An Approach to Specification-based Attack Detection for In-Vehicle Networks
Artikel i vetenskaplig tidskrift, 2008

An upcoming trend for automotive manufacturers is to create seamless interaction between a vehicle and fleet management to provide remote diagnostics and firmware updates over the air. To allow this, the previously isolated in-vehicle network must be connected to an external network, and can thus be exposed to a whole new range of threats known as cyber attacks. In this paper we explore the applicability of a specification-based approach to detect cyber attacks within the in-vehicle network. We derive information to create security specifications for communication and ECU behavior from the CANopen draft standard 3.01 communication protocol and object directory sections. We also provide a set of example specifications, propose a suitable location for the attack detector, and evaluate the detection using a set of attack actions.




intrusion detection


Ulf Larson

Chalmers, Data- och informationsteknik, Datorteknik

Dennis Nilsson

Chalmers, Data- och informationsteknik, Datorteknik

Erland Jonsson

Chalmers, Data- och informationsteknik, Datorteknik

Proceedings of the IEEE Intelligent Vehicles Symposium, June 4-6, 2008, Eindhoven, The Netherlands



Mer information

Senast uppdaterat