Threat Analysis for Automotive CAN Networks: A GAN Model-Based Intrusion Detection Technique

Guoqi Xie, Laurence T. Yang, Yuanda Yang, Haibo Luo, Renfa Li, Mamoun Alazab

Research output: Contribution to journalArticlepeer-review

73 Citations (Scopus)

Abstract

With the rapid development of Internet of vehicles, connected vehicles, autonomous vehicles, and autonomous driving technologies, automotive Controller Area Networks (CAN) have suffered from numerous security threats. Deep learning models are the current mainstream intrusion detection techniques for threat analysis, and the state-of-the-art intrusion detection technique introduces the Generative Adversarial Networks (GAN) model to generate usable attacked samples to supplement the training samples, but it exists the limitations of rough CAN message block construction and fails to detect the data tampering threat. Based on the CAN communication matrix defined by the automotive Original Equipment Manufacturer (OEM) for a vehicle model, we propose an enhanced deep learning GAN model with elaborate CAN message blocks and the enhanced GAN discriminator. The elaborate CAN message blocks in the training samples can precisely reflect the real generated CAN message blocks in the detection phase. The GAN discriminator can detect whether each message has suffered from the data tampering threat. Experimental results illustrate that the enhanced deep learning GAN model has higher detection accuracy, recall, and F1 scores than the state-of-the-art deep learning GAN model under various attacks and threats.

Original languageEnglish
Pages (from-to)4467-4477
Number of pages11
JournalIEEE Transactions on Intelligent Transportation Systems
Volume22
Issue number7
DOIs
Publication statusPublished - Jul 2021

Bibliographical note

Publisher Copyright:
IEEE

Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.

Fingerprint

Dive into the research topics of 'Threat Analysis for Automotive CAN Networks: A GAN Model-Based Intrusion Detection Technique'. Together they form a unique fingerprint.

Cite this