Pittsburgh, PA.
Khan, M. A., Khan, M. A., Jan, S. U., Ahmad, J., Jamal, S. S., Shah, A. A., Pitropakis, N., and Buchanan, W. J. (2021). A deep learning-based intrusion detection system for mqtt enabled iot. Sensors, 21(21):7016.
Lazzari, L. and Farias, K. (2023). Uncovering the hidden potential of event-driven architecture: A research agenda.
Lee, J., Kang, S., Chun, H., Park, B., and Lim, C. (2009). Analysis of van-core system architecture- a case study of applying the atam. In 2009 10th ACIS International Conference on Software Engineering, Artificial Intelligences, Networking and Parallel/Distributed Computing, pages 358–363.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (xai). IEEE Access, 10:102831–102841.
Putrama, I. M., Dermawan, K. T., Dantes, G. R., and Aryanto, K. Y. E. (2017). Architectural evaluation of data center system using architecture tradeoff analysis method (atam): A case study. In 2017 International Conference on Advanced Informatics, Concepts, Theory, and Applications (ICAICTA).
Quincozes, S., Emilio, T., and Kazienko, J. (2019). MQTT protocol: fundamentals, tools and future directions. IEEE Latin America Transactions, 17(09):1439–1448.
Rajapaksha, S., Kalutarage, H., Al-Kadri, M. O., Petrovski, A., Madzudzo, G., and Cheah, M. (2023). Ai-based intrusion detection systems for in-vehicle networks: A survey. ACM Computing Surveys, 55(11):1–40.
Reselman, B. (2021). Architectural messaging patterns: an illustrated guide. Accessed on August, 2024.
Zhou, M., Han, L., Lu, H., and Fu, C. (2020). Distributed collaborative intrusion detection system for vehicular ad hoc networks based on invariant. Computer Networks, 172:107174.
Publicado
11/11/2024
Como Citar
DRESCH, Felipe N.; SCHERER, Felipe H.; QUINCOZES, Silvio E.; KREUTZ, Diego.
CANEDA-IDS: Uma Arquitetura Orientada a Eventos para Detecção de Intrusão em Redes CAN. In: ESCOLA REGIONAL DE ENGENHARIA DE SOFTWARE (ERES), 8. , 2024, Santiago/RS.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 11-20.
DOI: https://doi.org/10.5753/eres.2024.4316.
