当前位置:
X-MOL 学术
›
IEEE Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Open World Intrusion Detection: An Open Set Recognition Method for CAN Bus in Intelligent Connected Vehicles
IEEE NETWORK ( IF 6.8 ) Pub Date : 2024-02-19 , DOI: 10.1109/mnet.2024.3367303 Lei Du 1 , Zhaoquan Gu 1 , Ye Wang 1 , Cuiyun Gao 1
IEEE NETWORK ( IF 6.8 ) Pub Date : 2024-02-19 , DOI: 10.1109/mnet.2024.3367303 Lei Du 1 , Zhaoquan Gu 1 , Ye Wang 1 , Cuiyun Gao 1
Affiliation
The Controller Area Network (CAN) is a bus protocol widely used in intelligent connected vehicles for communication between electronic and electronic systems. However, the continuous increase in inter- and intra-vehicle communication traffic makes the CAN bus vulnerable to cyber-attacks, including unknown attacks that have never been seen before. Previous studies either use closed set scenarios to misclassify unknown attacks as known classes with high confidence or use closed set models to calculate thresholds to identify unknown attacks ignoring the relationship between feature representation and thresholds. To handle this challenge, we formulate the problem as an open set recognition problem to accurately detect K known classes and identify 1 unknown class. Following this, we propose CLUSTER for CAN bus intrusion detection. CLUSTER utilizes the distance from known class inputs to cluster centroids as the training loss to be consistent with the threshold for open set recognition. Then it learns feature representations for intra-class compactness and inter-class separation, thereby classifying fine-grained known classes and identifying unknown attacks. Extensive experimental results on the car-hacking dataset demonstrate that the proposed open set recognition model is significantly superior to existing methods. In addition, due to the different operating environments of intelligent connected vehicles, intelligent connected vehicles will encounter different unknown attacks that have not been seen by each other. In order to share attack knowledge about unknown attacks among intelligent connected vehicles to protect them from intrusions, we propose an open world vehicle-cloud collaborative intrusion detection framework.
中文翻译:
开放世界入侵检测:智能网联汽车CAN总线的开放集识别方法
控制器局域网络(CAN)是一种广泛应用于智能网联汽车的总线协议,用于电子与电子系统之间的通信。然而,车辆间和车辆内通信流量的不断增加使得CAN总线容易受到网络攻击,包括以前从未见过的未知攻击。以前的研究要么使用闭集场景将未知攻击错误分类为高置信度的已知类,要么使用闭集模型计算阈值来识别未知攻击,忽略特征表示和阈值之间的关系。为了应对这一挑战,我们将问题表述为开放集识别问题,以准确检测 K 个已知类别并识别 1 个未知类别。在此之后,我们提出了用于 CAN 总线入侵检测的 CLUSTER。 CLUSTER 利用已知类输入到聚类质心的距离作为训练损失,以与开放集识别的阈值保持一致。然后,它学习类内紧凑性和类间分离的特征表示,从而对细粒度的已知类进行分类并识别未知攻击。汽车黑客数据集上的大量实验结果表明,所提出的开放集识别模型明显优于现有方法。此外,由于智能网联汽车的运行环境不同,智能网联汽车会遇到不同的彼此未曾见过的未知攻击。为了在智能网联车辆之间共享有关未知攻击的攻击知识,以保护它们免受入侵,我们提出了一种开放世界的车云协作入侵检测框架。
更新日期:2024-02-19
中文翻译:
开放世界入侵检测:智能网联汽车CAN总线的开放集识别方法
控制器局域网络(CAN)是一种广泛应用于智能网联汽车的总线协议,用于电子与电子系统之间的通信。然而,车辆间和车辆内通信流量的不断增加使得CAN总线容易受到网络攻击,包括以前从未见过的未知攻击。以前的研究要么使用闭集场景将未知攻击错误分类为高置信度的已知类,要么使用闭集模型计算阈值来识别未知攻击,忽略特征表示和阈值之间的关系。为了应对这一挑战,我们将问题表述为开放集识别问题,以准确检测 K 个已知类别并识别 1 个未知类别。在此之后,我们提出了用于 CAN 总线入侵检测的 CLUSTER。 CLUSTER 利用已知类输入到聚类质心的距离作为训练损失,以与开放集识别的阈值保持一致。然后,它学习类内紧凑性和类间分离的特征表示,从而对细粒度的已知类进行分类并识别未知攻击。汽车黑客数据集上的大量实验结果表明,所提出的开放集识别模型明显优于现有方法。此外,由于智能网联汽车的运行环境不同,智能网联汽车会遇到不同的彼此未曾见过的未知攻击。为了在智能网联车辆之间共享有关未知攻击的攻击知识,以保护它们免受入侵,我们提出了一种开放世界的车云协作入侵检测框架。
京公网安备 11010802027423号