Anomaly Detection And Defense Technology For Vehicle Network

As automobiles become more popular,people are pursuing a safer,more convenient,and more comfortable travel experience.V2 X,cloud,big data,5G,and smart city infrastructure are the backbone of smart vehicle connectivity.As a traditional vehicle network communication protocol,controller area network is vulnerable to security threats because it is designed without considering security issues.So,it is necessary to study the defense method on CAN bus,which is very important to protect the safety and reliability of intelligent networked vehicles.In this paper,we present several on-board network communication protocols,perform extensive research on the CAN bus,which is currently the most widely used,an analysis of the main existing problems,and a summary of various defense schemes currently applied in invehicle networks,respectively proposing two different defense schemes for anomalies of known attack features and unknown attack features in networks.A in-vehicle network defense prototype system is implemented.The main research content of this paper is as follows:1.Aiming at the abnormal behavior of known attack characteristics in in-vehicle network,a hybrid detection method of in-vehicle network anomaly based on CNN-Res Net and knowledge distillation is proposed.This method considers the accuracy and applicability of anomaly detection model in the resource-constrained environment of vehicle.Firstly,The CNN-Res Net hybrid model is used to realize data reduction,feature extraction and high precision anomaly detection.Secondly,considering the large model used in most existing research schemes and the large number of training parameters,it is difficult to effectively deploy the vehicle,so the knowledge distillation technology is proposed to transfer knowledge to the small model,and reduce the size of the model and the number of parameters while realizing the high precision detection.Finally,experiments show that the proposed method can reduce model size and parameter number by more than 90% on the premise of ensuring the accuracy of anomaly detection.2.In this paper,an endogenous security mechanism based on DHR architecture is proposed to improve the attacker’s attack difficulty by generating virtual message ID to ensure its dynamic redundancy,the effect of the attack message on the final result is eliminated by using dynamic adjudication mechanism.And,a dynamic redundancy update strategy is proposed to improve the robustness of the defense mechanism in attack environment.Experiments show that this method is effective in space,time and security,and proves that this defense mechanism is feasible and effective against unknown attacks on vehicle-borne networks.3.Based on the different characteristics of the attack behavior,a prototype system is designed and implemented to provide a comprehensive and multi-angle security defense function for the network.Finally,the test results show that the prototype system can effectively detect the abnormal behavior under different conditions,realize the dynamic redundancy generation of messages,and ensure the safe and reliable transmission of data.The security defense of intelligent connected vehicles is currently a major research trend.This paper has preliminarily studied anomaly detection and defense technologies applicable to in-vehicle networks.By dealing with anomalous situations with known attack characteristics and unknown attack characteristics,experimental comparisons were conducted to verify the effectiveness of the proposed defense models.These results provide a benchmark for further research and information security assurance of smart connected vehicles.