A Traffic Generator Framework for Intrusion Detection in CAN Networks
Abstract
Controller Area Network (CAN) networks enable intra-vehicle communication between Electronic Control Units (ECU) and external communication via WiFi, Bluetooth, and USB, making them vulnerable to cyber attacks. This work presents a dataset generator framework to help detect intrusions in CAN networks, using GANs (Generative Adversarial Networks) and VAEs (Variational Autoencoders). GANs create datasets with similar distribution to real data, while VAEs capture variability, resulting in realistic and varied datasets. Preliminary results show that the proposed method generates data sets of adequate quality and variability and can be adapted to other environments.References
Aliwa, E., Rana, O., Perera, C., and Burnap, P. (2022). Cyberattacks and countermeasures for in-vehicle networks. ACM Computing Surveys, 54(1):1–37.
Asaoka, R., Murata, H., Matsuura, M., Fujino, Y., Yanagisawa, M., and Yamashita, T. (2020). Improving the structure–function relationship in glaucomatous visual fields by using a deep learning–based noise reduction approach. Ophthalmology Glaucoma, 3(3):210–217.
Avatefipour, O. and Malik, H. (2017). State-of-the-art survey on in-vehicle network communication “can-bus” security and vulnerabilities. International Journal of Computer Science and Network, pages 720–727.
Chougule, A., Agrawal, K., and Chamola, V. (2023). Scan-gan: Generative adversarial network based synthetic data generation technique for controller area network. IEEE Internet of Things Magazine, 6(3):126–130.
Dresch, F. N., Scherer, F. H., Quincozes, S. E., and Kreutz, D. L. (2024). Modelos interpretáveis com inteligência artificial explicável (XAI) na detecção de intrusões em redes intra-veiculares controller area network (CAN). In Anais do XIX Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Graving, J. M. and Couzin, I. D. (2020). Vae-sne: A deep generative model for simultaneous dimensionality reduction and clustering. BioRxiv.
Han, M. L., Kwak, B. I., and Kim, H. K. (2018). Anomaly intrusion detection method for vehicular networks based on survival analysis. Vehicular Communications, 14:52–63.
Khan, M. H., Javed, A. R., Iqbal, Z., Asim, M., and Awad, A. I. (2024). DivaCAN: Detecting in-vehicle intrusion attacks on a controller area network using ensemble learning. Computers & Security, 139:103712.
Lee, H., Jeong, S. H., and Kim, H. K. (2017). Otids: A novel intrusion detection system for in-vehicle network by using remote frame. In 2017 15th Annual Conference on Privacy, Security and Trust (PST), volume 00, pages 57–5709.
Lin, J. (1991). Divergence measures based on the shannon entropy. IEEE Transactions on Information Theory, 37(1):145–151.
Mahmud, M. S., Huang, J. Z., and Fu, X. (2020). Variational autoencoder-based dimensionality reduction for high-dimensional small-sample data classification. International Journal of Computational Intelligence and Applications, 19(1).
Miguel, M. M., Armignol, J. M., and Garcia, F. (2022). Vehicles trajectory prediction using recurrent vae network. IEEE Access, 10:32742–32749.
Pan, Z., Wang, J., Liao, W., Chen, H., Yuan, D., Zhu, W., Fang, X., and Zhu, Z. (2019). Data-driven ev load profiles generation using a variational autoencoder. Energies, 12(5):849.
Pollicino, F., Stabili, D., and Marchetti, M. (2024). Performance comparison of timing-based anomaly detectors for controller area network: A reproducible study. ACM Transactions on Cyber-Physical Systems, 8(2):1–24.
Razghandi, M., Zhou, H., Erol-Kantarci, M., and Turgut, D. (2024). Smart home energy management: Vae-gan synthetic dataset generator and q-learning. IEEE Transactions on Smart Grid, 15(2):1562–1573.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024a). IWSHAP: Um método de seleção incremental de características para redes CAN baseado em Inteligência Artificial Explicável (XAI). In Anais do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024b). IWSHAP: Uma ferramenta para seleção incremental de características utilizando IWSS e SHAP. In Anais Estendidos do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Seo, E., Song, H. M., and Kim, H. K. (2018). Gids: Gan based intrusion detection system for in-vehicle network. In 2018 16th Annual Conference on Privacy, Security and Trust (PST), pages 1–6.
Smirti, D., Medha, P., and Weiqing, S. (2020). A comparative study on contemporary intrusion detection datasets for machine learning research. 2020 IEEE International Conference on Intelligence and Security Informatics (ISI).
Wang, Q., Qian, Y., Lu, Z., Shoukry, Y., and Qu, G. (2018). A delay based plug-in-monitor for intrusion detection in controller area network. In 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), pages 86–91, Hong Kong. IEEE.
Asaoka, R., Murata, H., Matsuura, M., Fujino, Y., Yanagisawa, M., and Yamashita, T. (2020). Improving the structure–function relationship in glaucomatous visual fields by using a deep learning–based noise reduction approach. Ophthalmology Glaucoma, 3(3):210–217.
Avatefipour, O. and Malik, H. (2017). State-of-the-art survey on in-vehicle network communication “can-bus” security and vulnerabilities. International Journal of Computer Science and Network, pages 720–727.
Chougule, A., Agrawal, K., and Chamola, V. (2023). Scan-gan: Generative adversarial network based synthetic data generation technique for controller area network. IEEE Internet of Things Magazine, 6(3):126–130.
Dresch, F. N., Scherer, F. H., Quincozes, S. E., and Kreutz, D. L. (2024). Modelos interpretáveis com inteligência artificial explicável (XAI) na detecção de intrusões em redes intra-veiculares controller area network (CAN). In Anais do XIX Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Graving, J. M. and Couzin, I. D. (2020). Vae-sne: A deep generative model for simultaneous dimensionality reduction and clustering. BioRxiv.
Han, M. L., Kwak, B. I., and Kim, H. K. (2018). Anomaly intrusion detection method for vehicular networks based on survival analysis. Vehicular Communications, 14:52–63.
Khan, M. H., Javed, A. R., Iqbal, Z., Asim, M., and Awad, A. I. (2024). DivaCAN: Detecting in-vehicle intrusion attacks on a controller area network using ensemble learning. Computers & Security, 139:103712.
Lee, H., Jeong, S. H., and Kim, H. K. (2017). Otids: A novel intrusion detection system for in-vehicle network by using remote frame. In 2017 15th Annual Conference on Privacy, Security and Trust (PST), volume 00, pages 57–5709.
Lin, J. (1991). Divergence measures based on the shannon entropy. IEEE Transactions on Information Theory, 37(1):145–151.
Mahmud, M. S., Huang, J. Z., and Fu, X. (2020). Variational autoencoder-based dimensionality reduction for high-dimensional small-sample data classification. International Journal of Computational Intelligence and Applications, 19(1).
Miguel, M. M., Armignol, J. M., and Garcia, F. (2022). Vehicles trajectory prediction using recurrent vae network. IEEE Access, 10:32742–32749.
Pan, Z., Wang, J., Liao, W., Chen, H., Yuan, D., Zhu, W., Fang, X., and Zhu, Z. (2019). Data-driven ev load profiles generation using a variational autoencoder. Energies, 12(5):849.
Pollicino, F., Stabili, D., and Marchetti, M. (2024). Performance comparison of timing-based anomaly detectors for controller area network: A reproducible study. ACM Transactions on Cyber-Physical Systems, 8(2):1–24.
Razghandi, M., Zhou, H., Erol-Kantarci, M., and Turgut, D. (2024). Smart home energy management: Vae-gan synthetic dataset generator and q-learning. IEEE Transactions on Smart Grid, 15(2):1562–1573.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024a). IWSHAP: Um método de seleção incremental de características para redes CAN baseado em Inteligência Artificial Explicável (XAI). In Anais do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Scherer, F. H., Dresch, F. N., Quincozes, S. E., Kreutz, D., and Quincozes, V. E. (2024b). IWSHAP: Uma ferramenta para seleção incremental de características utilizando IWSS e SHAP. In Anais Estendidos do XXIV Simpósio Brasileiro de Segurança da Informaçao e de Sistemas Computacionais. SBC.
Seo, E., Song, H. M., and Kim, H. K. (2018). Gids: Gan based intrusion detection system for in-vehicle network. In 2018 16th Annual Conference on Privacy, Security and Trust (PST), pages 1–6.
Smirti, D., Medha, P., and Weiqing, S. (2020). A comparative study on contemporary intrusion detection datasets for machine learning research. 2020 IEEE International Conference on Intelligence and Security Informatics (ISI).
Wang, Q., Qian, Y., Lu, Z., Shoukry, Y., and Qu, G. (2018). A delay based plug-in-monitor for intrusion detection in controller area network. In 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), pages 86–91, Hong Kong. IEEE.
Published
2024-09-16
How to Cite
F. JUNIOR, Luiz; VARGAS, Paulo Sérgio M.; LIMA, Paulo Vitor C.; QUINCOZES, Silvio E..
A Traffic Generator Framework for Intrusion Detection in CAN Networks. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 871-877.
DOI: https://doi.org/10.5753/sbseg.2024.241619.
