Unsupervised Network Intrusion Detection System for AVTP in Automotive Ethernet Networks

Network Intrusion Detection Systems (NIDSs) are widely regarded as efficient tools for securing in-vehicle networks against diverse cyberattacks. However, since cyberattacks are always evolving, signature-based intrusion detection systems are no longer adopted. An alternative solution can be the deployment of deep learning based intrusion detection system which play an important role in detecting unknown attack patterns in network traffic. Hence, in this paper, we compare the performance of different unsupervised deep and machine learning based anomaly detection algorithms, for real-time detection of anomalies on the Audio Video Transport Protocol (AVTP), an application layer protocol implemented in the recent Automotive Ethernet based in-vehicle network. The numerical results, conducted on the recently published "Automotive Ethernet Intrusion Dataset", show that deep learning models significantly outperfom other state-of-the art traditional anomaly detection models in machine learning under different experimental settings.