Real-Time Intrusion Detection in Controller Area Networks: An Evaluation of Current Methods and Future Directions

Authors

  • Sreelekshmi M. S. Department of Computer Science, University of Kerala, Trivandrum, Kerala, India
  • Aji S. Department of Computer Science, University of Kerala, Trivandrum, Kerala, India

DOI:

https://doi.org/10.26438/ijsrnsc.v13i2.266

Keywords:

Intrusion detection system, Controller Area Network, Electronic Control Unit Communication, Real Time Intrusion Detection, CAN Bus Attacks

Abstract

Controller Area Networks (CANs) are critical components of modern vehicles and industrial systems, facilitating communication between various electronic control units. However, the widespread connectivity and lack of inherent security measures make CANs vulnerable to cyber-attacks. Intrusion detection systems (IDS) safeguard CANs by detecting and mitigating potential attacks. This paper presents a comprehensive analysis of current methods for the real-time detection of attacks in CANs. The IDSs based on different input data modalities are evaluated based on their effectiveness, accuracy, and efficiency. The analysis highlights the strengths and limitations of each method, providing valuable insights for researchers and practitioners in developing robust and reliable intrusion detection systems for CANs. The findings suggest that the lightweight strategy in IDS is widely accepted for real-time application due to its computational simplicity and model structure. Furthermore, the paper identifies future directions to enhance the security of CANs and ensure their resilience against evolving threats.

References

Bi, Zixiang, et al. "Intrusion Detection Method for In‐Vehicle CAN Bus Based on Message and Time Transfer Matrix." Security and Communication Networks 2022.1 (2022): 2554280..

Hussain, Naziya, et al. "Cyber security and privacy of connected and automated vehicles (CAVs)-based federated learning: challenges, opportunities, and open issues." Federated learning for IoT applications (2022): 169-183.

Mchergui, Abir, Tarek Moulahi, and Sherali Zeadally. "Survey on artificial intelligence (AI) techniques for vehicular ad-hoc networks (VANETs)." Vehicular Communications 34 (2022): 100403.

Bendiab, Gueltoum, et al. "Autonomous vehicles security: Challenges and solutions using blockchain and artificial intelligence." IEEE Transactions on Intelligent Transportation Systems 24.4 (2023): 3614-3637.

Olugbade, Samuel, et al. "A review of artificial intelligence and machine learning for incident detectors in road transport systems." Mathematical and Computational Applications 27.5 (2022): 77.

Refat, Rafi Ud Daula, Abdulrahman Abu Elkhail, and Hafiz Malik. "Machine learning for automotive cybersecurity: Challenges, opportunities and future directions." AI-enabled Technologies for Autonomous and Connected Vehicles (2022): 547-567.

Rajapaksha, Sampath, et al. "Ai-based intrusion detection systems for in-vehicle networks: A survey." ACM Computing Surveys 55.11 (2023): 1-40.

Wang, Qian, Zhaojun Lu, and Gang Qu. "An entropy analysis based intrusion detection system for controller area network in vehicles." 2018 31st IEEE International System-on-Chip Conference (SOCC). IEEE, 2018.

Ying, Xuhang, et al. "TACAN: Transmitter authentication through covert channels in controller area networks." Proceedings of the 10th ACM/IEEE International Conference on Cyber-Physical Systems. 2019.

Al-Jarrah, Omar Y., et al. "Intrusion detection systems for intra-vehicle networks: A review." Ieee Access 7 (2019): 21266-21289.

Wei, Hongqian, et al. "Real-time security warning and ECU identification for in-vehicle networks." IEEE Sensors Journal 23.17 (2023): 20258-20266.

Sommer, Florian, Mona Gierl, and Patrick Rebling. "Vehicle Network Platforms for Automotive Security Testing." Reports on Energy Efficient Mobility 3 (2023): 72-99.

Cook, J. A., and J. Sj Freudenberg. "Controller area network (can)." EECS 461 (2007): 1-5.

Lokman, Siti-Farhana, Abu Talib Othman, and Muhammad-Husaini Abu-Bakar. "Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review." EURASIP Journal on Wireless Communications and Networking 2019.1 (2019): 1-17.

Rajapaksha, Sampath, et al. "Improving in-vehicle networks intrusion detection using on-device transfer learning." Symposium on vehicles security and privacy. Vol. 10. 2023..

Checkoway, Stephen, et al. "Comprehensive experimental analyses of automotive attack surfaces." 20th USENIX security symposium (USENIX Security 11). 2011.

Miller, Charlie, and Chris Valasek. "Remote exploitation of an unaltered passenger vehicle." Black Hat USA 2015.S 91 (2015): 1-91.

Nie, Sen, Ling Liu, and Yuefeng Du. "Free-fall: Hacking tesla from wireless to can bus." Briefing, Black Hat USA 25.1 (2017): 16.

Nie, Sen, et al. "Over-the-air: How we remotely compromised the gateway, BCM, and autopilot ECUs of Tesla cars." Briefing, Black Hat USA 91 (2018): 1-19.

Dibaei, Mahdi, et al. "Attacks and defences on intelligent connected vehicles: A survey." Digital Communications and Networks 6.4 (2020): 399-421.

Nichelini, Alessandro, et al. "Canova: a hybrid intrusion detection framework based on automatic signal classification for can." Computers & Security 128 (2023): 103166.

Hossain, Md Delwar, et al. "Long short-term memory-based intrusion detection system for in-vehicle controller area network bus." 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, 2020.

Nguyen, Trieu Phong, Heungwoo Nam, and Daehee Kim. "Transformer-based attention network for in-vehicle intrusion detection." IEEE Access 11 (2023): 55389-55403.

Islam, Riadul, et al. "GGNB: Graph-based Gaussian naive Bayes intrusion detection system for CAN bus." Vehicular Communications 33 (2022): 100442.

Schell, Oleg, and Marcel Kneib. "VALID: Voltage-based lightweight intrusion detection for the controller area network." 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 2020.

Sun, Heng, et al. "Analysis of ID sequences similarity using DTW in intrusion detection for CAN bus." IEEE Transactions on Vehicular Technology 71.10 (2022): 10426-10441.

Desta, Araya Kibrom, et al. "Rec-CNN: In-vehicle networks intrusion detection using convolutional neural networks trained on recurrence plots." Vehicular Communications 35 (2022): 100470.

Song, Hyun Min, Jiyoung Woo, and Huy Kang Kim. "In-vehicle network intrusion detection using deep convolutional neural network." Vehicular Communications 21 (2020): 100198.

Hoang, Thien-Nu, and Daehee Kim. "Detecting in-vehicle intrusion via semi-supervised learning-based convolutional adversarial autoencoders." Vehicular Communications 38 (2022): 100520.

Zhang, Linxi, Xuke Yan, and Di Ma. "A binarized neural network approach to accelerate in-vehicle network intrusion detection." IEEE Access 10 (2022): 123505-123520..

Derhab, Abdelouahid, et al. "Histogram-based intrusion detection and filtering framework for secure and safe in-vehicle networks." IEEE Transactions on Intelligent Transportation Systems 23.3 (2021): 2366-2379.

Lo, Wei, et al. "A hybrid deep learning based intrusion detection system using spatial-temporal representation of in-vehicle network traffic." Vehicular Communications 35 (2022): 100471.

Longari, Stefano, et al. "Candito: Improving payload-based detection of attacks on controller area networks." International Symposium on Cyber Security, Cryptology, and Machine Learning. Cham: Springer Nature Switzerland, 2023.

Qin, Hongmao, Mengru Yan, and Haojie Ji. "Application of controller area network (CAN) bus anomaly detection based on time series prediction." Vehicular Communications 27 (2021): 100291.

Schell, Oleg, Claudio Oechsler, and Marcel Kneib. "Asymmetric symbol and skew sender identification for automotive networks." IEEE Transactions on Information Forensics and Security 17 (2022): 3959-3971.

Khandelwal, Shashwat, and Shanker Shreejith. "A lightweight FPGA-based IDS-ECU architecture for automotive CAN." 2022 international conference on field-programmable technology (ICFPT). IEEE, 2022.

Yang, Li, Abdallah Moubayed, and Abdallah Shami. "MTH-IDS: A multitiered hybrid intrusion detection system for internet of vehicles." IEEE Internet of Things Journal 9.1 (2021): 616-632.

Tariq, Shahroz, et al. "CAN-ADF: The controller area network attack detection framework." Computers & Security 94 (2020): 101857.

Agrawal, Kushagra, et al. "NovelADS: A novel anomaly detection system for intra-vehicular networks." IEEE Transactions on Intelligent Transportation Systems 23.11 (2022): 22596-22606.

Javed, Abdul Rehman, et al. "CANintelliIDS: Detecting in-vehicle intrusion attacks on a controller area network using CNN and attention-based GRU." IEEE transactions on network science and engineering 8.2 (2021): 1456-1466.

Longari, Stefano, et al. "CANnolo: An anomaly detection system based on LSTM autoencoders for controller area network." IEEE Transactions on Network and Service Management 18.2 (2020): 1913-1924.

Wang, Chao, et al. "DLAU: A scalable deep learning accelerator unit on FPGA." IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 36.3 (2016): 513-517.

Sreelekshmi, M. S., and S. Aji. "A Graph-Based Strategy for Intrusion Detection in Connected Vehicles." International Conference on Information and Communication Technology for Competitive Strategies. Singapore: Springer Nature Singapore, 2022.

Al-Jarrah, Omar Y., et al. "A novel detection approach of unknown cyber-attacks for intra-vehicle networks using recurrence plots and neural networks." IEEE Open Journal of Vehicular Technology 4 (2023): 271-280.

Syed, Naeem Firdous, Mengmeng Ge, and Zubair Baig. "Fog-cloud based intrusion detection system using Recurrent Neural Networks and feature selection for IoT networks." Computer Networks 225 (2023): 109662.

Nichelini, Alessandro, et al. "Canova: a hybrid intrusion detection framework based on automatic signal classification for can." Computers & Security 128 (2023): 103166.

Xiao, Dannier, et al. "Review of graph-based hazardous event detection methods for autonomous driving systems." IEEE Transactions on Intelligent Transportation Systems 24.5 (2023): 4697-4715.

Li, Zhengjie, et al. "A survey of FPGA design for AI era." Journal of Semiconductors 41.2 (2020): 021402.

Moss, Duncan JM, et al. "High performance binary neural networks on the Xeon+ FPGA™ platform." 2017 27Th International conference on field programmable logic and applications (FPL). IEEE, 2017.

Lee, Hyunsung, Seong Hoon Jeong, and Huy Kang Kim. "OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame." 2017 15th Annual Conference on Privacy, Security and Trust (PST). IEEE, 2017.

Han, Mee Lan, Byung Il Kwak, and Huy Kang Kim. "Anomaly intrusion detection method for vehicular networks based on survival analysis." Vehicular communications 14 (2018): 52-63.

Kang, Hyunjae, et al. "Car hacking: Attack defense challenge 2020 dataset." (No Title) (2021).

Hanselmann, Markus, et al. "CANet: An unsupervised intrusion detection system for high dimensional CAN bus data." Ieee Access 8 (2020): 58194-58205.

Dupont, Guillaume, et al. "Evaluation framework for network intrusion detection systems for in-vehicle can." 2019 IEEE International Conference on Connected Vehicles and Expo (ICCVE). IEEE, 2019.

Gazdag, Andras, Levente Buttyan, and Zsolt Szalay. "FORENSICS AWARE LOSSLESS COMPRESSION OF CAN TRAFFIC LOGS." Komunikácie 19.4 (2017).

Verma, Miki E., et al. "A comprehensive guide to CAN IDS data & introduction of the ROAD dataset." arXiv preprint arXiv:2012.14600 (2020).

Song, Hyun Min, Jiyoung Woo, and Huy Kang Kim. "In-vehicle network intrusion detection using deep convolutional neural network." Vehicular Communications 21 (2020): 100198

Islam, Riadul, et al. "Graph-based intrusion detection system for controller area networks." IEEE Transactions on Intelligent Transportation Systems 23.3 (2020): 1727-1736.

Banafshehvaragh, Samira Tahajomi, and Amir Masoud Rahmani. "Intrusion, anomaly, and attack detection in smart vehicles." Microprocessors and Microsystems 96 (2023): 104726.

Menghani, Gaurav. "Efficient deep learning: A survey on making deep learning models smaller, faster, and better." ACM Computing Surveys 55.12 (2023): 1-37.

Vadera, Sunil, and Salem Ameen. "Methods for pruning deep neural networks." IEEE Access 10 (2022): 63280-63300.

Tomlinson, Andrew, Jeremy Bryans, and Siraj Ahmed Shaikh. "Using a one-class compound classifier to detect in-vehicle network attacks." Proceedings of the genetic and evolutionary computation conference companion. 2018.

Torrey, Lisa, and Jude Shavlik. "Transfer learning." Handbook of research on machine learning applications and trends: algorithms, methods, and techniques. IGI global, 2010. 242-264.

Vinyals, Oriol, et al. "Matching networks for one shot learning." Advances in neural information processing systems 29 (2016).

Xian, Yongqin, Bernt Schiele, and Zeynep Akata. "Zero-shot learning-the good, the bad and the ugly." Proceedings of the IEEE conference on computer vision and pattern recognition. 2017.

Sun, Miao, Qiang Zhang, and Gan Han. "Research on Deep Packet Inspection for Driving Digital Operation." International Conference On Signal And Information Processing, Networking And Computers. Singapore: Springer Nature Singapore, 2022.

Swessi, Dorsaf, and Hanen Idoudi. "A comparative review of security threats datasets for vehicular networks." 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT). IEEE, 2021.

Cheng, Pengzhou, Mu Han, and Gongshen Liu. "DESC-IDS: Towards an efficient real-time automotive intrusion detection system based on deep evolving stream clustering." Future Generation Computer Systems 140 (2023): 266-281.

Krajzewicz, Daniel. "Traffic simulation with SUMO–simulation of urban mobility." Fundamentals of traffic simulation (2010): 269-293.

Lan, Kun-Chan. "MOVE: a practical simulator for mobility model in VANET." Telematics communication technologies and vehicular networks: wireless architectures and applications. IGI Global Scientific Publishing, 2010. 355-368.

Carneiro, Gustavo. "NS-3: Network simulator 3." UTM lab meeting April. Vol. 20. No. 1. 2010.

Downloads

Published

2025-04-30

How to Cite

[1]
Sreelekshmi M. S. and A. S., “Real-Time Intrusion Detection in Controller Area Networks: An Evaluation of Current Methods and Future Directions ”, Int. J. Sci. Res. Net. Sec. Comm., vol. 13, no. 2, pp. 22–34, Apr. 2025.

Issue

Vol. 13 No. 2 (2025): Vol. 13 No. 2 (2025): April Edition

Section

Review Article

Categories

License

Copyright (c) 2025 Sreelekshmi M. S., Aji S.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.