| With the large-scale application of intelligent networked vehicles,their security issues have become increasingly prominent,involving a large number of data leaks and car cracking incidents.As an important control network for vehicles,CAN network is the primary target of hacker attacks.In the CAN network security protection technology,intrusion detection technology is widely concerned because it does not cause network communication delay.To this end,this article takes CAN network intrusion detection technology as the research object,proposes a detection scheme based on ID entropy and support vector machine-data relevance(SVM-DR),and designs a vehicle-mounted CAN network intrusion detection device,which can accurately deal with typical CAN Network attacks.The main research contents of the thesis include:(1)Studyed the CAN network communication principle and message format.After analyzing the limitations of the CAN network protocol and typical attack types in the context of intelligent network connection,proposed a detection scheme based on ID entropy and support vector machine-data relevance(SVM-DR)to detect the abnormality of the periodic messages and non-periodic messages.(2)For periodic messages,the CAN ID identifier is selected as the detection feature,and proposed a detection scheme based on ID entropy.In this detection scheme: create a whitelist library,detecting and filtering the illegal ID in the CAN network;combine the information entropy value of the CAN message ID to analyze and judge the abnormal state of the CAN network communication;use the relative entropy value of the CAN message ID to perform the abnormal message Positioning.Through this scheme,accurate and error-free detection of replay attacks,DoS attacks,and drop attacks is achieved,and abnormal messages can be located.(3)For aperiodic and important information messages,the data domain is selected as the detection feature,and a detection scheme based on support vector machine-data relevance(SVM-DR)is proposed,established an abnormal detection model for engine speed,vehicle speed,gear position,and door lock status signals.Convert the problem of whether the CAN message is abnormal or not(the existence of data relevance)into a machine learning binary classification problem,which is used to detect tampering attacks.The simulation results show that the model has a good detection effect on tampering attacks of messages,and its detection accuracy rate is 97.14%.(4)Designed and developed a vehicle-mounted CAN network intrusion detection device,completed the development of hardware modules and intrusion detection software.The experimental results of a real vehicle(Hyundai i30)show that the device can accurately detect typical attacks such as replay,DoS,discard,and tampering,which verifies the rationality of the algorithm in this paper. |
PDF Full Text Request