Title: A language-based intrusion detection approach for automotive embedded networks

Authors: Ivan Studnia; Eric Alata; Vincent Nicomette; Mohamed Kaâniche; Youssef Laarouchi

Addresses: Renault S.A.S., 1 Avenue du Golf, F-78288, Guyancourt, France; CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, LAAS, F-31400 Toulouse, France ' Renault S.A.S., 1 Avenue du Golf, F-78288, Guyancourt, France

Abstract: The increase in connectivity and complexity of modern automotive networks presents new opportunities for potential hackers trying to take over a vehicle. To protect the automotive networks from such attacks, security mechanisms, such as firewalls or secure authentication protocols may be included. However, should an attacker succeed in bypassing such measures and gain access to the internal network, these security mechanisms become unable to report about the attacks ensuing such a breach, occurring from the internal network. To complement these preventive security mechanisms, we present a non-intrusive network-based intrusion detection approach fit for vehicular networks, such as the widely used CAN. Leveraging the high predictability of embedded automotive systems, we use language theory to elaborate a set of attack signatures derived from behavioural models of the automotive calculators in order to detect a malicious sequence of messages transiting through the internal network.

Keywords: automotive networks; security; intrusion detection; CAN; finite state automata; regular language.

DOI: 10.1504/IJES.2018.089430

International Journal of Embedded Systems, 2018 Vol.10 No.1, pp.1 - 12

Received: 27 Sep 2015
Accepted: 18 Dec 2015

Published online: 24 Jan 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article