汽车信息安全：面向总线网络的伪造攻击检测技术

doi:10.3901/JME.2024.10.476

机械工程学报 ›› 2024, Vol. 60 ›› Issue (10): 476-486.doi: 10.3901/JME.2024.10.476

扫码分享

汽车信息安全：面向总线网络的伪造攻击检测技术

魏洪乾^1,2,3, 时培成⁴, 张幽彤^1,2

1. 北京理工大学机械与车辆学院北京 100081;
2. 清洁车辆北京市重点实验室北京 100081;
3. 汽车测控与安全四川省重点实验室成都 610039;
4. 安徽工程大学机械工程学院芜湖 241000

收稿日期:2023-06-18 修回日期:2024-02-12 出版日期:2024-05-20 发布日期:2024-07-24
作者简介:魏洪乾,男,1992年出生,博士,预聘助理教授。主要研究方向为智能网联汽车的信息安全和汽车动力学控制及功能安全等。
E-mail:bit_hongqian@126.com
张幽彤(通信作者),男,1965年出生,博士,教授,博士研究生导师。主要研究方向为网联汽车信息安全、新能源驱动技术、智能农机动力系统等。
E-mail:youtong@bit.edu.cn
基金资助:
国家重点研发计划(2021YFB3101500)、国家自然科学基金(52202461)、中国博士后自然科学基金(2022TQ0032，2022M710380)、汽车新技术安徽省工程技术研究中心开放基金(QCKJ202202A)和汽车测控与安全四川省重点实验室开放基金(QCCK2023-001)资助项目。

Automotive Cyber-security: Detection Technique of Masquerade Attacks for the Bus Network

WEI Hongqian^1,2,3, SHI Peicheng⁴, ZHANG Youtong^1,2

1. School of Mechanical Engineering, Beijing Institute of Technology, Beijing 100081;
2. Key Laboratory of Low Emission Vehicles in Beijing, Beijing 100081;
3. Vehicle Measurement, Control and Safety Key Laboratory of Sichuan Province, Chengdu 610039;
4. School of Mechanical Engineering, Anhui Polytechnic University, Wuhu 241000

Received:2023-06-18 Revised:2024-02-12 Online:2024-05-20 Published:2024-07-24

摘要/Abstract

摘要： 当前的智能网联汽车正面临着潜在的信息安全挑战。比如，汽车CAN总线(Controller aera network，CAN)采用明文方式传输消息，缺少发送源电子控制单元(Electronic control unit，ECU)的身份认证和信息加密机制。因此，如何定位异常报文的发送源对于保证网联汽车的信息安全具有重要的研究意义。基于此，提出基于总线信号特征的ECU身份识别技术用于定位报文发送源，并检测ECU伪造攻击：首先根据CAN总线的电平信号提取关键的身份特征参数，包括边沿跳变时间、平台时间、高电平电压众数等；然后，利用轻量化的Softmax分类器对提取的身份特征进行离线训练并建立在线的学习模型。实车测试结果表明，与传统方法相比，提出的方法能够提高将近10%的ECU识别精度，而且该方法可以有效地检测到潜在的ECU伪造攻击和报文篡改攻击等。此外，进一步评估ECU工作温度对相关特征参数的影响，间接地验证了所提方法的强鲁棒特性。综上，提出的方法有效地解决了传统CAN网络缺乏身份认证的缺陷，保证了智能网联汽车的信息安全。

关键词: 智能网联汽车, 信息安全, 总线网络, 电子控制单元, 身份识别

Abstract: Intelligent connected vehicles(ICVs) are facing a huge challenge of cyber security. For instance, automotive CAN transmits messages with the plain texts, which lacks of the identity recognition of transmitter electronic control units (ECUs) and encryption mechanism. Therefore, how to identify the transmitter of abnormal messages plays a significant role for the automotive cyber-security. Accordingly, an ECU identification recognition technique for masquerade attacks based on the signal features of CAN bus is proposed. Specifically, the core identity parameters based on voltages of CAN are extracted including the rising-falling edge time, plateau duration and mode of high voltages；then, the lightweight Softmax classifier is utilized to train the characteristic parameters offline and constructs the online learning model. The real-world experiments manifest that compared with the traditional method, the proposed method could improve the ECU identification accuracy by about 10%, which is also effective to detect the masquerade attacks. Besides, effects of the operation temperature on the extracted parameters are also evaluated which has indirectly validates the strong robustness of the proposed method. All in all, the proposed method has addressed the defects of CAN network and guaranteed the cyber-security of ICVs.

Key words: intelligent connected vehicles, cyber-security, bus networks, electronic control unit(ECU), identity recognition

中图分类号:

TG156

魏洪乾, 时培成, 张幽彤. 汽车信息安全：面向总线网络的伪造攻击检测技术[J]. 机械工程学报, 2024, 60(10): 476-486.

WEI Hongqian, SHI Peicheng, ZHANG Youtong. Automotive Cyber-security: Detection Technique of Masquerade Attacks for the Bus Network[J]. Journal of Mechanical Engineering, 2024, 60(10): 476-486.

参考文献

[1] 杨俊儒，褚端峰，陆丽萍，等. 智能汽车人机共享控制研究综述[J]. 机械工程学报，2022，58(18):31-55. YANG Junru，CHU Duanfeng，LU Liping，et al. Review on human-machine shared control of intelligent vehicles[J]. Journal of Mechanical Engineering，2022，58(18):31-55.
[2] SIEGEL J，ERB D，SARMA S. A survey of the connected vehicle landscape—Architectures，enabling technologies，applications，and development areas[J]. IEEE Transactions on Intelligent Transportation systems，2017，19(8):2391-2406.
[3] 于赫，秦贵和，孙铭会，等. 车载CAN总线网络安全问题及异常检测方法[J]. 吉林大学学报(工学版)，2016，46(4):1246-1253. YU He，QIN Guihe，SUN Minghui，et al. Cyber security and anomaly detection method for in-vehicle CAN[J]. Journal of Jilin University (Engineering and Technology Edition)，2016，46(4):1246-1253.
[4] Upstream security's 2020 global automotive cybersecurity report[EB/OL]. [2023-05-04]. https://upstream.auto/upstream-security-global-automotive-cybersecurity-report-2020/.
[5] RING Tim. Connected cars–the next targe tfor hackers[J]. Network Security，2015，11:11-16.
[6] NIE Sen，LIU Ling，DU Yuefeng. Free-fall:Hacking tesla from wireless to CAN bus[J]. Briefing，Black Hat USA，2017，25:1-16.
[7] LIU Yucheng，WU Hao，LI Xiangxue. Another look at the connection between can signal ringing & in-vehicle ecu identification[C]//2021 IEEE 20th International Conference on Trust，Security and Privacy in Computing and Communications (TrustCom). Shenyang:IEEE，2021:1021-1030.
[8] WEI Hongqian，AI Qiang，ZHAO Wenqiang，et al. Real-time security warning and ecu identification for in-vehicle networks[J]. IEEE Sensors Journal，2023，23(17):20258-20266.
[9] ROSENSTATTER T，SANDBERG C，OLOVSSON T. Extending autosar's counter-based solution for freshness of authenticated messages in vehicles[C]//2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC). Kyoto:IEEE，2019:1-109.
[10] BELLA Giampaolo，BIONDI Pietro，COSTANTINO Gianpiero，et al. CINNAMON:A module for AutoSAR secure onboard communication[C]//2020 16th European Dependable Computing Conference (EDCC). Munich:IEEE，2020:103-110.
[11] LEE Hyunsung，JEONG Seong，KIM Huy. OTIDS:A novel intrusion detection system for in-vehicle network by using remote frame[C]//2017 15th Annual Conference on Privacy，Security and Trust (PST). Alberta:IEEE，2017.
[12] KUWAHARA T，BABA Y，KASHIMA H，et al. Supervised and unsupervised intrusion detection based on can message frequencies for in-vehicle network[J]. Journal of Information Processing，2018(26):306-313.
[13] CHO K T，SHIN K. Viden:Attacker identification on in-vehicle networks[C]//Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Melbourne:IEEE，2017:1109-1123.
[14] ZHOU Jia，XIE Guoqi，ZENG Haibo，et al. A model-based method for enabling source mapping and intrusion detection on proprietary CAN bus[J]. IEEE Transactions on Intelligent Transportation Systems，2023，24(11):12922-12932.
[15] FORUHANDEH M，MAN Yanmao，GERDES R，et al. SIMPLE:Single-frame based physical layer identification for intrusion detection and prevention on in-vehicle networks[C]//Proceedings of the 35th Annual Computer Security Applications Conference. San Juan Puerto Rico:IEEE，2019:229-244.
[16] CHOI W，JO H J，WOO S，et al. Identifying ecus using inimitable characteristics of signals in controller area networks[J]. IEEE Transactions on Vehicular Technology，2018，67(6):4757-4770.
[17] CHOI W，JOO K，JO H J，et al. Voltageids:Low-level communication characteristics for automotive intrusion detection system[J]. IEEE Transactions on Information Forensics and Security，2018，13(8):2114-2129.
[18] NING Jing，LIU Jiajia. An experimental study towards attacker identification in automotive networks[C]//2019 IEEE Global Communications Conference (GLOBECOM). Hawaii:IEEE，2019:1-6.
[19] POPA L，GROZA B，JICHICI C，et al. ECUPrint—Physical fingerprinting electronic control units on CAN buses inside cars and SAE j1939 compliant vehicles[J]. IEEE Transactions on Information Forensics and Security，2022，17:1185-1200.
[20] ZHOU Jia，JOSHI P，ZENG Haibo，et al. Btmonitor:Bit-time-based intrusion detection and attacker identification in controller area network[J]. ACM Transactions on Embedded Computing Systems (TECS)，2019，18(6):1-23.

汽车信息安全：面向总线网络的伪造攻击检测技术

Automotive Cyber-security: Detection Technique of Masquerade Attacks for the Bus Network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 9

编辑推荐

Metrics

本文评价

[1]	王博, 罗禹贡, 赵超, 王永胜. 面向预期功能安全的汽车队列主动容错控制[J]. 机械工程学报, 2024, 60(10): 384-398.
[2]	谭征宇, 张瑞佛, 刘芝孜, 金奕, 贺刚. 智能网联汽车人机交互信任研究现状与展望[J]. 机械工程学报, 2024, 60(10): 366-383.
[3]	林晨, 魏洪乾, 荆威, 张幽彤. 汽车功能安全：面向敏感指令攻击场景的自主驾驶车辆路径规划风险缓解控制[J]. 机械工程学报, 2024, 60(10): 302-316.
[4]	白先旭, 潘宇翔, 陈浩, 李维汉, 石琴. 智能网联汽车预期功能安全风险评估3σ接受准则[J]. 机械工程学报, 2024, 60(10): 182-191.
[5]	戢杨杰, 张馨雨, 杨紫茹, 周上航, 黄岩军, 曹建永, 熊璐, 余卓平. 多智能网联汽车轨迹规划：现状与展望[J]. 机械工程学报, 2024, 60(10): 129-146.
[6]	李琳, 赵万忠, 王春燕. 基于Bi-GLSTM网络的车辆驾驶意图分析与识别[J]. 机械工程学报, 2024, 60(10): 51-63.
[7]	张海伦, 许庆, 高博麟, 王建强, 李克强. 网联环境下驾驶人响应机制——一种交叉路口接近行为定性效应分析与定量驾驶模式提取案例[J]. 机械工程学报, 2024, 60(10): 22-47.
[8]	李文博, 刘羽婧, 张峻铖, 肖华飞, 郭钢, 曹东璞. 驾驶员情绪-驾驶风险机理分析[J]. 机械工程学报, 2022, 58(22): 379-394.
[9]	王艺, 蔡英凤, 陈龙, 王海, 何友国, 李健. 基于模型预测控制的智能网联汽车路径跟踪控制器设计[J]. 机械工程学报, 2019, 55(8): 136-144,153.