The Controller Area Network (CAN) protocol is ubiquitous in modern vehicles, but the protocol lacks many important security properties, such as message authentication. To address these insecurities, a rapidly growing field of research has emerged that seeks to detect tampering, anomalies, or attacks on these networks; this field has developed a wide variety of novel approaches and algorithms to address these problems. One major impediment to the progression of this CAN anomaly detection and intrusion detection system (IDS) research area is the lack of high-fidelity datasets with realistic labeled attacks, without which it is difficult to evaluate, compare, and validate these proposed approaches. In this work we present the first comprehensive survey of publicly available CAN intrusion datasets. Based on a thorough analysis of the data and documentation, for each dataset we provide a detailed description and enumerate the drawbacks, benefits, and suggested use cases. Our analysis is aimed at guiding researchers in finding appropriate datasets for testing a CAN IDS. We present the Real ORNL Automotive Dynamometer (ROAD) CAN Intrusion Dataset, providing the first dataset with real, advanced attacks to the existing collection of open datasets.
翻译:主计长地区网络(CAN)协议在现代车辆中普遍存在,但协议缺乏许多重要的安全属性,例如信息认证;为解决这些不安全问题,出现了一个迅速扩大的研究领域,以探测这些网络的篡改、异常或攻击;这个领域为解决这些问题开发了各种各样的新颖方法和算法;这个CAN异常探测和入侵探测系统(IDS)研究领域进展的主要障碍是缺乏具有现实的标签攻击的高度虚弱数据集,没有这些标记攻击,很难评估、比较和验证这些拟议办法;在这项工作中,我们提出了对公开提供的CAN入侵数据集的首次全面调查。根据对数据和文件的透彻分析,我们为每个数据集提供了详细的描述,并列举了缺点、好处和建议使用案例。我们的分析旨在指导研究人员寻找测试CAN IDS的适当数据集。我们介绍了Real ORNL汽车数据仪(ROAD) CAN Invicion数据集,以真实的、先进攻击形式向现有的公开数据收集提供第一个数据集。
相关内容
微信扫码咨询专知VIP会员