Research On Lightweight Intrusion Detection And Security Enhancement Design For In-vehicle Network

With the rapid development of information communication technology,the electronic system of intelligent networked vehicles has gradually evolved into an automotive cyber physical system integrating perception,communication,computing and control.The automotive electronic system integrates a large number of electronic control units as the interface for data interaction with the external network,and the ECUs communicate with each other through the in-vehicle network and gateway.Currently,controller area network is the standard protocol for in-vehicle network.Since the CAN network itself lacks an information security guarantee mechanism,while the external communication interfaces of automobiles increase,the security vulnerability of in-vehicle network are becoming more and more serious.Hackers can use these security loopholes to attack the in-vehicle network,causing traffic accidents and even casualties.Therefore,in-vehicle network security is an important topic.This paper analyzes the current research status of in-vehicle network security technology,proposes a lightweight message authentication mechanism based on digital watermark and an intrusion detection system based on information entropy,builds in-vehicle CAN network communication platform and deploys the proposed method into the platform.The experimental results show that the proposed schemes can accurately deal with CAN network attacks and meet the real-time requirements.The main work content of this paper is as follows:1.CAN network is a hard real-time embedded system with high real-time requirements.In order to complete message authentication under the premise of meeting real-time requirements,a lightweight message authentication mechanism based on digital watermark and Huffman coding is proposed.The sender and receiver perform message authentication through the digital watermark inserted in the message data field,the proposed scheme can accurately perform message authentication under replay attack,DoS(Denial-of-Service,DoS)attack and tampering attack and meet the real-time requirement.Compared with the existing information security enhancement technology,this scheme has better compatibility and less communication overhead.2.An intrusion detection system based on information entropy is proposed.In this scheme,the tasks in the CAN network are classified according to safety-critical tasks,function-critical tasks,and non-critical tasks,and then the simulated annealing algorithm is used to obtain the optimal detection window size of the message set corresponding to the task,and the intrusion detection model is calculated by the entropy value of the message in the detection window.Finally,an experiment is carried out based on the real automobile CAN network data set.The experimental results show that the scheme has a high accuracy under DoS attack and injection attack.Compared with similar schemes,the scheme has higher accuracy under injection attack.3.The CAN network experiment platform is built,and the information security enhancement method based on digital watermark is deployed to the platform,the realtime performance and the delay time of sending messages is evaluated.The experimental results show that the information security enhancement method based on digital watermark has good real-time performance,and the delay of message sending is less than 1ms.The intrusion detection method based on information entropy is verified by using the real automobile CAN network data set.The experimental results show that it has high accuracy and low false negative rate in typical in-vehicle network attack scenarios.To sum up,this paper studies the message format and data transmission principle of the CAN network,and analyzes the security loopholes of the CAN network protocol.The research status of CAN network security at home and abroad is summarized,and the defects of current CAN network security technology are pointed out.An in-vehicle network information security enhancement method based on digital watermark and an in-vehicle network intrusion detection method based on information entropy are designed,the experimental results on the in-vehicle network test platform shows that the method in this paper can effectively deal with typical attacks on CAN networks with high accuracy,low false negative rate,low computational overhead and communication overhead.