车载以太网环境下CAN总线入侵检测系统兼容性评估与优化

doi:10.3969/j.issn.1671-1122.2025.08.001

信息网络安全 ›› 2025, Vol. 25 ›› Issue (8): 1175-1195.doi: 10.3969/j.issn.1671-1122.2025.08.001

车载以太网环境下CAN总线入侵检测系统兼容性评估与优化

曹越¹, 方泊璎¹(), 魏高达¹, 李金宇¹, 杨洋², 彭涛³^,⁴

1.武汉大学国家网络安全学院，武汉 430040
2.武汉云驰未来科技有限公司，武汉 430056
3.大唐互联科技（武汉）有限公司，武汉 430056
4.工业互联网集成技术湖北省工程研究中心，武汉 430056

收稿日期:2025-03-19 出版日期:2025-08-10 发布日期:2025-09-09
通讯作者: 方泊璎 E-mail:2022302181172@whu.edu.cn
作者简介:曹越（1984—），男，湖北，教授，博士，CCF会员，主要研究方向为智能交通系统、车联网安全|方泊璎（2004—），女，湖北，本科，主要研究方向为车联网异常行为检测|魏高达（2002—），男，河南，硕士研究生，主要研究方向为车联网异常行为检测|李金宇（2003—），男，湖北，本科，主要研究方向为车联网异常行为检测|杨洋（1976—），女，湖北，高级工程师，硕士，主要研究方向为车联网安全|彭涛（1979—），男，湖北，高级工程师，博士，主要研究方向为智能制造、工业互联网
基金资助:
国家重点研发计划(2024YFB3108400);湖北省技术创新计划重大科技项目(2024BAA011);武汉市人工智能创新专项(2023010402040020)

Compatibility Evaluation and Optimization of CAN Bus Intrusion Detection Systems in In-Vehicle Ethernet Environment

CAO Yue¹, FANG Boying¹(), WEI Gaoda¹, LI Jinyu¹, YANG Yang², PENG Tao³^,⁴

1. School of Cyber Science and Engineering, Wuhan University, Wuhan 430040, China
2. Wuhan INCHTEK Technology Co., Ltd., Wuhan 430056, China
3. Datang Interconnect Technology (Wuhan) Co., Ltd., Wuhan 430056, China
4. Hubei Provincial Engineering Research Center for Industrial Internet Integration Technology, Wuhan 430056, China

Received:2025-03-19 Online:2025-08-10 Published:2025-09-09

摘要/Abstract

摘要：

智能网联汽车的快速发展推动车载网络架构从传统CAN总线向高带宽、强拓展性的以太网转型。针对CAN总线入侵检测系统在车载以太网环境下的兼容性进行评估，既能有效利用现有安全资源、降低系统设计成本，又能为智能网联汽车安全架构顺利演进提供系统性解决方案。然而，由于CAN总线与车载以太网在通信特性、协议栈架构和数据传输机制等方面存在显著差异，如何实现安全资源的有效转化成为关键问题。为此，文章从跨协议适应性、检测方法兼容性、处理能力和扩展性4个维度，系统分析了现有CAN总线入侵检测系统的以太网兼容性，并提出多层级协议适配、检测方法改进、实时性与资源分配优化以及架构扩展性增强等优化策略。

关键词: 智能网联汽车, CAN总线, 以太网, 入侵检测系统, 兼容性

Abstract:

The rapid development of intelligent connected vehicles has driven the evolution of in-vehicle network architectures from traditional CAN bus to Ethernet with higher bandwidth and stronger scalability. By evaluating the compatibility of the CAN bus intrusion detection system in the in-vehicle Ethernet environment, it is possible to maximize the utilization of existing security resources, providing a systematic solution for the evolution of the security architecture of intelligent connected vehicles while reducing system design costs. However, there are significant differences between CAN bus and in-vehicle Ethernet in terms of communication characteristics, protocol stacks, and data transmission mechanisms. To address the issue of security resource transformation, this paper comprehensively analyzed the Ethernet compatibility of existing CAN intrusion detection systems from four dimensions, including protocol adaptability, detection method compatibility, processing capacity, and expandability. Moreover, optimization strategies such as multi-level protocol adaptation, detection method improvement, real-time performance and resource optimization, and enhanced architecture expandability were proposed.

Key words: intelligent connected vehicles, CAN bus, Ethernet, intrusion detection system, compatibility

中图分类号:

TP309

曹越, 方泊璎, 魏高达, 李金宇, 杨洋, 彭涛. 车载以太网环境下CAN总线入侵检测系统兼容性评估与优化[J]. 信息网络安全, 2025, 25(8): 1175-1195.

CAO Yue, FANG Boying, WEI Gaoda, LI Jinyu, YANG Yang, PENG Tao. Compatibility Evaluation and Optimization of CAN Bus Intrusion Detection Systems in In-Vehicle Ethernet Environment[J]. Netinfo Security, 2025, 25(8): 1175-1195.

图/表 16

图1

图2

图3

图4

图5

图6

图7

表1

表2

图8

表3

图9

表4

图10

表5

图11

参考文献 61

[1]	China-SAE, National Intelligent Connected Vehicle Innovation Center. Annual Report on the Development of China Intelligent Connected Vehicle Industry(2023-2024)[M]. Beijing: Social Sciences Literature Publishing House, 2024.
	中国汽车工程学会, 国家智能网联汽车创新中心. 中国智能网联汽车产业发展报告(2023-2024)[M]. 北京: 社会科学文献出版社, 2024.
[2]	National Development and Reform Commission of the People's Republic of China, Ministry of Industry and Information Technology of the People's Republic of China, Ministry of Science and Technology of the People's Republic of China, et al. Innovative Development Strategy for Intelligent Vehicles[EB/OL]. (2020-02-24)[2025-03-01]. https://www.ndrc.gov.cn/xxgk/zcfb/tz/202002/P020200224573058971435.pdf.
	中华人民共和国国家发展和改革委员会, 中华人民共和国工业和信息化部, 中华人民共和国科学技术部, 等. 智能汽车创新发展战略[EB/OL]. (2020-02-24)[2025-03-01]. https://www.ndrc.gov.cn/xxgk/zcfb/tz/202002/P020200224573058971435.pdf.
[3]	Ministry of Industry and Information Technology of the People's Republic of China, Ministry of Public Security of the People's Republic of China, Ministry of Housing and Urban-Rural Development of the People's Republic of China, et al. Notice from Four Ministries on Launching Pilot Projects for Intelligent Connected Vehicles Access and Road Traffic[EB/OL].(2023-11-17)[2025-03-01].https://www.gov.cn/zhengce/zhengceku/202311/content_6915788.htm.
	中华人民共和国工业和信息化部, 中华人民共和国公安部, 中华人民共和国住房和城乡建设部, 等. 四部委关于开展智能网联汽车准入和上路通行试点工作的通知[EB/OL]. (2023-11-17)[2025-03-01]. https://www.gov.cn/zhengce/zhengceku/202311/content_6915788.htm.
[4]	LAMPE B, MENG Weizhi. A Survey of Deep Learning-Based Intrusion Detection in Automotive Applications[EB/OL]. (2023-07-01)[2025-03-01]. https://www.sciencedirect.com/science/article/pii/S0957417423002725.
[5]	RAJAPAKSHA S, KALUTARAGE H, AL-KADRI M O, et al. AI-Based Intrusion Detection Systems for In-Vehicle Networks: A Survey[J]. ACM Computing Surveys, 2023, 55(11): 1-40.
[6]	HAN M L, KWAKET B I, KIM H K, et al. TOW-IDS: Intrusion Detection System Based on Three Overlapped Wavelets for Automotive Ethernet[J]. IEEE Transactions on Information Forensics and Security, 2022(18): 411-422.
[7]	CAO Yue, LYU Chenchen, SUN Yaping, et al. Review of Research on Misbehavior Detection in VANET[J]. Netinfo Security, 2023, 23(4): 10-19.
	曹越, 吕臣臣, 孙娅苹, 等. 面向车联网环境的异常行为检测机制研究综述[J]. 信息网络安全, 2023, 23(4): 10-19.
[8]	WANG Qiyan, SAWHNEY S. VeCure: A Practical Security Framework to Protect the CAN Bus of Vehicles[C]// IEEE. 2014 International Conference on the Internet of Things (IOT). New York: IEEE, 2014: 13-18.
[9]	GROZA B, MURVAY S. Efficient Protocols for Secure Broadcast in Controller Area Networks[J]. IEEE Transactions on Industrial Informatics, 2013, 9(4): 2034-2042.
[10]	HERREWEGE A V, SINGELEE D, VERBAUWHEDE I. CANAuth-A Simple, Backward Compatible Broadcast Authentication Protocol for CAN Bus[EB/OL]. (2011-01-01)[2025-03-01]. https://www.researchgate.net/publication/235323481_CANAuth_-_A_Simple_Backward_Compatible_Broadcast_Authentication_Protocol_for_CAN_bus.
[11]	SIDDIQUI A S, GUI Yutian, PLUSQUELLIC J, et al. Secure Communication over CANBus[C]// IEEE. 2017 IEEE 60th International Midwest Symposium on Circuits and Systems(MWSCAS). New York: IEEE, 2017: 1264-1267.
[12]	HALABI J, ARTAIL H. A Lightweight Synchronous Cryptographic Hash Chain Solution to Securing the Vehicle CAN Bus[C]// IEEE. 2018 IEEE International Multidisciplinary Conference on Engineering Technology(IMCET). New York: IEEE, 2018: 1-6.
[13]	VERENDEL V, NILSSON D K, LARSON U E, et al. An Approach to Using Honeypots in In-Vehicle Networks[C]// IEEE. 2008 IEEE 68th Vehicular Technology Conference. New York: IEEE, 2008: 1-5.
[14]	HOSSAIN D M, INOUE H, OCHIAI H, et al. An Effective In-Vehicle CAN Bus Intrusion Detection System Using CNN Deep Learning Approach[C]// IEEE. GLOBECOM 2020-2020 IEEE Global Communications Conference. New York: IEEE, 2020: 1-6.
[15]	LOKMAN S F, OTHMAN A T, ABU-BAKAR M H. Intrusion Detection System for Automotive Controller Area Network(CAN) Bus System: A Review[J]. EURASIP Journal on Wireless Communications and Networking, 2019(1): 184-200.
[16]	HAAS R E, MÖLLER D P F, BANSAL P, et al. Intrusion Detection in Connected Cars[C]// IEEE. 2017 IEEE International Conference on Electro Information Technology (EIT). New York: IEEE, 2017: 516-519.
[17]	YANG Zi. Research on Key Technologies of Vehicle Ethernet[J]. Automation Application, 2024, 65(12): 256-258.
	杨子. 车载以太网关键技术的研究[J]. 自动化应用, 2024, 65(12): 256-258.
[18]	FU Dandan, ZHAO Jie, MEI Shaonan, et al. Application of Automotive Ethernet Communication Technology Based on Heavy Duty Automobile[J]. Auto Electric Parts, 2021(7): 34-35, 39.
	符丹丹, 赵杰, 美少楠, 等. 基于商用车的车载以太网通信技术应用[J]. 汽车电器, 2021(7): 34-35, 39.
[19]	Huaxia EV. A Brief Analysis of the Development Status and Trends of Ethernet Technology in Intelligent Vehicles[EB/OL]. (2022-07-18)[2025-03-01].http://www.evinchina.com/articleshow-180.html.
	华夏EV. 简析智能汽车以太网技术发展现状与趋势[EB/OL]. (2022-07-18)[2025-03-01]. http://www.evinchina.com/articleshow-180.html.
[20]	35.100.10 35.110-Physical layer Networking 802.3cy-2023-IEEE Standard for Ethernet Amendment8: Physical Layer Specifications and Management Parameters for 25 Gb/s-Electrical Automotive Ethernet[S]. New York: IEEE, 2023.
[21]	Beijing Xinsijie International Information Consulting Co., Ltd. Deep Research Report on Global and Chinese TSN Switching Chip (Time Sensitive Network Switching Chip) Industry in 2025[EB/OL]. (2024-12-19)[2025-03-01]. http://www.newsijie.com/baogao/2024/1219/11349412.html.
	北京新思界国际信息咨询有限公司. 2025年全球及中国TSN交换芯片(时间敏感网络交换芯片)产业深度研究报告[EB/OL]. (2024-12-19)[2025-03-01]. http://www.newsijie.com/baogao/2024/1219/11349412.html.
[22]	DIAO Zhaokun, CAO Shiqiang, MENG Fanli. Technology Development and Application Profiling of Internet of Things Based on “Loud, Pipe, Terminal”[J]. Telecom Engineering Technics and Standardization, 2012, 25(6): 36-41.
	刁兆坤, 曹世强, 孟繁丽. 物联网“云管端”的技术发展与应用[J]. 电信工程技术与标准化, 2012, 25(6): 36-41.
[23]	IDTechEX. Future Automotive Technologies 2024-2034: Applications, Megatrends, Forecasts[EB/OL]. (2023-12-19)[2025-03-01]. https://www.idtechex.com/en/research-report/future-automotive-technologies-2024-2034-applications-megatrends-forecasts/979.
[24]	REN Kui, YANG Kun, SHEN Haoting, et al. A Survey of Cybersecurity for Intelligent Connected Vehicles[J]. Journal of Cybersecurity, 2024, 2(6): 16-35.
[25]	ALFARDUS A, RAWAT D B. Intrusion Detection System for CAN Bus In-Vehicle Network Based on Machine Learning Algorithms[C]// IEEE. 2021 IEEE 12th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON). New York: IEEE, 2021: 944-949.
[26]	KOSCHER K, CZESKIS A, ROESNER F, et al. Experimental Security Analysis of a Modern Automobile[C]// IEEE. 2010 IEEE Symposium on Security and Privacy. New York: IEEE, 2010: 447-462.
[27]	GOODIN D. There's a New Form of Keyless Car Theft that Works in under 2 Minutes[EB/OL]. (2023-04-08)[2025-03-01]. https://arstechnica.com/information-technology/2023/04/crooks-are-stealing-cars-using-previously-unknown-keyless-can-injection-attacks/.
[28]	HOSSAIN M D, INOUE H, OCHIAI H, et al. LSTM-Based Intrusion Detection System for In-Vehicle Can Bus Communications[J]. IEEE Access, 2020, 8: 185489-185502.
[29]	DOUSS A B C, ABASSI R, SAUVERON D. State-of-the-Art Survey of In-Vehicle Protocols and Automotive Ethernet Security and Vulnerabilities[J]. Mathematical Biosciences and Engineering, 2023, 20(9): 17057-17095. doi: 10.3934/mbe.2023761 pmid: 37920047
[30]	Huawei Technologies Co., Ltd. IP Autonomous Driving Network White Paper[EB/OL]. (2024-06-27)[2025-03-01]. https://carrier.huawei.com/-/media/cnbgv2/download/products/networks/IP-ADN-WP.pdf.
	华为技术有限公司. IP自动驾驶网络白皮书[EB/OL]. (2024-06-27) [2025-03-01]. https://carrier.huawei.com/-/media/cnbgv2/download/products/networks/IP-ADN-WP.pdf.
[31]	CHEN Paizhang. The Analysis of the Common Attacking Methods of TCP/IP Protocol[J]. Journal of Ningde Teachers College(Natural Science), 2010, 22(1): 56-58.
	陈派樟. 基于TCP/IP协议的常见攻击方法[J]. 宁德师专学报(自然科学版), 2010, 22(1): 56-58.
[32]	KODURU S, MACHINA S P, MADICHETTY S, et al. Data-Driven Solutions for Next-Generation Automotive Cybersecurity[J]. Transactions of the Indian National Academy of Engineering, 2024, 9(4): 847-866.
[33]	JEONG S, KIM H K, HAN M L, et al. AERO: Automotive Ethernet Real-Time Observer for Anomaly Detection in In-Vehicle Networks[J]. IEEE Transactions on Industrial Informatics, 2023, 20(3): 4651-4662.
[34]	ALKHATIB N, GHAUCH H, DANGER J L. SOME/IP Intrusion Detection Using Deep Learning-Based Sequential Models in Automotive Ethernet Networks[C]// IEEE. 2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). New York: IEEE, 2021: 954-962.
[35]	MARQUES D L L F, ARAUJO-FILHO P F D, CAMPELO D R. Multi-Stage Deep Learning-Based Intrusion Detection System for Automotive Ethernet Networks[EB/OL]. (2024-09-01)[2025-03-01]. https://doi.org/10.1016/j.adhoc.2024.103548.
[36]	SCHELL O, KNEIB M. VALID: Voltage-Based Lightweight Intrusion Detection for the Controller Area Network[C]// IEEE. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). New York: IEEE, 2020: 225-232.
[37]	ISLAM R, REFAT R U D, YERRAM S M, et al. Graph-Based Intrusion Detection System for Controller Area Networks[J]. IEEE Transactions on Intelligent Transportation Systems, 2022, 23(3): 1727-1736.
[38]	SONG H M, KIM H R, KIM H K. Intrusion Detection System Based on the Analysis of Time Intervals of CAN Messages for In-Vehicle Network[C]// IEEE. 2016 International Conference on Information Networking (ICOIN). New York: IEEE, 2016: 63-68.
[39]	LAMPE B, MENG Weizhi. IDS for CAN: A Practical Intrusion Detection System for CAN Bus Security[C]// IEEE. 2022 IEEE Global Communications Conference (GLOBECOM). New York: IEEE, 2022: 1782-1787.
[40]	LONGARI S, NOVA V D H, ZAGO M, et al. CANnolo: An Anomaly Detection System Based on LSTM Autoencoders for Controller Area Network[J]. IEEE Transactions on Network and Service Management, 2021, 18(2): 1913-1924.
[41]	ZHANG Linxi, MA Di. A Hybrid Approach Toward Efficient and Accurate Intrusion Detection for In-Vehicle Networks[J]. IEEE Access, 2022(10): 10852-10866.
[42]	LARSON U E, NILSSON D K, JONSSON E. An Approach to Specification-Based Attack Detection for In-Vehicle Networks[C]// IEEE. 2008 IEEE Intelligent Vehicles Symposium. New York: IEEE, 2008: 220-225.
[43]	MARKOVITZ M, WOOL A. Field Classification, Modeling and Anomaly Detection in Unknown CAN Bus Networks[J]. Vehicular Communications, 2017(9): 43-52.
[44]	LEE H, JEONG S H, KIM H K. OTIDS: A Novel Intrusion Detection System for In-Vehicle Network by Using Remote Frame[C]// IEEE. 2017 15th Annual Conference on Privacy, Security and Trust (PST). New York: IEEE, 2017: 5700-5709.
[45]	OLUFOWOBI H, YOUNG C, ZAMBRENO J, et al. SAIDuCANT: Specification-Based Automotive Intrusion Detection Using Controller Area Network (CAN) Timing[J]. IEEE Transactions on Vehicular Technology, 2020, 69(2): 1484-1494.
[46]	MARCHETTI M, STABILI D. Anomaly Detection of CAN Bus Messages through Analysis of ID Sequences[C]// IEEE. 2017 IEEE Intelligent Vehicles Symposium (IV). New York: IEEE, 2017: 1577-1583.
[47]	DÖNMEZ T C M. Anomaly Detection in Vehicular CAN Bus Using Message Identifier Sequences[J]. IEEE Access, 2021(9): 136243-136252.
[48]	SONG Jiaru, QIN Guihe, LIANG Yanhua, et al. SIDiLDNG: A Similarity-Based Intrusion Detection System Using Improved Levenshtein Distance and N-Gram for CAN[EB/OL]. (2024-07-05)[2025-03-01]. https://doi.org/10.1016/j.cose.2024.103847.
[49]	MÜTER M, ASAJ N. Entropy-Based Anomaly Detection for In-Vehicle Networks[C]// IEEE. 2011 IEEE Intelligent Vehicles Symposium(IV). New York: IEEE, 2011: 1110-1115.
[50]	SEO E, SONG H M, KIM H K. GIDS: GAN Based Intrusion Detection System for In-Vehicle Network[C]// IEEE. 2018 16th Annual Conference on Privacy, Security and Trust (PST). New York: IEEE, 2018: 1-6.
[51]	SAMI M, IBARRA M, ESPARZA A C, et al. Rapid, Multi-Vehicle and Feed-Forward Neural Network Based Intrusion Detection System for Controller Area Network Bus[C]// IEEE. 2020 IEEE Green Energy and Smart Systems Conference (IGESSC). New York: IEEE, 2020: 1-6.
[52]	NASRELDIN A, BAHAA-ELDIN A M, SOBH M A. In-Vehicle Intrusion Detection Based on Deep Learning Attention Technique[C]// IEEE. 2021 16th International Conference on Computer Engineering and Systems(ICCES). New York: IEEE, 2021: 1-7.
[53]	LI Sifan, CAO Yue, HADI H J, et al. ECF-IDS: An Enhanced Cuckoo Filter-Based Intrusion Detection System for In-Vehicle Network[J]. IEEE Transactions on Network and Service Management, 2024, 21(4): 3846-3860.
[54]	HANSELMANN M, STRAUSS T, DORMANN K, et al. CANet: An Unsupervised Intrusion Detection System for High Dimensional CAN Bus Data[J]. IEEE Access, 2020(8): 58194-58205.
[55]	DESTA A K, OHIRA S, ARAI I, et al. MLIDS: Handling Raw High-Dimensional CAN Bus Data Using Long Short-Term Memory Networks for Intrusion Detection in In-Vehicle Networks[C]// IEEE. 2020 30th International Telecommunication Networks and Applications Conference (ITNAC). New York: IEEE, 2020: 1-7.
[56]	NAM M, PARK S, KIM D S. Intrusion Detection Method Using Bi-Directional GPT for In-Vehicle Controller Area Networks[J]. IEEE Access, 2021(9): 124931-124944.
[57]	AGRAWAL K, ALLADI T, AGRAWAL A, et al. NovelADS: A Novel Anomaly Detection System for Intra-Vehicular Networks[J]. IEEE Transactions on Intelligent Transportation Systems, 2022, 23(11): 22596-22606.
[58]	ZHANG Linxi, YAN Xuke, MA Di. Efficient and Effective In-Vehicle Intrusion Detection System Using Binarized Convolutional Neural Network[C]// IEEE. IEEE INFOCOM 2024-IEEE Conference on Computer Communications. New York: IEEE, 2024: 2299-2307.
[59]	CHO K T, SHIN K. Viden: Attacker Identification on In-Vehicle Networks[EB/OL]. (2017-08-28)[2025-03-01]. https://doi.org/10.48550/arXiv.1708.08414.
[60]	CHOI W, JOO K, JO H J, et al. VoltageIDS: Low-Level Communication Characteristics for Automotive Intrusion Detection System[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(8): 2114-2129.
[61]	DENG Zhouyan, LIU Jiajia, XUN Yijie, et al. IdentifierIDS: A Practical Voltage-Based Intrusion Detection System for Real In-Vehicle Networks[J]. IEEE Transactions on Information Forensics and Security, 2023(19): 661-676.

评估维度	二级标准	基准分	评分标准
F₁维度协议特性依赖性（40%）	F_1.1显式协议依赖	6分	每依赖一个CAN数据帧专有字段特征（如CAN ID、CAN DLC）或CAN协议独有的通信特征（如基于CAN ID优先级的广播式传输）扣2分，最多扣6分
F₁维度协议特性依赖性（40%）	F_1.2协议无关声明	0分	每依赖一个CAN协议无关特征（如载荷熵、消息时间间隔），加2分
F₂维度检测方法兼容性（25%）	F_2.1网络层次抽象度	-	方法基于物理层信号特征（如电压、时钟），得1分
			方法基于链路层通用属性（如帧间隔、载荷熵），得3分
			方法基于网络层或传输层特性（如具体协议范式），得5分
	F_2.2以太网攻击覆盖范围	0分	能检测CAN总线特有攻击（如检测基于高优先级ID的DDoS攻击），不加分
	F_2.2以太网攻击覆盖范围	0分	能检测CAN与车载以太网共有攻击（如数据注入攻击、重放攻击），每种共有攻击加1分，最多加5分
F₃维度处理能力适应性（15%）	F_3.1检测算法复杂度	-	规则方法（算法复杂度近似O(1)），得10分
			轻量机器学习方法（算法复杂度近似O(n)~O(nlog n)），得7分	若提及模型压缩、数据量减少等优化机制，额外加2分
			采用深度学习模型（算法复杂度近似O(n2)），得5分	若提及模型压缩、数据量减少等优化机制，额外加2分
F₄维度检测架构扩展性（20%）	F_4.1模块化设计	0分	具有模块化设计，例如，明确划分协议解析、检测模块、响应模块等，得4分
F₄维度检测架构扩展性（20%）	F_4.2组件可替换性	0分	关键组件易于替换升级而不影响整体架构运行，每具备一个可替换的独立模块加2分，最多加6分

方法	分类	IDS入侵检测原理	F₁(40%)		F₂(25%)		F₃(15%)	F₄(20%)		S	兼容性评级
方法	分类	IDS入侵检测原理	F_1.1	F_1.2	F_2.1	F_2.2	F_3.1	F_4.1	F_4.2	S	兼容性评级
文献[37]方法	图模型	计算正常CAN消息的图属性均值和标准差，并设置阈值，从而识别出异常数据	2	2	5	3	7	4	2	5.85	中
文献[38]方法	时序特征	检验具有相同ID消息的时间间隔，并与统计数据对比以实现入侵检测	4	2	5	1	10	0	0	5.40	中
文献[39]方法	ID 序列	通过HMM建模正常ID序列的转移概率分布，通过检测异常ID转移模式来识别入侵行为	2	0	5	2	7	4	2	4.80	低
文献[42]方法	规则	基于CAN协议规范进行入侵检测	2	2	5	3	10	0	0	5.10	中
文献[43]方法	规则	基于CAN消息字段的规范评分进行入侵检测	6	2	3	0	7	4	2	6.20	中
文献[44]方法	时序特征	定期发送远程帧，并分析响应消息的特征	2	0	5	2	9	0	0	3.90	低
文献[45]方法	时序特征	通过提取实时消息时序模型参数，构建正常行为规范识别异常	4	0	5	2	7	4	2	5.60	中
文献[46]方法	ID 序列	通过马尔可夫转移矩阵建模正常ID序列的转移概率分布，通过检测异常转移模式来识别攻击行为	2	0	5	2	7	4	2	4.80	低
文献[47]方法	ID 序列	基于ID序列白名单的入侵检测	2	2	5	5	7	4	4	6.85	高
文献[48]方法	ID 序列	基于改进的Levenshtein距离和N-gram算法计算相邻帧相似度的IDS	4	0	5	3	7	4	6	6.65	高
文献[49]方法	熵	基于熵检测，熵的计算仅考虑静态字段内容，未考虑动态特征	6	4	3	2	7	0	0	6.30	中

方法	IDS入侵检测原理	F₁(40%)		F₂(25%)		F₃(15%)	F₄(20%)		S	兼容性评级
方法	IDS入侵检测原理	F_1.1	F_1.2	F_2.1	F_2.2	F_3.1	F_4.1	F_4.2	S	兼容性评级
文献[14]方法	采用基于单帧特征向量的CNN网络进行检测	2	2	5	1	5	4	2	5.05	中
文献[50]方法	基于GAN深度学习模型实现无监督入侵检测	4	2	5	1	5	4	4	6.25	中
文献[51]方法	使用前馈神经网络进行监督学习入侵检测，通过CAN ID和数据字节作为输入特征识别异常	4	2	5	0	5	4	2	5.60	中
文献[52]方法	使用基于注意力机制的深度学习模型分析单个CAN数据帧，通过学习正常行为特征识别并检测异常行为	2	2	5	1	5	4	4	5.45	中
文献[53]方法	通过增强型杜鹃过滤器构建正常流量与入侵流量的索引表，以实现高效的入侵检测	2	2	5	5	5	4	4	5.95	中

方法	IDS入侵检测原理	F₁(40%)		F₂(25%)		F₃(15%)	F₄(20%)		S	兼容性评级
方法	IDS入侵检测原理	F_1.1	F_1.2	F_2.1	F_2.2	F_3.1	F_4.1	F_4.2	S	兼容性评级
文献[40]方法	CANnolo使用LSTM自动编码器学习CAN总线数据序列的正常行为，并通过重建误差检测异常	4	2	5	2	5	4	4	6.50	高
文献[41]方法	结合基于规则和基于机器学习的入侵检测方法，旨在平衡高检测率和低计算成本	2	2	5	3	5	4	4	5.95	中
文献[54]方法	CANet将每个CAN ID对应的LSTM输出特征聚合为联合潜在向量，并通过计算重建误差来实现入侵检测	4	2	5	3	5	4	2	6.35	中
文献[55]方法	使用LSTM模型进行时间序列预测，并结合交叉熵损失函数计算异常信号	4	2	5	3	5	4	2	6.35	中
文献[56]方法	使用双向GPT模型进行入侵检测	4	2	5	2	5	0	2	5.30	中
文献[57]方法	使用滑动窗口方法将连续的CAN消息组合成固定长度的序列，并将每个序列作为一个整体进行检测	4	2	5	1	5	4	4	6.25	中
文献[58]方法	将连续的CAN消息序列转换为图像形式的数据表示，并基于BCNN网络实现入侵检测	4	2	3	1	5	4	2	5.35	中

方法	IDS入侵检测原理	F₁(40%)		F₂(25%)		F₃(15%)	F₄(20%)		S	兼容性评级
方法	IDS入侵检测原理	F_1.1	F_1.2	F_2.1	F_2.2	F_3.1	F_4.1	F_4.2	S	兼容性评级
文献[36]方法	VALID通过采集CAN总线上的电压波形，提取信号的统计特征，并与正常行为的基准进行比较，进而实现入侵检测	4	2	1	1	5	4	6	5.65	中
文献[59]方法	对信号来源进行合法性验证，并构建ECU的指纹数据库，通过对比实时采集的电压曲线与数据库中的特征，识别网络中的异常ECU节点	6	4	1	3	7	4	2	7.25	高
文献[60]方法	通过分析CAN信号的电压波形来检测异常行为	6	2	1	0	5	4	6	6.20	中
文献[61]方法	通过为每个CAN ID建立电压指纹，将测试帧与对应ID的指纹进行匹配，利用GMM计算匹配得分，进而判定其是否为恶意帧	4	4	1	1	7	4	6	6.75	高

车载以太网环境下CAN总线入侵检测系统兼容性评估与优化

Compatibility Evaluation and Optimization of CAN Bus Intrusion Detection Systems in In-Vehicle Ethernet Environment

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 16

参考文献 61

相关文章 15

编辑推荐

Metrics

本文评价

[1]	荀毅杰, 崔嘉容, 毛伯敏, 秦俊蔓. 基于联邦学习的智能汽车CAN总线入侵检测系统[J]. 信息网络安全, 2025, 25(6): 872-888.
[2]	刘晨飞, 万良. 基于时空图神经网络的CAN总线入侵检测方法[J]. 信息网络安全, 2025, 25(3): 478-493.
[3]	江荣, 刘海天, 刘聪. 基于集成学习的无监督网络入侵检测方法[J]. 信息网络安全, 2024, 24(3): 411-426.
[4]	彭翰中, 张珠君, 闫理跃, 胡成林. 联盟链下基于联邦学习聚合算法的入侵检测机制优化研究[J]. 信息网络安全, 2023, 23(8): 76-85.
[5]	金志刚, 刘凯, 武晓栋. 智能电网AMI领域IDS研究综述[J]. 信息网络安全, 2023, 23(1): 1-8.
[6]	银鹰, 周志洪, 姚立红. 基于LSTM的CAN入侵检测模型研究[J]. 信息网络安全, 2022, 22(12): 57-66.
[7]	任涛, 金若辰, 罗咏梅. 融合区块链与联邦学习的网络入侵检测算法[J]. 信息网络安全, 2021, 21(7): 27-34.
[8]	姜楠, 崔耀辉, 王健, 吴晋超. 基于上下文特征的IDS告警日志攻击场景重建方法[J]. 信息网络安全, 2020, 20(7): 1-10.
[9]	程冬梅, 严彪, 文辉, 孙利民. 基于规则匹配的分布式工控入侵检测系统设计与实现[J]. 信息网络安全, 2017, 17(7): 45-51.
[10]	史婷婷, 赵有健. 网络入侵逃逸及其防御和检测技术综述[J]. 信息网络安全, 2016, 16(1): 70-74.
[11]	周益周, 王斌, 谢小权. 云环境下软件定义入侵检测系统设计[J]. 信息网络安全, 2015, 15(9): 191-195.
[12]	程骏路, 杨阳, 秦鹏宇, 程久军. 基于云查杀技术的轻量级局域网信息保护机制研究[J]. 信息网络安全, 2015, 15(1): 56-60.
[13]	. 基于机器学习和NetFPGA的智能高速入侵防御系统[J]. , 2014, 14(2): 12-.
[14]	李艺颖;邓皓文;王思齐;龙军. 基于机器学习和NetFPGA的智能高速入侵防御系统[J]. , 2014, 14(2): 0-0.
[15]	宋健豪;赵刚;宋君易. 基于离线检测的SVMNIDS模式研究[J]. , 2012, 12(9): 0-0.