基于熵的车载CAN总线异常检测研究  被引量:8

Research on Anomaly Detection of InVehicle CAN Bus Based on Entropy

在线阅读下载全文

作  者:张海春 姜荣帅 王颉 鲁赵骏 刘政林[1] Zhang Haichun;Jiang Rongshuai;Wang Jie;Lu Zhaojun;Liu Zhenglin(School of Optical and Electronic Information,Huazhong University of Science and Technology,Wuhan 430074;Shenzhen Kaiyuan Internet Security Technology Co.,Ltd.,Shenzhen 518000;School of Cyber Science and Engineering,Huazhong University of Science and Technology,Wuhan 430074)

机构地区:[1]华中科技大学光学与电子信息学院,武汉430074 [2]深圳开源互联网安全技术有限公司,深圳518000 [3]华中科技大学网络空间安全学院,武汉430074

出  处:《汽车工程》2021年第10期1543-1548,共6页Automotive Engineering

基  金:国家自然科学基金(61874047);深圳市创新创业专项—技术攻关面上项目(202011023000308)资助。

摘  要:由于缺乏加密、完整性校验和身份认证机制,车载CAN总线容易遭受攻击而造成总线数据帧流量异常。为检测攻击者注入车载CAN总线的异常数据帧流量,本文中在分析了基于信息熵的车载CAN总线异常检测机制的基础上,提出了基于相对熵的车载CAN总线异常检测机制,弥补了前者无法检测出异常细节信息的缺陷。在某型号福特车辆上的实验结果表明,基于相对熵的车载CAN总线异常检测机制不仅可以检测出DoS攻击、重放攻击造成的总线数据帧流量异常,还可以检测出具体的攻击类型和异常数据帧的ID,并且取得了较高的检测效率。Due to lack of encryption,integrity verification,and identity authentication mechanism,the vehicle Controller Area Network(CAN)bus is prone to attacks that cause abnormal bus data frame flow.In order to detect the abnormal data frame traffic injected by the attacker into the vehicle CAN bus,this paper analyzes the vehicle CAN bus anomaly detection mechanism based on information entropy,and proposes a vehicle CAN bus anomaly detection mechanism based on relative entropy,which makes up for the former′s defect of inability to detect abnormal details of the defect.The experimental results on a certain Ford vehicle show that the CAN bus anomaly detection mechanism based on relative entropy can not only detect the abnormal flow of bus data frames caused by DoS attacks and replay attacks,but also detect specific attack types and abnormal CAN ID of the frame,with high detection efficiency.

关 键 词:车载CAN总线 相对熵 信息熵 异常检测 

分 类 号:TN915.08[电子电信—通信与信息系统] U463.6[电子电信—信息与通信工程]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象