Research On Intrusion Detection Method For In-Vehicle Bus Network Based On Deep Learning

Nowadays various electronic control units(ECUs)are integrated inside the car to improve driving safety and comfort.With the development of connected cars,various sensors and communication devices are integrated in the car to interact with the outside world.However,this also provides various interfaces for hackers to intrude the vehicle network.Attacks on the safety functions of automobiles will cause serious threats to the lives of drivers and passengers.Therefore,how to protect the safety of in-vehicle networks and detect intrusion activities is of great significance to the safety of connected automobiles.The Controller Area Network(CAN)bus is the communication channel between ECUs in the car.Real-time monitoring of the traffic on the CAN bus can effectively detect the attacks of malicious nodes inside and outside the car.The main work and results of this paper are as follows:First,the vehicle network communication architecture is studied,and the characteristics of vehicle network communication are analyzed based on the CAN protocol.On this basis,the network security loopholes in the CAN protocol and the threats of network attacks that may be faced in the current environment are analyzed.The limitations and challenges of intrusion detection technology in the vehicle network environment is summarized,and evaluation indicators of intrusion detection effect is determined.Then,based on the analysis of the characteristics of normal and abnormal CAN identifier(ID)sequences and the use of convolutional neural networks for image classification,against the denial of service(Do S)attacks and fuzzy attacks of automobiles,an intrusion detection method based on Gramian Angular Field(GAF)combined withsimplified VGG network is proposed.Lastly,considering the robustness of the intrusion detection method in the environment of different brands of cars,aiming at the Do S attacks,fuzzing attacks and specific CAN ID spoofing attacks on the cars of the three brands of cars,a Markov Transition Field(MTF)combined with reduced Res Net network intrusion detection method is proposed.In summary,this paper has realized the detection of various major intrusion activities for different brands of cars by encoding the CAN ID sequences into images and the feature extraction and classification of the image by the convolutional neural network,and through experimental simulation obtained the detection rate of abnormal message sequences more than 99%.