The Study Of Vehicle Attack Method And Intrusion Detection Technology For Internet Of Vehicles

With the improvement of the Internet of things technology,Internet of Vehicles(IoV)has got great development progressively.IoV is a type of network which consists of vehicles.As the key component of IoV,vehicles can be connected with infrastructure,other vehicles,cloud platform,and even people through the wireless communication technology.Based on the network communication facilities and a large number of sensors,communication are enabled with each other among the components in the IoV.Therefore,IoV technology has wide application prospect in urban transportation planning,automatic driving,smart city construction and other fields.The development of IoV has brought many advantages for the people,and at the same time,it may be troublesome that the car is no longer a relatively independent closed system.When the Internet technology is introduced into the automobile system,the car has to face the inevitable security problems brought by the Internet.In this case,the potential safety risk and vulnerability of automobile systems have been exposed as well.With the rapid development of intelligent vehicle and IoV,the function of the vehicle and the amount of internal electronic equipment have increased dramatically.At the same time,as the network system inside the vehicle gets increasingly complex and electronic control unit(ECU)and on-board equipment are both connected to the car's internal bus network,attackers from the outside network can penetrate into the on-board network bus through the external interface.However,in the design and application of vehicle-mounted bus,the problem of information security has never been considered,and the security strategy and mechanism of the vehicle network cannot meet the current security needs.With the emergence of automobile information security problems,attackers can attack vehicle-mounted CAN bus network through external interfaces,and then send malicious packets,which will seriously endanger the personal,property and information security of vehicle drivers and passengers.As a consequence,it is of great significance to study the information security of vehicle-mounted CAN bus network.Focused on the the information security of vehicles oriented to the IoV,this thesis analyzes the security threats faced by vehicles and the existing vehicle attack methods in detail.According to the characteristics of vehicle-mounted CAN bus,an anomaly detection method of CAN bus was proposed.The major contributions of this thesis are summarized as follows:(1)The research work on security of IoV and vehicle network at home and abroad was summarized in this thesis.It states the structure and characteristics of the IoV and in-car network system,and analyzes the data transmission mode and data frame format of the on-board CAN bus protocol.By analyzing the architecture of the IoV system,the attack interface of vehicles in the IoV is summarized in detail.The information security threats faced by CAN bus are analyzed,and the attack modes against CAN bus are summarized,including discard,read,modify,replay,cheat,flood and so on.(2)In this thesis,the difference between misuse-based intrusion detection technology and anomaly-based intrusion detection technology was compared,concluding that anomalybased intrusion detection is more suitable based on the characteristics of vehicle-mounted network.This thesis summarizes the existing anomaly detection techniques and their advantages and disadvantages are pointed out respectively.According to the characteristics of vehicle-mounted network,the thesis points out the problems faced by the abnormal detection of vehicle-internal network oriented to the IoV.Then,this thesis introduces the general framework of anomaly detection in vehicle-mounted network,and points out the data content which can be used for anomaly detection.(3)A vehicle-mounted t-box was designed in this thesis,which is equipped with remote control,information entertainment and other functions.This thesis expounds the vulnerabilities of the disclosed vehicle-mounted information system,including D-bus service vulnerabilities,OMAP processor vulnerabilities and firmware update vulnerabilities on V850 chip,and a reasonable and feasible attack path was designed according to these vulnerabilities.In order to conceal the remote attack path,the metioned vulnerabilities are used to refresh the firmware in OMAP and V850.The attack information is hiding into audio file using the dt-dct-svd audio information hiding algorithm,and the CAN bus inside the vehicle is attacked through the FM system that receiving audio file.(4)An on-board CAN bus message decision tree model is generated,and based on that,an anomaly detection model is constructed.Then,the pretreatment of CAN message data solve the problems of sparse,complex data types,lack of abnormal sample.Finally,decision tree models are built based on the 43 different packets of the experimental data set.The experiment result manifests that the detection accuracy of this method is pretty,and the feasibility of this model deployed in the vehicle gateway is analyzed theoretically in the last.