Modern vehicles can be thought of as complex distributed embedded systems that run a variety of automotive applications with real-time constraints. Recent advances in the automotive industry towards greater autonomy are driving vehicles to be increasingly connected with various external systems (e.g., roadside beacons, other vehicles), which makes emerging vehicles highly vulnerable to cyber-attacks. Additionally, the increased complexity of automotive applications and the in-vehicle networks results in poor attack visibility, which makes detecting such attacks particularly challenging in automotive systems. In this work, we present a novel anomaly detection framework called LATTE to detect cyber-attacks in Controller Area Network (CAN) based networks within automotive platforms. Our proposed LATTE framework uses a stacked Long Short Term Memory (LSTM) predictor network with novel attention mechanisms to learn the normal operating behavior at design time. Subsequently, a novel detection scheme (also trained at design time) is used to detect various cyber-attacks (as anomalies) at runtime. We evaluate our proposed LATTE framework under different automotive attack scenarios and present a detailed comparison with the best-known prior works in this area, to demonstrate the potential of our approach.
翻译:现代车辆可被视为具有各种实时限制的汽车应用的复杂分布式内嵌系统;汽车工业最近向更大的自主性迈进,使车辆与各种外部系统(如路边信标、其他车辆)日益连接,使新兴车辆极易受到网络攻击的伤害;此外,汽车应用和车辆内网络的日益复杂导致攻击可见度低,使得在汽车系统中发现这种攻击特别具有挑战性;在这项工作中,我们提出了一个新的异常现象探测框架,称为LATTE, 以探测在汽车攻击平台内以Control地区网络为基础的网络的网络攻击;我们提议的LATTE框架使用一个堆叠的长时程内存预测或网络,并配有新的关注机制,以了解设计时的正常操作行为;随后,一个新颖的探测计划(在设计时也受过培训)用于探测各种网络攻击(异常),在运行时用来探测各种攻击;我们根据不同的汽车攻击设想,评估我们提议的LATTE框架,并详细比较了我们在这方面最著名的前的工作,以显示我们的方法的潜力。
相关内容
微信扫码咨询专知VIP会员