Saved in:
Bibliographic Details
Main Authors: Liu, Qi, Liu, Yanchen, Li, Ruifeng, Cao, Chenhong, Li, Yufeng, Li, Xingyu, Wang, Peng, Feng, Runhan, Bu, Shiyang
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2411.10258
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866909587361234944
author Liu, Qi
Liu, Yanchen
Li, Ruifeng
Cao, Chenhong
Li, Yufeng
Li, Xingyu
Wang, Peng
Feng, Runhan
Bu, Shiyang
author_facet Liu, Qi
Liu, Yanchen
Li, Ruifeng
Cao, Chenhong
Li, Yufeng
Li, Xingyu
Wang, Peng
Feng, Runhan
Bu, Shiyang
contents The integration of intelligent and connected technologies in modern vehicles, while offering enhanced functionalities through Electronic Control Unit (ECU) and interfaces like OBD-II and telematics, also exposes the vehicle's in-vehicle network (IVN) to potential cyberattacks. Unlike prior work, we identify a new time-exciting threat model against IVN. These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions. We systematically analyze the characteristics of the threat: dynamism, time-exciting impact, and low prior knowledge dependency. To validate its practicality, we replicate the attack on a real Advanced Driver Assistance System via Controller Area Network (CAN), exploiting Unified Diagnostic Service vulnerabilities and proposing four attack strategies. While CAN's integrity checks mitigate attacks, Ethernet migration (e.g., DoIP/SOME/IP) introduces new surfaces. We further investigate the feasibility of time-exciting threat under SOME/IP. To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures. Meanwhile, to estimate MDHP parameters, we developed the first GPU-optimized gradient descent solver for MDHP (MDHP-GDS). These modules significantly improves the detection rate under time-exciting attacks in multi-ECU IVN system. To address data scarcity, we release STEIA9, the first open-source dataset for time-exciting attacks, covering 9 Ethernet-based attack scenarios. Extensive experiments on STEIA9 (9 attack scenarios) show MDHP-Net outperforms 3 baselines, confirming attack feasibility and detection efficacy.
format Preprint
id arxiv_https___arxiv_org_abs_2411_10258
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN
Liu, Qi
Liu, Yanchen
Li, Ruifeng
Cao, Chenhong
Li, Yufeng
Li, Xingyu
Wang, Peng
Feng, Runhan
Bu, Shiyang
Cryptography and Security
Machine Learning
Networking and Internet Architecture
The integration of intelligent and connected technologies in modern vehicles, while offering enhanced functionalities through Electronic Control Unit (ECU) and interfaces like OBD-II and telematics, also exposes the vehicle's in-vehicle network (IVN) to potential cyberattacks. Unlike prior work, we identify a new time-exciting threat model against IVN. These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions. We systematically analyze the characteristics of the threat: dynamism, time-exciting impact, and low prior knowledge dependency. To validate its practicality, we replicate the attack on a real Advanced Driver Assistance System via Controller Area Network (CAN), exploiting Unified Diagnostic Service vulnerabilities and proposing four attack strategies. While CAN's integrity checks mitigate attacks, Ethernet migration (e.g., DoIP/SOME/IP) introduces new surfaces. We further investigate the feasibility of time-exciting threat under SOME/IP. To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures. Meanwhile, to estimate MDHP parameters, we developed the first GPU-optimized gradient descent solver for MDHP (MDHP-GDS). These modules significantly improves the detection rate under time-exciting attacks in multi-ECU IVN system. To address data scarcity, we release STEIA9, the first open-source dataset for time-exciting attacks, covering 9 Ethernet-based attack scenarios. Extensive experiments on STEIA9 (9 attack scenarios) show MDHP-Net outperforms 3 baselines, confirming attack feasibility and detection efficacy.
title MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN
topic Cryptography and Security
Machine Learning
Networking and Internet Architecture
url https://arxiv.org/abs/2411.10258