Research On Intrusion Detection And Protection Mechanism Of Intelligent Networked Vehicles

With the rapid development of intelligence and networking of vehicle,intelligent networked vehicles are facing increasingly severe network security problems.In recent years,the frequent occurrence of automobile security incidents has seriously threatened the safety of personal,property,and privacy of individuals.Therefore,it is of great significance to study the information security of in-vehicle network.This paper makes an in-depth analysis of the most widely used Controller Area Network(CAN)bus,and summarizes the security threats faced by the CAN bus and the corresponding security protection measures.To meet the requirements of in-vehicle network computing capability and real-time performance,an intrusion detection mechanism based on deep learning and an active protection strategy for CAN ID virtualization are proposed.This paper uses the bit-flip rate algorithm to extract the signal boundary of the payload of the CAN data,and builds a(CNN-LSTM with Attention Mechanism,CLAM)intrusion detection model based on the signal features.The model uses one-dimensional convolutional neural network and bidirectional long short-term memory neural network to extract the abstract features of the signal,and combines the attention mechanism to make the model only focus on locally important time steps,which improves the prediction accuracy of the model.Experimental results in the real vehicle environment show that the CLAM model can effectively detect common in-vehicle network attacks.The average F1-score of the model is 0.951 and the error rate is 2.16%.Compared with other related research work,the accuracy of the model is improved 2.5%.This paper also proposes a lightweight CAN ID Virtualization Mechanism to compensate for the poor detection performance of the CLAM model in spoofing attacks and its inability to resist reverse engineering.This method continuously updates CAN ID through HMAC one-way hash function and shared salt value,which increases the time cost and attack difficulty of the attacker.At the same time,Translate-Table is designed to authenticate the CAN data frame,which ensures the virtual ID mechanism.normal communication between the ECUs.