Go to CSCML 2023 homepageCANdito: Improving Payload-Based Detection of Attacks on Controller Area Networks
Abstract: Over the years, the increasingly complex and interconnected vehicles raised the need for effective and efficient Intrusion Detection Systems against on-board networks. In light of the stringent domain requirements and the heterogeneity of information transmitted on the Controller Area Network, multiple approaches have been proposed, which work at different abstraction levels and granularities. Among these, RNN-based solutions received the attention of the research community for their performances and promising results. This paper proposes CANdito, an unsupervised IDS that exploits Long Short-Term Memory autoencoders to detect anomalies through a signal reconstruction process. In particular, we improve an RNN-based state-of-the-art IDS for CAN from the detection and temporal performances to comply with the strict automotive domain requirements. We evaluate CANdito by comparing its performance against state-of-the-art Intrusion Detection Systems (IDSs) for in-vehicle network and a comprehensive set of synthetic and real attacks in real-world CAN datasets.
0 Replies
Loading