CAN에서의 자기상관 기반 침입 탐지 시스템

Abstract

This paper proposes an autocorrelation-based intrusion detection system for a controller area network (CAN). The CAN is a bus topology network used in cyber-physical systems such as vehicles, robots, and trains. As the applications of the CAN are closely related to human life, and any malfunctions may lead to accidents, the system robustness is critical. However, the CAN is vulnerable to attacks because no authentication or encryption exists in the CAN protocol. The proposed system uses the autocorrelation of the CAN signals to identify the source node and detects the attack signals. Moreover, we evaluate the performance of the proposed system through a simulation and in a real-car environment. As the proposed system involves physical layer security, no modification of the CAN protocol is necessary. In addition, redundant security can be implemented when the system is applied with authentication or encryption protocols. © ICROS 2021.