Netinfo Security ›› 2022, Vol. 22 ›› Issue (12): 57-66.doi: 10.3969/j.issn.1671-1122.2022.12.007

Previous Articles     Next Articles

Research on LSTM-Based CAN Intrusion Detection Model

YIN Ying1,2(), ZHOU Zhihong1,2, YAO Lihong3   

  1. 1. Institute of Cyber Science and Technology, Shanghai Jiao Tong University, Shanghai 200240, China
    2. Shanghai Key Laboratory of Integrated Administration Technologies for Information Security, Shanghai 200240, China
    3. School of Cyber Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
  • Received:2022-10-09 Online:2022-12-10 Published:2022-12-30
  • Contact: YIN Ying E-mail:yyin@sjtu.edu.cn

Abstract:

The controller area network (CAN) is connected to the core electronic control units of the intelligent networked automobile system, which is crucial to ensure the safety of the vehicle system. But it is vulnerable to denial of service(DoS) attack, replay attack and fuzzy attack due to its lack of adequate information security measures and thus causes serious security threat for automobiles and drivers. In order to effectively detect whether the CAN bus was attacked, the security threats and communication features were analyzed, and a model of CAN intrusion detection based on long short term memory (LSTM) was proposed, which could preserve the timing characteristics of CAN messages and effectively perform intrusion detection and attack classification. The experimental results show that the detection accuracy of the model is 99.99%.

Key words: intelligent networked automobile, CAN, intrusion detection, LSTM

CLC Number: