| 基于通信特征的CAN总线泛洪攻击检测方法 |
| |
| 作者姓名: | 季一木 焦志鹏 刘尚东 吴飞 孙静 王娜 陈治宇 毕强 田鹏浩 |
| |
| 作者单位: | 1. 南京邮电大学计算机学院,江苏 南京 210023;2. 南京邮电大学江苏省无线传感网高技术研究重点实验室,江苏 南京 210023;3. 南京邮电大学高性能计算与大数据处理研究所,江苏 南京 210023;4. 南京邮电大学高性能计算与智能处理工程研究中心,江苏 南京 210023;5.南京邮电大学自动化学院,江苏 南京 210023;5. 南京邮电大学自动化学院,江苏 南京 210023 |
| |
| 基金项目: | 国家重点研发计划基金资助项目(No.2017YFB1401302,No.2017YFB0202200);国家自然科学基金资助项目(No.61572260,No.61872196);江苏省自然科学基金优秀青年基金资助项目(No.BK20170100);江苏省重点研发计划基金资助项目(No.BE2017166)。 |
| |
| 摘 要: | CAN由于其突出的可靠性和灵活性,已成为当代汽车应用最广泛的现场总线。但是标准CAN协议没有提供足够的安全措施,易遭受窃听、重放、泛洪、拒绝服务攻击。为了有效检测 CAN 总线是否遭受到攻击,并在遭受泛洪攻击时将恶意报文滤除。对车载 CAN 总线报文通信特征进行了分析,提出一种入侵检测方法,该方法可以有效进行入侵检测、恶意报文滤除。通过实验验证,该方法可以100%检测出CAN总线是否遭受攻击,恶意报文过滤的准确率可达99%以上。
|
| 关 键 词: | CAN总线 通信特征 入侵检测 恶意报文过滤 |
CAN bus flood attack detection based on communication characteristics |
| |
| Authors: | JI Yimu JIAO Zhipeng LIU Shangdong WU Fei SUN Jing WANG Na CHEN Zhiyu BI Qiang TIAN Penghao |
| |
| Affiliation: | (School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;Jiangsu Key Laboratory of High-Tech Research on Wireless Sensor Networks,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;Institute of High Performance Computing and Big Data Processing,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;Research Center for High Performance Computing and Intelligent Processing Engineering,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;School of Automation,Nanjing University of Posts and Telecommunications,Nanjing 210023,China) |
| |
| Abstract: | CAN has become the most extensive fieldbus for contemporary automotive applications due to its outstanding reliability and flexibility.However,the standard CAN protocol does not provide sufficient security measures and is vulnerable to eavesdropping,replay,flooding,and denial of service attacks.In order to effectively detect whether the CAN bus is attacked,and to filter malicious messages when subjected to flooding attacks.The characteristics of vehicle CAN bus message communication were analyzed,and an intrusion detection method was proposed,which could effectively perform intrusion detection and malicious message filtering.Through experimental verification,the method can detect whether the CAN bus is attacked by 100%,and the accuracy of malicious packet filtering can reach over 99%. |
| |
| Keywords: | CAN bus communication characteristics intrusion detection malicious message filtering |
| 本文献已被 维普 等数据库收录! |
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
