Saved in:
Bibliographic Details
Main Authors: Wang, Kai, Jiang, Qiguang, Wang, Bailing, Wu, Yulei, Zhang, Hongke
Format: Preprint
Published: 2023
Subjects:
Online Access:https://arxiv.org/abs/2311.07056
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908680250720256
author Wang, Kai
Jiang, Qiguang
Wang, Bailing
Wu, Yulei
Zhang, Hongke
author_facet Wang, Kai
Jiang, Qiguang
Wang, Bailing
Wu, Yulei
Zhang, Hongke
contents In-vehicle network (IVN) is facing complex external cyber-attacks, especially the emerging masquerade attacks with extremely high difficulty of detection while serious damaging effects. In this paper, we propose the STATGRAPH, which is an effective and fine-grained intrusion detection methodology for IVN security services via multi-view statistical graph learning on in-vehicle controller area network (CAN) messages with insight into their variations in periodicity, payload and signal combinations. Specifically, STATGRAPH generates two statistical graphs, timing correlation graph (TCG) and coupling relationship graph (CRG), in every CAN message detection window, where edge attributes in TCGs represent temporal correlation between different message IDs while edge attributes in CRGs denote the neighbour relationship and contextual similarity. Besides, a lightweight shallow layered graph convolution network is trained based on graph property of TCGs and CRGs, which learns the universal laws of various patterns more effectively and further enhance the performance of detection. To address the problem of insufficient attack types in previous intrusion detection, we select two real in-vehicle CAN datasets covering five new instances of sophisticated and stealthy masquerade attacks that are never investigated before. Experimental result shows STATGRAPH improves both detection granularity and detection performance over state-of-the-art intrusion detection methods. Code is available at https://github.com/wangkai-tech23/StatGraph.
format Preprint
id arxiv_https___arxiv_org_abs_2311_07056
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle STATGRAPH: Effective In-vehicle Intrusion Detection via Multi-view Statistical Graph Learning
Wang, Kai
Jiang, Qiguang
Wang, Bailing
Wu, Yulei
Zhang, Hongke
Networking and Internet Architecture
Artificial Intelligence
Cryptography and Security
In-vehicle network (IVN) is facing complex external cyber-attacks, especially the emerging masquerade attacks with extremely high difficulty of detection while serious damaging effects. In this paper, we propose the STATGRAPH, which is an effective and fine-grained intrusion detection methodology for IVN security services via multi-view statistical graph learning on in-vehicle controller area network (CAN) messages with insight into their variations in periodicity, payload and signal combinations. Specifically, STATGRAPH generates two statistical graphs, timing correlation graph (TCG) and coupling relationship graph (CRG), in every CAN message detection window, where edge attributes in TCGs represent temporal correlation between different message IDs while edge attributes in CRGs denote the neighbour relationship and contextual similarity. Besides, a lightweight shallow layered graph convolution network is trained based on graph property of TCGs and CRGs, which learns the universal laws of various patterns more effectively and further enhance the performance of detection. To address the problem of insufficient attack types in previous intrusion detection, we select two real in-vehicle CAN datasets covering five new instances of sophisticated and stealthy masquerade attacks that are never investigated before. Experimental result shows STATGRAPH improves both detection granularity and detection performance over state-of-the-art intrusion detection methods. Code is available at https://github.com/wangkai-tech23/StatGraph.
title STATGRAPH: Effective In-vehicle Intrusion Detection via Multi-view Statistical Graph Learning
topic Networking and Internet Architecture
Artificial Intelligence
Cryptography and Security
url https://arxiv.org/abs/2311.07056