Efficient Intrusion Detection With Bloom Filtering in Controller Area Networks

Efficient Intrusion Detection With Bloom Filtering in Controller Area Networks, Publisher: IEEE
Bogdan Groza; Pal-Stefan Murvay
https://www.aut.upt.ro/~pal-stefan.murvay/papers/efficient_intrusion_detection_bloom_filtering_controller_area_networks.pdf
https://ieeexplore.ieee.org/document/8457262

reference

1. A. Appleby. ( 2008 ). Murmurhash. [Online]. Available: https://sites.google.com/site/murmurhash
2. B. H. Bloom, “Space/time trade-offs in hash coding with allowable errors,” Commun. ACM, vol. 13, no. 7, pp. 422–426, 1970.
3. S. Checkoway, “Comprehensive experimental analyses of automotive attack surfaces,” in Proc. USENIX Secur. Symp., San Francisco, CA, USA, 2011, pp. 1–16.
4. K.-T. Cho and K. G. Shin, “Error handling of in-vehicle networks makes them vulnerable,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2016, pp. 1044–1055.
5. K.-T. Cho and K. G. Shin, “Fingerprinting electronic control units for vehicle intrusion detection,” in Proc. 25th USENIX Secur. Symp., 2016, pp. 911–927.
6. W. Choi, H. J. Jo, S. Woo, J. Y. Chun, J. Park, and D. H. Lee, “Identifying ecus using inimitable characteristics of signals in controller area networks,” IEEE Trans. Veh. Technol., vol. 67, no. 6, pp. 4757–4770, Jun. 2018.
7. W. Choi, K. Joo, H. J. Jo, M. C. Park, and D. H. Lee, “VoltageIDS: Low-level communication characteristics for automotive intrusion detection system,” IEEE Trans. Inf. Forensics Security, vol. 13, no. 8, pp. 2114–2129, Aug. 2018.
8. S. Dario, M. Mirco, and C. Michele, “Detecting attacks to internal vehicle networks through Hamming distance,” in Proc. IEEE AEIT Int. Annu. Conf.-Infrastruct. Energy ICT (AEIT), Sep. 2017, pp. 1–6.
9. C. E. Everett and D. McCoy, “OCTANE (open car testbed and network experiments): Bringing cyber-physical security research to researchers and students,” presented at the 6th Workshop Cyber Secur. Exp. Test. (USENIX), 2013.
10. H. Giannopoulos, A. M. Wyglinski, and J. Chapman, “Securing vehicular controller area networks: An approach to active bus-level countermeasures,” IEEE Veh. Technol. Mag., vol. 12, no. 4, pp. 60–68, Dec. 2017.
11. B. Groza, P.-S. Murvay, A. van Herrewege, and I. Verbauwhede, “LiBrA-CAN: A lightweight broadcast authentication protocol for controller area networks,” in Proc. 11th Int. Conf. Cryptol. Netw. Secur. (CANS), in Lecture Notes in Computer Science. New York, NY, USA : Springer-Verlag, 2012, pp. 185–200.
12. B. Groza and S. Murvay, “Efficient protocols for secure broadcast in controller area networks,” IEEE Trans. Ind. Informat., vol. 9, no. 4, pp. 2034–2042, Nov. 2013.
    View Article
13. O. Hartkopp, C. Reuber, and R. Schilling, “Message authenticated CAN,” in Proc. 10th Int. Conf. Embedded Secur. Cars (ESCAR), 2012, p. 1.
14. T. Hoppe, S. Kiltz, and J. Dittmann, “Applying intrusion detection to automotive it-early insights and remaining challenges,” J. Inf. Assurance Secur., vol. 4, no. 6, pp. 226–235, 2009.
15. T. Hoppe, S. Kiltz, and J. Dittmann, “Security threats to automotive CAN networks—Practical examples and selected short-term countermeasures,” Rel. Eng. Syst. Saf., vol. 96, no. 1, pp. 11–25, 2011.
16. S. Jain and J. Guajardo, “Physical layer group key agreement for automotive controller area networks,” in Proc. Conf. Cryptograph. Hardw. Embedded Syst., 2016, pp. 85–105.
17. M.-J. Kang and J.-W. Kang, “Intrusion detection system using deep neural network for in-vehicle network security,” PLoS ONE, vol. 11, no. 6, p. e0155781, 2016.
18. M.-J. Kang and J.-W. Kang, “A novel intrusion detection method using deep neural network for in-vehicle network security,” in Proc. IEEE 83rd Veh. Technol. Conf. (VTC Spring), May 2016, pp. 1–5.
19. K. Koscher, “Experimental security analysis of a modern automobile,” in Proc. IEEE Symp. Secur. Privacy (SP), May 2010, pp. 447–462.
20. R. Kurachi, Y. Matsubara, H. Takada, N. Adachi, Y. Miyashita, and S. Horihata, “CaCAN—Centralized authentication system in CAN (controller area network),” in Proc. 14th Int. Conf. Embedded Secur. Cars (ESCAR), 2014, pp. 1–10.
21. H. Lee, S. H. Jeong, and H. K. Kim, “OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame,” in Proc. PST (Privacy, Secur. Trust), 2017, pp. 1–10.
22. H. Lee and A. Nakao, “Improving Bloom filter forwarding architectures,” IEEE Commun. Lett., vol. 18, no. 10, pp. 1715–1718, Oct. 2014.
23. H. Li, L. Zhao, M. Juliato, S. Ahmed, M. R. Sastry, and L. L. Yang, “POSTER: Intrusion detection system for in-vehicle networks using sensor correlation and integration,” in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2017, pp. 2531–2533.
24. H. Lim, J. Lee, and C. Yim, “Complement Bloom filter for identifying true positiveness of a Bloom filter,” IEEE Commun. Lett., vol. 19, no. 11, pp. 1905–1908, Nov. 2015.
25. C.-W. Lin, Q. Zhu, C. Phung, and A. Sangiovanni-Vincentelli, “Security-aware mapping for CAN-based real-time distributed automotive systems,” in Proc. IEEE/ACM Int. Conf. Comput.-Aided Design (ICCAD), Nov. 2013, pp. 115–121.
26. C.-W. Lin, Q. Zhu, and A. Sangiovanni-Vincentelli, “Security-aware modeling and efficient mapping for CAN-based real-time distributed automotive systems,” IEEE Embedded Syst. Lett., vol. 7, no. 1, pp. 11–14, Mar. 2015.
27. M. Marchetti, D. Stabili, A. Guido, and M. Colajanni, “Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms,” in Proc. Res. Technol. Soc. Ind. Leveraging Better Tomorrow (RTSI), Sep. 2016, pp. 1–6.
28. T. Matsumoto, M. Hata, M. Tanabe, K. Yoshioka, and K. Oishi, “A method of preventing unauthorized data transmission in controller area network,” in Proc. IEEE 75th Veh. Technol. Conf. (VTC Spring), May 2012, pp. 1–5.
29. C. Miller and C. Valasek, “A survey of remote automotive attack surfaces,” IOActive, Seattle, WA, USA, Tech. Rep., Accessed: Sep. 29, 2018. [Online]. Available: https://ioactive.com/pdfs/IOActive_Remote_Attack_Surfaces.pdf
30. M. R. Moore, R. A. Bridges, F. L. Combs, M. S. Starr, and S. J. Prowell, “Modeling inter-signal arrival times for accurate detection of CAN bus signal injection attacks: A data-driven approach to in-vehicle intrusion detection,” in Proc. 12th Annu. Conf. Cyber Inf. Secur. Res., 2017, p. 11.

Related Article in Qiita

CAN FD and CAN XL on arXiv
https://qiita.com/kaizen_nagoya/items/d8efb0da53cd3456f735

CAN FD & CAN XL on arXiv references
https://qiita.com/kaizen_nagoya/items/7df86c66084372a96f1d

CAN FD & CAN XL on arXiv references name order
https://qiita.com/kaizen_nagoya/items/ec5e4e4491228db534c0