Modelos Interpretáveis com Inteligência Artificial Explicável (XAI) na Detecção de Intrusões em Redes Intra-Veiculares Controller Area Network (CAN)
Resumo
Redes intra-veiculares que utilizam o protocolo Controller Area Network (CAN) são vulneráveis a ataques como fuzzing, fabricação, DoS, spoofing, replay, injeção de mensagens e injeção de falhas. Estudos existentes tipicamente abordam esse problema por meio de Sistemas de Detecção de Intrusões (IDSs). Contudo, esses IDSs frequentemente carecem de explicabilidade, o que compromete sua confiabilidade e interpretabilidade, especialmente em redes CAN, onde os padrões de comunicação são variados. Este estudo investiga a explicabilidade dos IDSs em redes CAN, utilizando o conjunto de dados X-CANIDS, que contém dados reais de veículos. A biblioteca SHAP foi empregada para fornecer explicabilidade ao modelo, revelando as relações entre mensagens CAN e o comportamento dos atacantes, contribuindo para uma melhor interpretação das decisões do IDS.Referências
Buscemi, A., Turcanu, I., Castignani, G., Panchenko, A., Engel, T., and Shin, K. G. (2023). A survey on controller area network reverse engineering. IEEE Communications Surveys & Tutorials.
D’ANDRADA, L. F. P. (2020). Um sistema de detecção de intrusão de tempo real e baseado em anomalias para redes can automotivas. Master’s thesis, Universidade Federal de Pernambuco.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Ding, W., Alrashdi, I., Hawash, H., and Abdel-Basset, M. (2024). DeepSecDrive: An explainable deep learning framework for real-time detection of cyberattack in in-vehicle networks. Information Sciences, 658:120057.
Dupont, G., den Hartog, J., Etalle, S., and Lekidis, A. (2019). A survey of network intrusion detection systems for controller area network. In 2019 IEEE International Conference of Vehicular Electronics and Safety (ICVES), page 1–6. IEEE Press.
Dwivedi, R., Dave, D., Naik, H., Singhal, S., Omer, R., Patel, P., Qian, B., Wen, Z., Shah, T., Morgan, G., et al. (2023). Explainable AI (XAI): Core ideas, techniques, and solutions. ACM Computing Surveys, 55(9):1–33.
Gunning, D., Stefik, M., Choi, J., Miller, T., Stumpf, S., and Yang, G.-Z. (2019). XAI-explainable artificial intelligence. Science Robotics, 4(37):eaay7120.
Han, M. L., Kwak, B. I., and Kim, H. K. (2018). Anomaly intrusion detection method for vehicular networks based on survival analysis. Vehicular Communications, 14:52–63.
Hoang, T.-N., Islam, M. R., Yim, K., and Kim, D. (2023). CANPerFL: Improve in-vehicle intrusion detection performance by sharing knowledge. Applied Sciences, 13(11).
Hyundai (2024). Steering angle sensor repair procedures. Accessed: 2024-05-28.
Hyundai Motor Company (2018a). Heater & A/C Control Unit (DATC) repair procedures. Accessed: 2024-05-30.
Hyundai Motor Company (2018b). Hyundai sonata: Trip computer / fuel economy. Acessado em: 28 maio 2024.
Jeong, S., Lee, S., Lee, H., and Kim, H. K. (2024). X-CANIDS: Signal-aware explainable intrusion detection system for controller area network-based in-vehicle network. IEEE Transactions on Vehicular Technology, 73(3):3230–3246.
Le, T.-T.-H., Suryanto, N., Kim, H., Ji, J., and Heo, S. (2023). Enhancing intrusion detection and explanations for imbalanced vehicle can network data. In Proceedings of the 12th International Symposium on Information and Communication Technology, pages 777–784.
Lee, H., Jeong, S. H., and Kim, H. K. (2017). OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame. In 2017 15th Annual Conference on Privacy, Security and Trust (PST), volume 00, pages 57–5709.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H. (2022). Increasing the trustworthiness of AI-based in-vehicle IDS using eXplainable AI.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (XAI). IEEE Access, 10:102831–102841.
Metwaly, A. A. and Elhenawy, I. (2023). Sustainable intrusion detection in vehicular controller area networks using machine intelligence paradigm. Sustainable Machine Intelligence Journal, 4:(4):1–12.
Moulahi, T., Zidi, S., Alabdulatif, A., and Atiquzzaman, M. (2021). Comparative performance evaluation of intrusion detection based on machine learning in in-vehicle controller area network bus. IEEE Access, 9:99595–99605.
OpenDBC (2024). OpenDBC - DBC file basics. Accessed: 2024-05-28.
ORG, S. (2024). Welcome to the SHAP documentation. 16/05/2024.
Paul (2021). DBC 2015 hyundai C-CAN.
Quincozes, S. E., Kazienko, J. F., and Quincozes, V. E. (2023). An extended evaluation on machine learning techniques for denial-of-service detection in wireless sensor networks. Internet of Things, 22:100684.
Quincozes, V. E., Quincozes, S. E., Kazienko, J. F., Gama, S., Cheikhrouhou, O., and Koubaa, A. (2024). A survey on IoT application layer protocols, security challenges, and the role of explainable AI in IoT (XAIoT). International Journal of Information Security, 23(3):1975–2002.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024). IWSHAP: Um método de seleção incremental de características para redes CAN baseado em Inteligência Artificial Explicável (XAI). In Anais do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Seo, E., Song, H. M., and Kim, H. K. (2018). GIDS: Gan based intrusion detection system for in-vehicle network. In 2018 16th Annual Conference on Privacy, Security and Trust (PST), pages 1–6.
Shahriar, M. H., Xiao, Y., Moriano, P., Lou, W., and Hou, Y. T. (2023). CANShield: Deep-learning-based intrusion detection framework for controller area networks at the signal level. IEEE Internet of Things Journal, 10(24):22111–22127.
Swetha, H., R., R. R. R., R., P. R., and Thomas Ciza, B. N. (2023). XAI for intrusion detection system: comparing explanations based on global and local scope. Journal of Computer Virology and Hacking Techniques.
Verma, M. E., Bridges, R. A., Sosnowski, J. J., Hollifield, S. C., and Iannacone, M. D. (2021). CAN-D: A modular four-step pipeline for comprehensively decoding controller area network data. IEEE Transactions on Vehicular Technology, 70(10):9685–9700.
Wickramasinghe, C. S., Marino, D. L., Mavikumbure, H. S., Cobilean, V., Pennington, T. D., Varghese, B. J., Rieger, C., and Manic, M. (2023). RX-ADS: Interpretable anomaly detection using adversarial ml for electric vehicle CAN data. IEEE Transactions on Intelligent Transportation Systems, 24(12):14051–14063.
D’ANDRADA, L. F. P. (2020). Um sistema de detecção de intrusão de tempo real e baseado em anomalias para redes can automotivas. Master’s thesis, Universidade Federal de Pernambuco.
Dhaliwal, S. S., Nahid, A.-A., and Abbas, R. (2018). Effective intrusion detection system using xgboost. Information, 9(7).
Ding, W., Alrashdi, I., Hawash, H., and Abdel-Basset, M. (2024). DeepSecDrive: An explainable deep learning framework for real-time detection of cyberattack in in-vehicle networks. Information Sciences, 658:120057.
Dupont, G., den Hartog, J., Etalle, S., and Lekidis, A. (2019). A survey of network intrusion detection systems for controller area network. In 2019 IEEE International Conference of Vehicular Electronics and Safety (ICVES), page 1–6. IEEE Press.
Dwivedi, R., Dave, D., Naik, H., Singhal, S., Omer, R., Patel, P., Qian, B., Wen, Z., Shah, T., Morgan, G., et al. (2023). Explainable AI (XAI): Core ideas, techniques, and solutions. ACM Computing Surveys, 55(9):1–33.
Gunning, D., Stefik, M., Choi, J., Miller, T., Stumpf, S., and Yang, G.-Z. (2019). XAI-explainable artificial intelligence. Science Robotics, 4(37):eaay7120.
Han, M. L., Kwak, B. I., and Kim, H. K. (2018). Anomaly intrusion detection method for vehicular networks based on survival analysis. Vehicular Communications, 14:52–63.
Hoang, T.-N., Islam, M. R., Yim, K., and Kim, D. (2023). CANPerFL: Improve in-vehicle intrusion detection performance by sharing knowledge. Applied Sciences, 13(11).
Hyundai (2024). Steering angle sensor repair procedures. Accessed: 2024-05-28.
Hyundai Motor Company (2018a). Heater & A/C Control Unit (DATC) repair procedures. Accessed: 2024-05-30.
Hyundai Motor Company (2018b). Hyundai sonata: Trip computer / fuel economy. Acessado em: 28 maio 2024.
Jeong, S., Lee, S., Lee, H., and Kim, H. K. (2024). X-CANIDS: Signal-aware explainable intrusion detection system for controller area network-based in-vehicle network. IEEE Transactions on Vehicular Technology, 73(3):3230–3246.
Le, T.-T.-H., Suryanto, N., Kim, H., Ji, J., and Heo, S. (2023). Enhancing intrusion detection and explanations for imbalanced vehicle can network data. In Proceedings of the 12th International Symposium on Information and Communication Technology, pages 777–784.
Lee, H., Jeong, S. H., and Kim, H. K. (2017). OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame. In 2017 15th Annual Conference on Privacy, Security and Trust (PST), volume 00, pages 57–5709.
Lokman, S.-F., Othman, A. T., and Abu-Bakar, M.-H. (2019). Intrusion detection system for automotive controller area network (can) bus system: a review. EURASIP Journal on Wireless Communications and Networking, 2019(1):1–17.
Lundberg, H. (2022). Increasing the trustworthiness of AI-based in-vehicle IDS using eXplainable AI.
Lundberg, H., Mowla, N. I., Abedin, S. F., Thar, K., Mahmood, A., Gidlund, M., and Raza, S. (2022). Experimental analysis of trustworthy in-vehicle intrusion detection system using explainable artificial intelligence (XAI). IEEE Access, 10:102831–102841.
Metwaly, A. A. and Elhenawy, I. (2023). Sustainable intrusion detection in vehicular controller area networks using machine intelligence paradigm. Sustainable Machine Intelligence Journal, 4:(4):1–12.
Moulahi, T., Zidi, S., Alabdulatif, A., and Atiquzzaman, M. (2021). Comparative performance evaluation of intrusion detection based on machine learning in in-vehicle controller area network bus. IEEE Access, 9:99595–99605.
OpenDBC (2024). OpenDBC - DBC file basics. Accessed: 2024-05-28.
ORG, S. (2024). Welcome to the SHAP documentation. 16/05/2024.
Paul (2021). DBC 2015 hyundai C-CAN.
Quincozes, S. E., Kazienko, J. F., and Quincozes, V. E. (2023). An extended evaluation on machine learning techniques for denial-of-service detection in wireless sensor networks. Internet of Things, 22:100684.
Quincozes, V. E., Quincozes, S. E., Kazienko, J. F., Gama, S., Cheikhrouhou, O., and Koubaa, A. (2024). A survey on IoT application layer protocols, security challenges, and the role of explainable AI in IoT (XAIoT). International Journal of Information Security, 23(3):1975–2002.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024). IWSHAP: Um método de seleção incremental de características para redes CAN baseado em Inteligência Artificial Explicável (XAI). In Anais do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Seo, E., Song, H. M., and Kim, H. K. (2018). GIDS: Gan based intrusion detection system for in-vehicle network. In 2018 16th Annual Conference on Privacy, Security and Trust (PST), pages 1–6.
Shahriar, M. H., Xiao, Y., Moriano, P., Lou, W., and Hou, Y. T. (2023). CANShield: Deep-learning-based intrusion detection framework for controller area networks at the signal level. IEEE Internet of Things Journal, 10(24):22111–22127.
Swetha, H., R., R. R. R., R., P. R., and Thomas Ciza, B. N. (2023). XAI for intrusion detection system: comparing explanations based on global and local scope. Journal of Computer Virology and Hacking Techniques.
Verma, M. E., Bridges, R. A., Sosnowski, J. J., Hollifield, S. C., and Iannacone, M. D. (2021). CAN-D: A modular four-step pipeline for comprehensively decoding controller area network data. IEEE Transactions on Vehicular Technology, 70(10):9685–9700.
Wickramasinghe, C. S., Marino, D. L., Mavikumbure, H. S., Cobilean, V., Pennington, T. D., Varghese, B. J., Rieger, C., and Manic, M. (2023). RX-ADS: Interpretable anomaly detection using adversarial ml for electric vehicle CAN data. IEEE Transactions on Intelligent Transportation Systems, 24(12):14051–14063.
Publicado
16/09/2024
Como Citar
DRESCH, Felipe N.; SCHERER, Felipe H.; QUINCOZES, Silvio E.; KREUTZ, Diego.
Modelos Interpretáveis com Inteligência Artificial Explicável (XAI) na Detecção de Intrusões em Redes Intra-Veiculares Controller Area Network (CAN). In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 445-460.
DOI: https://doi.org/10.5753/sbseg.2024.241421.