Research On Intrusion Detection Method Of Intelligent Networked Vehicle Bus

With the rapid development of Telematics and autonomous drivingrelated technologies,more and more vehicles are accessing the Internet and introducing automatic control functions such as assisted driving,through which automakers want to provide users with a more comfortable and safe driving experience.However,while these improvements enhance the driving experience,they also make the original relatively independent invehicle network have to face the information security risks brought by the Internet.In recent years,there have been a number of car information security incidents at home and abroad,which seriously threatened the lives and property safety of drivers and passengers.As the de facto standard for the internal control bus of automobiles,the information security of CAN bus becomes especially important,and the attacker can realize the control of vehicle status through CAN bus,so it is necessary to study the intrusion detection scheme for CAN bus.In this paper,we study the knowledge related to CAN bus,analyze the vulnerability of CAN protocol and common attack methods in detail,combine the current situation of domestic and foreign research,and point out the main problems faced by current CAN bus intrusion detection,including opaque protocol details,limited computing power of on-board components and so on.On this basis,it is determined that this paper needs to study the implementation of a bus intrusion detection scheme with high accuracy,high real-time performance and low complexity.To solve the problem of opaque protocol details,the bus inverse analysis method is introduced,and two typical methods and their problems are analyzed in detail,and then a field feature extraction scheme for intrusion detection is designed and implemented.Firstly,the possible field types are reclassified according to the intrusion detection requirements,and then a sliding window-based counter field identification method is proposed to advance the identification of counter fields to before the field division,avoiding the misjudgment caused by the division first and then identification.The experimental results show that this scheme can better identify counter fields.In addition,the clustering analysis is carried out for the three features of continuity,coverage and field length that are more concerned in this paper,and the type tagging is performed according to the clustering results,avoiding the arbitrariness of subjectively setting thresholds to discriminate field types one by one.Based on the above field feature extraction scheme,this paper proposes a corresponding intrusion detection scheme.According to the extracted field features,the corresponding preprocessing operations are given to different types of fields,so as to generate the input vector of the model.The random forest algorithm is selected as the main classification algorithm of the scheme,and then the training and detection process of the model is given.The experiment shows that the proposed scheme in this paper is significantly improved compared with the existing scheme,and the average precision is as high as 99.14%.Considering the complexity of the above scheme,this paper further abstracts the characteristics of bus message data,proposes the concept of Bit Constraint,and then designs and implements the Segment Detection Algorithm(SDA)based on Bit Constraint.SDA avoids complex data structure design and does not depend on any machine learning algorithm.The time and space complexity of the algorithm is linear,which meets the requirements of the vehicle environment.Compared with the existing schemes of the same type,it is found that this scheme has obvious improvement in both the detection precision and the recall rate of abnormal traffic,which meets the requirements of the intrusion detection scheme proposed in this paper.