Umeå University's logo

umu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
CAN bus intrusion detection based on auxiliary classifier GAN and out-of-distribution detection
The PCA Lab, School of Computer Science and Engineering, Nanjing University of Science and Technology, Systems for High-Dimensional Information of Ministry of Education, Jiangsu Key Lab of Image and Video Understanding for Social Security, Jiangsu, Nanjing, China.
The PCA Lab, School of Computer Science and Engineering, Nanjing University of Science and Technology, Systems for High-Dimensional Information of Ministry of Education, Jiangsu Key Lab of Image and Video Understanding for Social Security, Jiangsu, Nanjing, China.
Umeå University, Faculty of Science and Technology, Department of Applied Physics and Electronics.ORCID iD: 0000-0003-4228-2774
Umeå University, Faculty of Science and Technology, Department of Applied Physics and Electronics.
Show others and affiliations
2022 (English)In: ACM Transactions on Embedded Computing Systems, ISSN 1539-9087, E-ISSN 1558-3465, Vol. 21, no 4, article id 45Article in journal (Refereed) Published
Abstract [en]

The Controller Area Network (CAN) is a ubiquitous bus protocol present in the Electrical/Electronic (E/E) systems of almost all vehicles. It is vulnerable to a range of attacks once the attacker gains access to the bus through the vehicle's attack surface. We address the problem of Intrusion Detection on the CAN bus and present a series of methods based on two classifiers trained with Auxiliary Classifier Generative Adversarial Network (ACGAN) to detect and assign fine-grained labels to Known Attacks and also detect the Unknown Attack class in a dataset containing a mixture of (Normal + Known Attacks + Unknown Attack) messages. The most effective method is a cascaded two-stage classification architecture, with the multi-class Auxiliary Classifier in the first stage for classification of Normal and Known Attacks, passing Out-of-Distribution (OOD) samples to the binary Real-Fake Classifier in the second stage for detection of the Unknown Attack class. Performance evaluation demonstrates that our method achieves both high classification accuracy and low runtime overhead, making it suitable for deployment in the resource-constrained in-vehicle environment.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2022. Vol. 21, no 4, article id 45
Keywords [en]
Automotive security, controller area network, deep learning, GAN, intrusion detection
National Category
Computer Engineering Computer Sciences
Identifiers
URN: urn:nbn:se:umu:diva-201369DOI: 10.1145/3540198ISI: 000865883500011Scopus ID: 2-s2.0-85142213778OAI: oai:DiVA.org:umu-201369DiVA, id: diva2:1715279
Available from: 2022-12-01 Created: 2022-12-01 Last updated: 2023-03-24Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Gu, ZonghuaLuan, Siyu

Search in DiVA

By author/editor
Gu, ZonghuaLuan, Siyu
By organisation
Department of Applied Physics and Electronics
In the same journal
ACM Transactions on Embedded Computing Systems
Computer EngineeringComputer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 162 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf