TY - GEN
T1 - Anomaly Detection for In-Vehicle Communication Using Transformers
AU - Cobilean, Victor
AU - Mavikumbure, Harindra S.
AU - Wickramasinghe, Chathurika S.
AU - Varghese, Benny J.
AU - Pennington, Timothy
AU - Manic, Milos
N1 - Funding Information:
ACKNOWLEDGEMENTS The Department of Energy partly supported this work through the U.S. DOE Idaho Operations Office under Contract DE-AC07-05ID14517, and partly by the Commonwealth Cyber Initiative, an Investment in the Advancement of Cyber Research and Development, Innovation and Workforce Development (cyberinitiative.org).
Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - With the advancements of modern vehicle infrastructures, vehicles are increasingly relying on the signals received from a vast number of sensors and electronic components. Wireless technologies enable communication between vehicles and infrastructure, but it also increase the vulnerability surface. Malicious actors can remotely disrupt the vehicle's normal behavior, causing vehicle damage or worse, putting human lives in danger. To address these challenges, this paper proposes a transformer neural network-based intrusion detection system (CAN-Former IDS) that predicts anomalous behavior within the CAN protocol communication. Previous work typically addresses the prediction over the sequence of the CAN IDs. In this paper, we will simultaneously analyze both the sequence of IDs and the message payload values. The advantages of our approach are: 1) fully self-supervised training, which does not require labeled data, 2) self learning interactions between input tokens without relying on hand-crafted features. The transformer neural network is trained to predict the next communication sequence and anomalous communication is identified by comparing the real sequence to the predicted expected sequence. We evaluated our approach using a publicly available data set known as survival analysis data set, containing CAN communication from three different cars.
AB - With the advancements of modern vehicle infrastructures, vehicles are increasingly relying on the signals received from a vast number of sensors and electronic components. Wireless technologies enable communication between vehicles and infrastructure, but it also increase the vulnerability surface. Malicious actors can remotely disrupt the vehicle's normal behavior, causing vehicle damage or worse, putting human lives in danger. To address these challenges, this paper proposes a transformer neural network-based intrusion detection system (CAN-Former IDS) that predicts anomalous behavior within the CAN protocol communication. Previous work typically addresses the prediction over the sequence of the CAN IDs. In this paper, we will simultaneously analyze both the sequence of IDs and the message payload values. The advantages of our approach are: 1) fully self-supervised training, which does not require labeled data, 2) self learning interactions between input tokens without relying on hand-crafted features. The transformer neural network is trained to predict the next communication sequence and anomalous communication is identified by comparing the real sequence to the predicted expected sequence. We evaluated our approach using a publicly available data set known as survival analysis data set, containing CAN communication from three different cars.
KW - Anomaly Detection
KW - Deep Learning
KW - In-Vehicle Communications
KW - Transformer
UR - http://www.scopus.com/inward/record.url?scp=85179513252&partnerID=8YFLogxK
UR - https://www.mendeley.com/catalogue/efcbf3f9-847b-3e9a-879b-89d6aaf8e86c/
U2 - 10.1109/IECON51785.2023.10311788
DO - 10.1109/IECON51785.2023.10311788
M3 - Conference contribution
AN - SCOPUS:85179513252
SN - 9798350331820
T3 - IECON Proceedings (Industrial Electronics Conference)
SP - 1
EP - 6
BT - IECON 2023 - 49th Annual Conference of the IEEE Industrial Electronics Society
PB - IEEE Computer Society
T2 - 49th Annual Conference of the IEEE Industrial Electronics Society, IECON 2023
Y2 - 16 October 2023 through 19 October 2023
ER -