Recent year has brought considerable advancements in Electric Vehicles (EVs) and associated infrastructures/communications. Intrusion Detection Systems (IDS) are widely deployed for anomaly detection in such critical infrastructures. This paper presents an Interpretable Anomaly Detection System (RX-ADS) for intrusion detection in CAN protocol communication in EVs. Contributions include: 1) window based feature extraction method; 2) deep Autoencoder based anomaly detection method; and 3) adversarial machine learning based explanation generation methodology. The presented approach was tested on two benchmark CAN datasets: OTIDS and Car Hacking. The anomaly detection performance of RX-ADS was compared against the state-of-the-art approaches on these datasets: HIDS and GIDS. The RX-ADS approach presented performance comparable to the HIDS approach (OTIDS dataset) and has outperformed HIDS and GIDS approaches (Car Hacking dataset). Further, the proposed approach was able to generate explanations for detected abnormal behaviors arising from various intrusions. These explanations were later validated by information used by domain experts to detect anomalies. Other advantages of RX-ADS include: 1) the method can be trained on unlabeled data; 2) explanations help experts in understanding anomalies and root course analysis, and also help with AI model debugging and diagnostics, ultimately improving user trust in AI systems.
翻译:最近一年,电动车辆及相关基础设施/通信取得了相当大的进步。入侵探测系统(IDS)被广泛用于在这类关键基础设施中探测异常现象。本文件介绍了用于在CAN协议通信中探测侵入现象的可解释异常探测系统(RX-ADS),贡献包括:(1)基于窗口的特征提取方法;(2)基于深度自动coder的异常探测方法;(3)基于对抗性机器学习的解释生成方法。在两个基准的CAN数据集(OTIDS和汽车洗劫)上测试了所提出的方法。RX-ADS的异常探测性能与这些数据集的最新方法(HIDS和GIDS)进行了比较。RX-ADS的方法展示了类似于HIDS方法(OIDS数据集)的性能,超过了HIDS和GIDS方法(Car Hacking数据集)的性能。此外,拟议的方法能够对各种入侵引起的异常行为作出解释。这些解释后来得到域专家用来检测异常现象的信息的验证:HX-ADS和GIA-A分析过程的其他优点是经过培训的,在IA-ADS分析中可以帮助改进的。
相关内容
微信扫码咨询专知VIP会员