Research On Anomaly Detection In In-vehicle Networks And Decentralized Security Authentication

With the development of intelligent connected cars,the degree of electricalization of vehicles is getting higher.With the stronger network connection capabilities of on-board equipment,the stronger computing power of on-board chips,and the higher complexity of on-board operating systems,intelligent connected vehicles become vulnerable to cyber attacks.Especially in the case where an automobile is connected to the cloud through the communication network,each computing unit,controlling unit,sensing unit,and connection path are vulnerable for hackers to attack or even control the automobile.Current researches on cyber security of intelligent connected cars include two aspects.One is active defense based on feature detection,another one is passive defense based on encryption and authentication.For active defense,we focus on anomaly detection methods in in-vehicle networks.Existing methods can detect only few types of cyber attack or rely on parsing the semantics of in-vehicle network data.To face this challenge,we propose a multi-dimensional anomaly detection method based on distributed multi-task neural networks,which detects five types of attacks without relying on the semantics of in-vehicle network data.For passive defense,we mainly concentrate on the security authentication methods in the vehicular ad hoc network.Existing methods bear the risk of privacy data breach or rely on remote cloud servers.To solve this problem,we propose a decentralized security authentication method based on zero-knowledge proof that protects user privacy when unable to connect to the certificate authority server.Combining the active and passive defense method,it takes shape as a cyber security protection system that defenses from both the inside and the outside of the connected automobiles.Experimental results show that the proposed anomaly detection method has higher accuracy and can detect more types of attack than multiple baseline methods.In the single task mode,it takes about 144 milliseconds for on-board chips,while depending on edge servers,it takes up to 0.61 milliseconds with parallel execution.Evaluating the decentralized security authentication method based on zero-knowledge proof,which can effectively protect the user’s private information,it takes 9 seconds for authentication with 10Mb bandwidth and up to 2 seconds with 100Mb bandwidth.