Correlation-Based Anomaly Detection for the CAN Bus
نویسندگان
چکیده
Abstract Previous attacks have shown that in-vehicle networks vulnerabilities and a successful attack could lead to significant financial loss danger life. In this paper, we propose Pearson correlation based anomaly detection algorithm detect CAN message modification attacks. The does not need priori information about the communication: it identifies signals on statistical properties, finds important coefficients for correlating signals, detects as deviations from previously learned normal state.
منابع مشابه
Assessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کامل3D Gabor Based Hyperspectral Anomaly Detection
Hyperspectral anomaly detection is one of the main challenging topics in both military and civilian fields. The spectral information contained in a hyperspectral cube provides a high ability for anomaly detection. In addition, the costly spatial information of adjacent pixels such as texture can also improve the discrimination between anomalous targets and background. Most studies miss the wort...
متن کاملGraph-based Correlation of SNMP Objects for Anomaly Detection
Anomaly detection is essential, because it allows a rapid reaction to the problems and helps assuring performance and security in computer networks. This paper presents an anomaly detection system based on: (i) the traffic characterization performed by the BLGBA model, which is responsible for the DSNS generation; (ii) an alarm system that compares the DSNS and the real movement obtained in SNM...
متن کاملNetwork Payload-based Anomaly Detection and Content-based Alert Correlation
Network Payload-based Anomaly Detection and Content-based Alert Correlation
متن کاملField classification, modeling and anomaly detection in unknown CAN bus networks
This paper describes a novel domain-aware anomaly detection system for in-car CAN bus network traffic. Through inspection of real CAN bus communication, we were able to split the messages into fields and identify the field types, without any prior knowledge of the message formats. We discovered the presence of Constant fields, Multi-Value fields and Counter or Sensor fields. Next we developed a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Communications in computer and information science
سال: 2022
ISSN: ['1865-0937', '1865-0929']
DOI: https://doi.org/10.1007/978-3-031-09357-9_4