Project Details
Description
The controller area network (CAN) bus is all but ubiquitous in modern automobiles. This system is both highly reliable---especially in terms of error-handling---and highly insecure. The CAN bus facilitates communication between an automobile’s embedded systems, dubbed electronic control units (ECUs), and its sensors [1]. Historically, automobiles had little, if any, external connectivity. Modern infotainment systems, which may provide Bluetooth, Wi-Fi, and cellular access, did not exist. Security of the CAN bus was not a concern, because a would-be attacker had to physically access the vehicle in order to do harm. The situation has changed drastically in the modern day, but the CAN bus is still insecure. Security researchers Chris Valasek and Charlie Miller demonstrated a remote attack in which they took full control of several safety-critical vehicle systems in a 2014 Jeep Cherokee, including the accelerator and the brakes [2].
Autonomous and even semi-autonomous vehicles are particularly vulnerable because they are more heavily controlled by ECUs, meaning that an attacker can control more systems. Automated driver-assistance features---such as lane-keeping assist and parking assist---provide electronic control of steering systems. Miller and Valasek demonstrated a proof-of-concept attack on the steering wheel, forcing a Jeep Cherokee to turn sharply while the vehicle was traveling at 30 miles per hour. They were able to subvert the inbuilt safety features meant to prevent electronic turns at speeds above 5 miles per hour [3]. Given the popularity of automated driver-assistance features and the appearance of fully autonomous vehicles on the road, such as the LINC shuttle, there is a need for heightened security in automotive networks.
An intrusion detection system (IDS) can alert users if suspicious communication occurs in the CAN system. The IDS will interface with the vehicle via an inexpensive, standard piece of hardware. The on-board diagnostic protocol II (OBD-II) is a diagnostic port that has been mandatory in American-made cars and light trucks since 1996 and became mandatory in the European Union in 2001. It is accessible without tools and within arm’s reach of the driver’s seat.
My project is an intrusion detection system for the CAN bus that utilizes deep-learning and blockchain to detect attacks on autonomous and semi-autonomous vehicles. The IDS would be a practical solution for both consumers and automobile manufacturers---low-cost to purchase and low-effort to install.
Deep Learning: Deep-learning techniques would be used to differentiate between healthy traffic---especially healthy traffic prone to false positives---and attack traffic. A deep-learning IDS, more sophisticated than an ID sequence-based IDS, would achieve greater precision and recall, increasing the practicability of the IDS application. Further, the deep-learning IDS would be designed to focus on the self-driving features of modern automobiles, such as lane-keeping assist, parking assist, and adaptive cruise control. All of these features are the building blocks of fully autonomous vehicles. If compromised, they could be used to conduct fatal cyberattacks.
Blockchain: Intrusion detection systems depend upon a baseline of “normal” behavior in order to identify deviant or “attack” behavior. If the profile for normal behavior is altered, then the detection capability of the IDS is undermined. Blockchain technologies would be used to preserve the integrity of the normal profile as well as the integrity of the data that is flowing from the CAN bus to the OBD-II port and, finally, the IDS itself.
The ultimate goal of the proposed project is to protect smart cities from the threats posed by increasingly smarter vehicles by detecting and mitigating automotive cyberattacks before they result in catastrophe. In order to fully realize the safety and efficiency advantages of the Internet of Vehicles (IoV), connected and autonomous vehicles (CAVs), etc., we need to ensure that such vehicles are [cyber]secure.
Autonomous and even semi-autonomous vehicles are particularly vulnerable because they are more heavily controlled by ECUs, meaning that an attacker can control more systems. Automated driver-assistance features---such as lane-keeping assist and parking assist---provide electronic control of steering systems. Miller and Valasek demonstrated a proof-of-concept attack on the steering wheel, forcing a Jeep Cherokee to turn sharply while the vehicle was traveling at 30 miles per hour. They were able to subvert the inbuilt safety features meant to prevent electronic turns at speeds above 5 miles per hour [3]. Given the popularity of automated driver-assistance features and the appearance of fully autonomous vehicles on the road, such as the LINC shuttle, there is a need for heightened security in automotive networks.
An intrusion detection system (IDS) can alert users if suspicious communication occurs in the CAN system. The IDS will interface with the vehicle via an inexpensive, standard piece of hardware. The on-board diagnostic protocol II (OBD-II) is a diagnostic port that has been mandatory in American-made cars and light trucks since 1996 and became mandatory in the European Union in 2001. It is accessible without tools and within arm’s reach of the driver’s seat.
My project is an intrusion detection system for the CAN bus that utilizes deep-learning and blockchain to detect attacks on autonomous and semi-autonomous vehicles. The IDS would be a practical solution for both consumers and automobile manufacturers---low-cost to purchase and low-effort to install.
Deep Learning: Deep-learning techniques would be used to differentiate between healthy traffic---especially healthy traffic prone to false positives---and attack traffic. A deep-learning IDS, more sophisticated than an ID sequence-based IDS, would achieve greater precision and recall, increasing the practicability of the IDS application. Further, the deep-learning IDS would be designed to focus on the self-driving features of modern automobiles, such as lane-keeping assist, parking assist, and adaptive cruise control. All of these features are the building blocks of fully autonomous vehicles. If compromised, they could be used to conduct fatal cyberattacks.
Blockchain: Intrusion detection systems depend upon a baseline of “normal” behavior in order to identify deviant or “attack” behavior. If the profile for normal behavior is altered, then the detection capability of the IDS is undermined. Blockchain technologies would be used to preserve the integrity of the normal profile as well as the integrity of the data that is flowing from the CAN bus to the OBD-II port and, finally, the IDS itself.
The ultimate goal of the proposed project is to protect smart cities from the threats posed by increasingly smarter vehicles by detecting and mitigating automotive cyberattacks before they result in catastrophe. In order to fully realize the safety and efficiency advantages of the Internet of Vehicles (IoV), connected and autonomous vehicles (CAVs), etc., we need to ensure that such vehicles are [cyber]secure.
Short title | IDS for CAV: A Deep Learning and Blockchain-secured Intrusion Detection System (IDS) for Connected and Autonomous Vehicles (CAVs) in Smart Cities |
---|---|
Acronym | IDS for CAV |
Status | Active |
Effective start/end date | 01/11/2022 → 31/10/2025 |
Fingerprint
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.