Research And Optimization Of Vehicle Gateway Firewall Based On CAN Bus

Automotive intelligent networking technology has made great progress in recent years,but at the same time,the information security problems caused by automotive electronization,intellectualization and networking are increasingly prominent,and malicious attacks on in-vehicle networks have also increased.On the one hand,the continuous evolution of the in-vehicle network architecture has exposed more and more information security vulnerabilities in automobiles;on the other hand,because the car CAN bus failed to fully consider the safety design at the beginning of design,the hidden danger of communication mechanism of CAN bus itself has become the biggest threat to automobile information security.Therefore,it is extremely urgent to ensure the safety of automobile information,especially the safety of automobile CAN bus.This paper research the architecture of vehicle network and CAN bus technology,concluded that the key to ensure the safety of automobiles information lies in the safety protection of vehicle gateway and CAN bus.Through the analysis of the main research results of automobile information security at home and abroad,according to the characteristics of the vehicle CAN bus network,a scheme combining anomaly detection algorithm and firewall technology is selected to protect CAN bus security.The main research contents of this paper are as follows:(1)From the vehicle network architecture and CAN bus protocol,the vehicle network attack surface and the potential safety hazards of CAN are analyzed,and the common attack methods against the vehicle CAN bus are summarized.Fuzzy testing,Do S and replay attacks were carried out against a passenger car CAN bus platform in a real vehicle environment.The attack results were summarized and the major safety risks of vehicles without safety facilities were further proved.(2)Based on the research of gateway firewall technology,in-depth exploration of sub-module functions and detection algorithms for a certain vehicle gateway firewall product.Designed and completed the firewall vulnerability mining test,summarized the defects of the current firewall algorithm,and put forward optimization suggestions.(3)Due to the defects of the firewall itself at this stage,the firewall has problems such as poor real-time detection,low detection accuracy,and inability to detect a small number of packet injection attacks.In this paper,information entropy and relative entropy algorithm are introduced and improved to solve the above problems.An anomaly detection system was designed and developed,and the Socket CAN simulation experiment environment was used.Finally,the function and performance related experiments of the detection system were carried out.Experimental results show that the detection accuracy of the system reaches99.7%,the detection time is only 3.29 ms,and the sensitivity of intrusion detection to a small number of packets is also greatly improved.