Related papers: Advancing CAN Network Security through RBM-Based Synthetic Attack Data Generation for Intrusion Detection Systems

Advancing CAN Network Security through RBM-Based Synthetic Attack Data Generation for Intrusion Detection Systems

URL: http://arxiv.org/abs/2503.21496v1
Date: Thu, 27 Mar 2025 13:33:55 GMT
Title: Advancing CAN Network Security through RBM-Based Synthetic Attack Data Generation for Intrusion Detection Systems
Authors: Huacheng Li, Jingyong Su, Kai Wang,
Abstract summary: In the Internet of Vehicles (IoV), the Controller Area Network (CAN) has become extremely vulnerable to severe cybersecurity threats.<n>We introduce a novel methodology leveraging the Restricted Boltzmann Machine (RBM) to generate synthetic CAN attack data.<n>We show the generated data significantly improves IDS performance, with CANet accuracy rising from 0.6477 to 0.9725 and EfficientNet from 0.1067 to 0.1555.
Score: 7.7643612958544095
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: The rapid development of network technologies and industrial intelligence has augmented the connectivity and intelligence within the automotive industry. Notably, in the Internet of Vehicles (IoV), the Controller Area Network (CAN), which is crucial for the communication of electronic control units but lacks inbuilt security measures, has become extremely vulnerable to severe cybersecurity threats. Meanwhile, the efficacy of Intrusion Detection Systems (IDS) is hampered by the scarcity of sufficient attack data for robust model training. To overcome this limitation, we introduce a novel methodology leveraging the Restricted Boltzmann Machine (RBM) to generate synthetic CAN attack data, thereby producing training datasets with a more balanced sample distribution. Specifically, we design a CAN Data Processing Module for transforming raw CAN data into an RBM-trainable format, and a Negative Sample Generation Module to generate data reflecting the distribution of CAN data frames denoting network intrusions. Experimental results show the generated data significantly improves IDS performance, with CANet accuracy rising from 0.6477 to 0.9725 and EfficientNet from 0.1067 to 0.1555. Code is available at https://github.com/wangkai-tech23/CANDataSynthetic.

Related papers

Sustainable Diffusion-based Incentive Mechanism for Generative AI-driven Digital Twins in Industrial Cyber-Physical Systems [65.22300383287904]
Industrial Cyber-Physical Systems (ICPSs) are an integral component of modern manufacturing and industries.<n>By digitizing data throughout product life cycles, Digital Twins (DTs) in ICPSs enable a shift from current industrial infrastructures to intelligent and adaptive infrastructures.<n>GenAI can drive the construction and update of DTs to improve predictive accuracy and prepare for diverse smart manufacturing.
arXiv Detail & Related papers (2024-08-02T10:47:10Z)
CARACAS: vehiCular ArchitectuRe for detAiled Can Attacks Simulation [37.89720165358964]
This paper showcases CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities. CarACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.
arXiv Detail & Related papers (2024-06-11T10:16:55Z)
Enhancing Network Intrusion Detection Performance using Generative Adversarial Networks [0.25163931116642785]
We propose a novel approach for enhancing the performance of an NIDS through the integration of Generative Adversarial Networks (GANs) GANs generate synthetic network traffic data that closely mimics real-world network behavior. Our findings show that the integration of GANs into NIDS can lead to enhancements in intrusion detection performance for attacks with limited training data.
arXiv Detail & Related papers (2024-04-11T04:01:15Z)
Grid Monitoring with Synchro-Waveform and AI Foundation Model Technologies [41.994460245857404]
This article advocates for the development of a next-generation grid monitoring and control system designed for future grids dominated by inverter-based resources.<n>We develop a physics-based AI foundation model with high-resolution synchro-waveform measurement technology to enhance grid resilience and reduce economic losses from outages.
arXiv Detail & Related papers (2024-03-11T17:28:46Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Real-Time Zero-Day Intrusion Detection System for Automotive Controller Area Network on FPGAs [13.581341206178525]
This paper presents an unsupervised-learning-based convolutional autoencoder architecture for detecting zero-day attacks. We quantise the model using Vitis-AI tools from AMD/Xilinx targeting a resource-constrained Zynq Ultrascale platform. The proposed model successfully achieves equal or higher classification accuracy (> 99.5%) on unseen DoS, fuzzing, and spoofing attacks.
arXiv Detail & Related papers (2024-01-19T14:36:01Z)
A high throughput Intrusion Detection System (IDS) to enhance the security of data transmission among research centers [39.65647745132031]
This paper presents a packet sniffer that was designed using a commercial FPGA development board. The system can support a data throughput of 10 Gbit/s with preliminary results showing that the speed of data transmission can be reliably extended to 100 Gbit/s. It is particularly suited for the security of universities and research centers, where point-to-point network connections are dominant.
arXiv Detail & Related papers (2023-11-10T14:30:00Z)
Adversarial training with informed data selection [53.19381941131439]
Adrial training is the most efficient solution to defend the network against these malicious attacks. This work proposes a data selection strategy to be applied in the mini-batch training. The simulation results show that a good compromise can be obtained regarding robustness and standard accuracy.
arXiv Detail & Related papers (2023-01-07T12:09:50Z)
CANShield: Signal-based Intrusion Detection for Controller Area Networks [29.03951113836835]
We propose CANShield, a signal-based intrusion detection framework for the CAN bus. CanShield consists of three modules: a data preprocessing module that handles the high-dimensional CAN data stream at the signal level; a data analyzer module consisting of multiple deep autoencoder networks, each analyzing the time-series data from a different temporal perspective; and an attack detection module that uses an ensemble method to make the final decision.
arXiv Detail & Related papers (2022-05-03T04:52:44Z)
Synthetic flow-based cryptomining attack generation through Generative Adversarial Networks [1.2575897140677708]
Flow-based data sets are crucial to increase the performance of Machine Learning components. Data privacy is appearing more and more as a strong requirement when processing such network data. We propose a novel deterministic way to measure the quality of the synthetic data produced by a GAN.
arXiv Detail & Related papers (2021-07-30T17:27:55Z)
Deep Learning based Covert Attack Identification for Industrial Control Systems [5.299113288020827]
We develop a data-driven framework that can be used to detect, diagnose, and localize a type of cyberattack called covert attacks on smart grids. The framework has a hybrid design that combines an autoencoder, a recurrent neural network (RNN) with a Long-Short-Term-Memory layer, and a Deep Neural Network (DNN)
arXiv Detail & Related papers (2020-09-25T17:48:43Z)

This list is automatically generated from the titles and abstracts of the papers in this site.