Related papers: SecCAN: An Extended CAN Controller with Embedded Intrusion Detection

SecCAN: An Extended CAN Controller with Embedded Intrusion Detection

URL: http://arxiv.org/abs/2505.14924v1
Date: Tue, 20 May 2025 21:16:03 GMT
Title: SecCAN: An Extended CAN Controller with Embedded Intrusion Detection
Authors: Shashwat Khandelwal, Shreejith Shanker,
Abstract summary: SecCAN is a novel CAN controller architecture that embeds IDS capability within the datapath of the controller.<n>A custom-quantised machine-learning accelerator is developed as the IDS engine and embedded into SecCAN's receive data path.<n>We show that SecCAN can completely hide the IDS latency within the CAN reception window for all CAN packet sizes.
Score: 12.084121187559864
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Recent research has highlighted the vulnerability of in-vehicle network protocols such as controller area networks (CAN) and proposed machine learning-based intrusion detection systems (IDSs) as an effective mitigation technique. However, their efficient integration into vehicular architecture is non-trivial, with existing methods relying on electronic control units (ECUs)-coupled IDS accelerators or dedicated ECUs as IDS accelerators. Here, initiating IDS requires complete reception of a CAN message from the controller, incurring data movement and software overheads. In this paper, we present SecCAN, a novel CAN controller architecture that embeds IDS capability within the datapath of the controller. This integration allows IDS to tap messages directly from within the CAN controller as they are received from the bus, removing overheads incurred by existing ML-based IDSs. A custom-quantised machine-learning accelerator is developed as the IDS engine and embedded into SecCAN's receive data path, with optimisations to overlap the IDS inference with the protocol's reception window. We implement SecCAN on AMD XCZU7EV FPGA to quantify its performance and benefits in hardware, using multiple attack datasets. We show that SecCAN can completely hide the IDS latency within the CAN reception window for all CAN packet sizes and detect multiple attacks with state-of-the-art accuracy with zero software overheads on the ECU and low energy overhead (73.7 uJ per message) for IDS inference. Also, SecCAN incurs limited resource overhead compared to a standard CAN controller (< 30% LUT, < 1% FF), making it ideally suited for automotive deployment.

Related papers

CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
arXiv Detail & Related papers (2025-07-19T20:09:52Z)
SDN-Based False Data Detection With Its Mitigation and Machine Learning Robustness for In-Vehicle Networks [4.329477624773496]
This paper proposes a robust SDN-based False Data Detection and Mitigation System (FDDMS) for in-vehicle networks.<n>FDDMS is designed to monitor and detect false data injection attacks in real-time.
arXiv Detail & Related papers (2025-06-06T22:09:36Z)
CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
arXiv Detail & Related papers (2025-05-14T13:37:07Z)
Cross-domain Learning Framework for Tracking Users in RIS-aided Multi-band ISAC Systems with Sparse Labeled Data [55.70071704247794]
Integrated sensing and communications (ISAC) is pivotal for 6G communications and is boosted by the rapid development of reconfigurable intelligent surfaces (RISs) This paper proposes the X2Track framework, where we model the tracking function by a hierarchical architecture, jointly utilizing multi-modal CSI indicators across multiple bands, and optimize it in a cross-domain manner. Under X2Track, we design an efficient deep learning algorithm to minimize tracking errors, based on transformer neural networks and adversarial learning techniques.
arXiv Detail & Related papers (2024-05-10T08:04:27Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Real-Time Zero-Day Intrusion Detection System for Automotive Controller Area Network on FPGAs [13.581341206178525]
This paper presents an unsupervised-learning-based convolutional autoencoder architecture for detecting zero-day attacks. We quantise the model using Vitis-AI tools from AMD/Xilinx targeting a resource-constrained Zynq Ultrascale platform. The proposed model successfully achieves equal or higher classification accuracy (> 99.5%) on unseen DoS, fuzzing, and spoofing attacks.
arXiv Detail & Related papers (2024-01-19T14:36:01Z)
A Lightweight FPGA-based IDS-ECU Architecture for Automotive CAN [13.581341206178525]
This paper presents a consolidated ECU architecture incorporating an Intrusion Detection System (IDS) for Automotive Controller Area Network (CAN) We propose two quantised multi-layer perceptrons (QMLP's) as isolated IDSs for detecting a range of attack vectors including Denial-of-Service, Fuzzing and Spoofing. The proposed models achieve the state-of-the-art classification accuracy for all the attacks, while we observed a 15x reduction in power consumption when compared against the GPU-based implementation of the same models quantised using Nvidia libraries.
arXiv Detail & Related papers (2024-01-19T13:51:24Z)
X-CANIDS: Signal-Aware Explainable Intrusion Detection System for Controller Area Network-Based In-Vehicle Network [6.68111081144141]
X-CANIDS dissects the payloads in CAN messages into human-understandable signals using a CAN database. X-CANIDS can detect zero-day attacks because it does not require any labeled dataset in the training phase.
arXiv Detail & Related papers (2023-03-22T03:11:02Z)
Single-photon-memory measurement-device-independent quantum secure direct communication [63.75763893884079]
Quantum secure direct communication (QSDC) uses the quantum channel to transmit information reliably and securely. In order to eliminate the security loopholes resulting from practical detectors, the measurement-device-independent (MDI) QSDC protocol has been proposed. We propose a single-photon-memory MDI QSDC protocol (SPMQC) for dispensing with high-performance quantum memory.
arXiv Detail & Related papers (2022-12-12T02:23:57Z)
Deep Learning-Based Rate-Splitting Multiple Access for Reconfigurable Intelligent Surface-Aided Tera-Hertz Massive MIMO [56.022764337221325]
Reconfigurable intelligent surface (RIS) can significantly enhance the service coverage of Tera-Hertz massive multiple-input multiple-output (MIMO) communication systems. However, obtaining accurate high-dimensional channel state information (CSI) with limited pilot and feedback signaling overhead is challenging. This paper proposes a deep learning (DL)-based rate-splitting multiple access scheme for RIS-aided Tera-Hertz multi-user multiple access systems.
arXiv Detail & Related papers (2022-09-18T03:07:37Z)
CANShield: Signal-based Intrusion Detection for Controller Area Networks [29.03951113836835]
We propose CANShield, a signal-based intrusion detection framework for the CAN bus. CanShield consists of three modules: a data preprocessing module that handles the high-dimensional CAN data stream at the signal level; a data analyzer module consisting of multiple deep autoencoder networks, each analyzing the time-series data from a different temporal perspective; and an attack detection module that uses an ensemble method to make the final decision.
arXiv Detail & Related papers (2022-05-03T04:52:44Z)
Deep Reinforcement Learning for Wireless Scheduling in Distributed Networked Control [37.10638636086814]
We consider a joint uplink and downlink scheduling problem of a fully distributed wireless control system (WNCS) with a limited number of frequency channels.<n>We develop a deep reinforcement learning (DRL) based framework for solving it.<n>To tackle the challenges of a large action space in DRL, we propose novel action space reduction and action embedding methods.
arXiv Detail & Related papers (2021-09-26T11:27:12Z)
Time-Based CAN Intrusion Detection Benchmark [0.0]
Vehicle control systems are vulnerable to message injection attacks. Time-based intrusion detection systems (IDSs) have been proposed to detect these messages. We benchmark four time-based IDSs against the newly published ROAD dataset. We also develop an after-market plug-in detector using lightweight hardware.
arXiv Detail & Related papers (2021-01-14T18:33:19Z)

This list is automatically generated from the titles and abstracts of the papers in this site.