Title: A language-based intrusion detection approach for automotive embedded networks
Authors: Ivan Studnia; Eric Alata; Vincent Nicomette; Mohamed Kaâniche; Youssef Laarouchi
Addresses: Renault S.A.S., 1 Avenue du Golf, F-78288, Guyancourt, France; CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, INSA, LAAS, F-31400 Toulouse, France ' CNRS, LAAS, 7 Avenue du colonel Roche, F-31400 Toulouse, France; University of Toulouse, LAAS, F-31400 Toulouse, France ' Renault S.A.S., 1 Avenue du Golf, F-78288, Guyancourt, France
Abstract: The increase in connectivity and complexity of modern automotive networks presents new opportunities for potential hackers trying to take over a vehicle. To protect the automotive networks from such attacks, security mechanisms, such as firewalls or secure authentication protocols may be included. However, should an attacker succeed in bypassing such measures and gain access to the internal network, these security mechanisms become unable to report about the attacks ensuing such a breach, occurring from the internal network. To complement these preventive security mechanisms, we present a non-intrusive network-based intrusion detection approach fit for vehicular networks, such as the widely used CAN. Leveraging the high predictability of embedded automotive systems, we use language theory to elaborate a set of attack signatures derived from behavioural models of the automotive calculators in order to detect a malicious sequence of messages transiting through the internal network.
Keywords: automotive networks; security; intrusion detection; CAN; finite state automata; regular language.
International Journal of Embedded Systems, 2018 Vol.10 No.1, pp.1 - 12
Received: 27 Sep 2015
Accepted: 18 Dec 2015
Published online: 24 Jan 2018 *