A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks
- URL: http://arxiv.org/abs/2405.01324v1
- Date: Thu, 2 May 2024 14:29:42 GMT
- Title: A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks
- Authors: Philipp Meyer, Timo Häckel, Teresa Lübeck, Franz Korf, Thomas C. Schmidt,
- Abstract summary: We present an assessment framework that allows for reproducible, comparable, and rapid evaluation of anomaly detection algorithms.
We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types.
- Score: 0.4077787659104315
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Connected cars are susceptible to cyberattacks. Security and safety of future vehicles highly depend on a holistic protection of automotive components, of which the time-sensitive backbone network takes a significant role. These onboard Time-Sensitive Networks (TSNs) require monitoring for safety and -- as versatile platforms to host Network Anomaly Detection Systems (NADSs) -- for security. Still a thorough evaluation of anomaly detection methods in the context of hard real-time operations, automotive protocol stacks, and domain specific attack vectors is missing along with appropriate input datasets. In this paper, we present an assessment framework that allows for reproducible, comparable, and rapid evaluation of detection algorithms. It is based on a simulation toolchain, which contributes configurable topologies, traffic streams, anomalies, attacks, and detectors. We demonstrate the assessment of NADSs in a comprehensive in-vehicular network with its communication flows, on which we model traffic anomalies. We evaluate exemplary detection mechanisms and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types. Our approach translates to other real-time Ethernet domains, such as industrial facilities, airplanes, and UAVs.
Related papers
- A Variational Autoencoder Framework for Robust, Physics-Informed
Cyberattack Recognition in Industrial Cyber-Physical Systems [2.051548207330147]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on industrial control systems.
The framework has a hybrid design that combines a variational autoencoder (VAE), a recurrent neural network (RNN), and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2023-10-10T19:07:53Z) - DARTH: Holistic Test-time Adaptation for Multiple Object Tracking [87.72019733473562]
Multiple object tracking (MOT) is a fundamental component of perception systems for autonomous driving.
Despite the urge of safety in driving systems, no solution to the MOT adaptation problem to domain shift in test-time conditions has ever been proposed.
We introduce DARTH, a holistic test-time adaptation framework for MOT.
arXiv Detail & Related papers (2023-10-03T10:10:42Z) - Leveraging a Probabilistic PCA Model to Understand the Multivariate
Statistical Network Monitoring Framework for Network Security Anomaly
Detection [64.1680666036655]
We revisit anomaly detection techniques based on PCA from a probabilistic generative model point of view.
We have evaluated the mathematical model using two different datasets.
arXiv Detail & Related papers (2023-02-02T13:41:18Z) - Anomaly Detection in Automatic Generation Control Systems Based on
Traffic Pattern Analysis and Deep Transfer Learning [0.38073142980733]
In modern highly interconnected power grids, automatic generation control (AGC) is crucial in maintaining the stability of the power grid.
The dependence of the AGC system on the information and communications technology (ICT) system makes it vulnerable to various types of cyber-attacks.
Information flow (IF) analysis and anomaly detection became paramount for preventing cyber attackers from driving the cyber-physical power system to instability.
arXiv Detail & Related papers (2022-09-16T17:52:42Z) - Unsupervised Abnormal Traffic Detection through Topological Flow
Analysis [1.933681537640272]
topological connectivity component of a malicious flow is less exploited.
We present a simple method that facilitate the use of connectivity graph features in unsupervised anomaly detection algorithms.
arXiv Detail & Related papers (2022-05-14T18:52:49Z) - STC-IDS: Spatial-Temporal Correlation Feature Analyzing based Intrusion
Detection System for Intelligent Connected Vehicles [7.301018758489822]
We present a novel model for automotive intrusion detection by spatial-temporal correlation features of in-vehicle communication traffic (STC-IDS)
Specifically, the proposed model exploits an encoding-detection architecture. In the encoder part, spatial and temporal relations are encoded simultaneously.
The encoded information is then passed to the detector for generating forceful spatial-temporal attention features and enabling anomaly classification.
arXiv Detail & Related papers (2022-04-23T04:22:58Z) - AVTPnet: Convolutional Autoencoder for AVTP anomaly detection in
Automotive Ethernet Networks [2.415997479508991]
In this paper, we propose a convolutional autoencoder (CAE) for offline detection of anomalies on the Audio Video Transport Protocol (AVTP)
Our proposed approach is evaluated on the recently published " Automotive Ethernet Intrusion dataset"
arXiv Detail & Related papers (2022-01-31T19:13:20Z) - DAE : Discriminatory Auto-Encoder for multivariate time-series anomaly
detection in air transportation [68.8204255655161]
We propose a novel anomaly detection model called Discriminatory Auto-Encoder (DAE)
It uses the baseline of a regular LSTM-based auto-encoder but with several decoders, each getting data of a specific flight phase.
Results show that the DAE achieves better results in both accuracy and speed of detection.
arXiv Detail & Related papers (2021-09-08T14:07:55Z) - Out-of-Distribution Detection for Automotive Perception [58.34808836642603]
Neural networks (NNs) are widely used for object classification in autonomous driving.
NNs can fail on input data not well represented by the training dataset, known as out-of-distribution (OOD) data.
This paper presents a method for determining whether inputs are OOD, which does not require OOD data during training and does not increase the computational cost of inference.
arXiv Detail & Related papers (2020-11-03T01:46:35Z) - Defending Water Treatment Networks: Exploiting Spatio-temporal Effects
for Cyber Attack Detection [46.67179436529369]
Water Treatment Networks (WTNs) are critical infrastructures for local communities and public health, WTNs are vulnerable to cyber attacks.
We propose a structured anomaly detection framework to defend WTNs by modeling thetemporal characteristics of cyber attacks in WTNs.
arXiv Detail & Related papers (2020-08-26T15:56:55Z) - Risk-Averse MPC via Visual-Inertial Input and Recurrent Networks for
Online Collision Avoidance [95.86944752753564]
We propose an online path planning architecture that extends the model predictive control (MPC) formulation to consider future location uncertainties.
Our algorithm combines an object detection pipeline with a recurrent neural network (RNN) which infers the covariance of state estimates.
The robustness of our methods is validated on complex quadruped robot dynamics and can be generally applied to most robotic platforms.
arXiv Detail & Related papers (2020-07-28T07:34:30Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.