A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks

• URL: http://arxiv.org/abs/2405.01324v1
• Date: Thu, 2 May 2024 14:29:42 GMT
• Title: A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks
• Authors: Philipp Meyer, Timo Häckel, Teresa Lübeck, Franz Korf, Thomas C. Schmidt,
• Abstract summary: We present an assessment framework that allows for reproducible, comparable, and rapid evaluation of anomaly detection algorithms. We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types.
• Score: 0.4077787659104315
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Connected cars are susceptible to cyberattacks. Security and safety of future vehicles highly depend on a holistic protection of automotive components, of which the time-sensitive backbone network takes a significant role. These onboard Time-Sensitive Networks (TSNs) require monitoring for safety and -- as versatile platforms to host Network Anomaly Detection Systems (NADSs) -- for security. Still a thorough evaluation of anomaly detection methods in the context of hard real-time operations, automotive protocol stacks, and domain specific attack vectors is missing along with appropriate input datasets. In this paper, we present an assessment framework that allows for reproducible, comparable, and rapid evaluation of detection algorithms. It is based on a simulation toolchain, which contributes configurable topologies, traffic streams, anomalies, attacks, and detectors. We demonstrate the assessment of NADSs in a comprehensive in-vehicular network with its communication flows, on which we model traffic anomalies. We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types. Our approach translates to other real-time Ethernet domains, such as industrial facilities, airplanes, and UAVs.

Related papers

• An Anomaly Detection System Based on Generative Classifiers for Controller Area Network [7.537220883022467]
  Modern vehicles are susceptible to various types of attacks, enabling attackers to gain control and compromise safety-critical systems. Several Intrusion Detection Systems (IDSs) have been proposed in the literature to detect such cyber-attacks on vehicles. This paper introduces a novel generative classifier-based IDS for anomaly detection in automotive networks.
  arXiv  Detail & Related papers  (2024-12-28T19:59:33Z)
• Convolutional Neural Network Design and Evaluation for Real-Time Multivariate Time Series Fault Detection in Spacecraft Attitude Sensors [41.94295877935867]
  This paper presents a novel approach to detecting stuck values within the Accelerometer and Inertial Measurement Unit of a drone-like spacecraft. A multi-channel Convolutional Neural Network (CNN) is used to perform multi-target classification and independently detect faults in the sensors. An integration methodology is proposed to enable the network to effectively detect anomalies and trigger recovery actions at the system level.
  arXiv  Detail & Related papers  (2024-10-11T09:36:38Z)
• CARACAS: vehiCular ArchitectuRe for detAiled Can Attacks Simulation [37.89720165358964]
  This paper showcases CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities. CarACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.
  arXiv  Detail & Related papers  (2024-06-11T10:16:55Z)
• Electrical Grid Anomaly Detection via Tensor Decomposition [41.94295877935867]
  Previous work has shown that dimensionality reduction-based approaches can be used for accurate identification of anomalies in SCADA systems. In this work, we novelly apply the tensor decomposition method Canonical Polyadic Alternating Poisson Regression with a probabilistic framework, to identify anomalies in SCADA systems. In our experiments, we model real-world SCADA system data collected from the electrical grid operated by Los Alamos National Laboratory.
  arXiv  Detail & Related papers  (2023-10-12T18:23:06Z)
• A Variational Autoencoder Framework for Robust, Physics-Informed Cyberattack Recognition in Industrial Cyber-Physical Systems [2.051548207330147]
  We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on industrial control systems. The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN)
  arXiv  Detail & Related papers  (2023-10-10T19:07:53Z)
• Leveraging a Probabilistic PCA Model to Understand the Multivariate Statistical Network Monitoring Framework for Network Security Anomaly Detection [64.1680666036655]
  We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view. We have evaluated the mathematical model using two different datasets.
  arXiv  Detail & Related papers  (2023-02-02T13:41:18Z)
• Anomaly Detection in Automatic Generation Control Systems Based on Traffic Pattern Analysis and Deep Transfer Learning [0.38073142980733]
  In modern highly interconnected power grids, automatic generation control (AGC) is crucial in maintaining the stability of the power grid. The dependence of the AGC system on the information and communications technology (ICT) system makes it vulnerable to various types of cyber-attacks. Information flow (IF) analysis and anomaly detection became paramount for preventing cyber attackers from driving the cyber-physical power system to instability.
  arXiv  Detail & Related papers  (2022-09-16T17:52:42Z)
• Unsupervised Abnormal Traffic Detection through Topological Flow Analysis [1.933681537640272]
  topological connectivity component of a malicious flow is less exploited. We present a simple method that facilitate the use of connectivity graph features in unsupervised anomaly detection algorithms.
  arXiv  Detail & Related papers  (2022-05-14T18:52:49Z)
• AVTPnet: Convolutional Autoencoder for AVTP anomaly detection in Automotive Ethernet Networks [2.415997479508991]
  In this paper, we propose a convolutional autoencoder (CAE) for offline detection of anomalies on the Audio Video Transport Protocol (AVTP) Our proposed approach is evaluated on the recently published " Automotive Ethernet Intrusion dataset"
  arXiv  Detail & Related papers  (2022-01-31T19:13:20Z)
• Integrated Traffic Simulation-Prediction System using Neural Networks with Application to the Los Angeles International Airport Road Network [39.975268616636]
  The proposed system includes an optimization-based OD matrix generation method, a Neural Network (NN) model trained to predict OD matrices via the pattern of traffic flow and a microscopic traffic simulator. We test the proposed system on the road network of the central terminal area (CTA) of the Los Angeles International Airport (LAX)
  arXiv  Detail & Related papers  (2020-08-05T01:41:10Z)
• Risk-Averse MPC via Visual-Inertial Input and Recurrent Networks for Online Collision Avoidance [95.86944752753564]
  We propose an online path planning architecture that extends the model predictive control (MPC) formulation to consider future location uncertainties. Our algorithm combines an object detection pipeline with a recurrent neural network (RNN) which infers the covariance of state estimates. The robustness of our methods is validated on complex quadruped robot dynamics and can be generally applied to most robotic platforms.
  arXiv  Detail & Related papers  (2020-07-28T07:34:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.