The Research On Information Security Model For In-Vehicle Network

This dissertation is completed under the patronizing of Science and Technology Department of Sichuan Province.It aims at researching the information security of in-vehicle network.After a detailed analysis of the vehicle’s information security risks,attack cases and the corresponding defense methods,this dissertation presents an information security model for in-vehicle network.The main contents and research works are as follows:(1)Summarizing and analyzing the foreign and domestic researches of automobile information security.Vehicle manufactures,information security companies and universities study their own different directions.More researches on the attack methods,but less researches on the defense approaches,and few researches on systematic security defense programs.Automotive information security research is still at the initial stage.(2)Analyzing the vehicle’s information security risks.Firstly,I analyzed the information risks of the vehicle’s communication interfaces with outside atmosphere: physical contact,short distance wireless interface,and long distance wireless interface.And then I analyzed the exiting attacks aims of them.Secondly,I analyzed the security flaws of in-vehicle network,emphasis on the broadcasting message process,arbitrating priority methods and other mechanisms of CAN-bus network that will suffer security attacks.Thirdly,I analyzed the weakness of ECU that could be used to insert viruses which can send malicious messages to in-vehicle network.At last,I give some thoughts about how to fix this flaws.(3)Designing key management scheme.The main cause of attacks on vehicles is that the in-vehicle network lacks the information security mechanism.And vehicle’s information security depends on the security of encryption key.After analyzing the PKI scheme of the computer network and the key matrix scheme of the sensor network,I improves the key matrix to adapt to in-vehicle network as its key management scheme.In this scheme,the serve pre-distribute a key generation formula to the ECU at the initial stage.And then when the ECUs communicate with each other,the same key can be calculated by exchanging the respective serial numbers.(4)Designing ECU’s authentication,firmware integrity detection,encrypted communication scheme.In this scheme,the authentication is consist of online progress and local progress.It verifies the ECU’s identity by comparing the encrypted sequence number,and verifies the integrity of ECU’s firmware by comparing the encrypted hash values,and uses improved key matrix algorithm to generate keys,and encrypts the communication with the AES algorithm,and adds random numbers and timestamps to the message to prevent replay attacks.After some simulation experiments and calculations,the probability of this program being compromised is-73?10,and when the ?(27)90,the key generation time is faster than the NTRU algorithm.(5)Calculating CAN-bus entropy mathematical model.After analyzing the three main categories of intrusion detection algorithm,which is based on statistics,and based on knowledge rules,and based on artificial intelligence,I choose entropy algorithm as the intrusion detection method of the security model.Because the entropy algorithm is suitable for analyzing encrypted data flow.After analyzing the message ID and periodicity of CAN bus,I have calculated the information entropy and relative entropy mathematical model of CAN bus.After some theoretical analysis and calculates,the model has proven to can detect the appearance of new ID message in the CAN bus,and the changes of sending frequency of the message.The results are also verified by simulation experiments.(6)Designing intrusion detection scheme based on information entropy,and response strategy.According to the CAN bus broadcast rules,this dissertation applies network-based intrusion detection structure.It places detection unit on the network,including each sub-networks,in order to locate the attack source.When the car is ignited to move,the detection system starts to periodically counts the ID and frequency of the CAN bus messages,and calculates these messages’ information entropy and the relative entropy,and compares these results with the standard values to detect abnormal traffic.According to the target being attacked,I divide the attacks into three categories: general danger,serious danger,and fatal danger,and provide the corresponding visual,sound,tactile reminder strategies.The experiment’s results show that the proposed vehicle safety protection mechanism can effectively protect the security of vehicle network communication,and protect the car from external attacks and internal attacks,and ensure the availability of ECU.