Go to OpenReview Public Article ORCID homepageLeverage Sampling Methods and Deep Neural Networks for Fuzzer CAN Bus Message Detection
Abstract: The Controller Area Network (CAN) is crucial for automotive safety, yet remains vulnerable to various fuzzing attacks that can compromise vehicle operations. This paper presents a comprehensive detection framework that identifies both common CAN vulnerabilities (DoS, Spoofing, Replay, and general Fuzzing) and specific fuzzer attack types (identity, replay, random, brute force, and mutation-based) using deep learning-based models. We evaluate four recurrent neural network architectures, including standard RNN, Long Short-Term Memory (LSTM), Bidirectional LSTM (BiLSTM), and Gated Recurrent Unit (GRU), across three CAN datasets: the publicly available Hacking Car and OTIDS datasets, along with our proprietary Multi-FuzzerCAN dataset. To address the inherent class imbalance in attack data, we implement targeted random oversampling and random undersampling techniques tailored to each dataset’s distribution characteristics, significantly improving model performance. Our experimental results demonstrate that all four models achieve exceptional accuracy, recall, precision, and F1 scores across all datasets, with LSTM and BiLSTM architectures consistently outperforming other approaches. These findings establish the viability of combining deep learning models with data balancing techniques to enhance the resilience of automotive CAN networks against diverse cyber threats, especially multi-fuzzer attacks.
External IDs:doi:10.1109/access.2025.3572573
Loading