TY - GEN
T1 - Network Tomography-based Anomaly Detection and Localisation in Centralised In-Vehicle Network
AU - Ibraheem, Amani
AU - Sheng, Zhengguo
AU - Parisis, George
AU - Tian, Daxin
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - The new automotive Electrical/Electronic (E/E) architecture is shifting towards a new design of in-vehicle network that is based on a centralised, cross-domain architecture. Such architecture implies communication between different domains of the vehicle network. From security standpoint, such cross-traffic can easily be exploited by adversaries to gain access to different system domains, including the safety-critical ones, and perform attacks that may result in serious consequences. Accurate detection and localisation of these anomalies is important in such critical systems where false alarms cannot be tolerated. To this end, in this work, we propose an anomaly detection and localisation approach using network tomography-based monitoring solution. Compared to existing solutions, network tomography approaches require only limited number of probes and do not necessitate direct access to the vehicle's networking devices. In this work, we evaluate three types of network tomography (binary tomography, delay tomography, and deep learning-based tomography) to detect and locate anomalies in in-vehicle networks. The results show that binary tomography can accurately detect and locate Denial-of-Service (DoS) attacks in centralised in-vehicle networks.
AB - The new automotive Electrical/Electronic (E/E) architecture is shifting towards a new design of in-vehicle network that is based on a centralised, cross-domain architecture. Such architecture implies communication between different domains of the vehicle network. From security standpoint, such cross-traffic can easily be exploited by adversaries to gain access to different system domains, including the safety-critical ones, and perform attacks that may result in serious consequences. Accurate detection and localisation of these anomalies is important in such critical systems where false alarms cannot be tolerated. To this end, in this work, we propose an anomaly detection and localisation approach using network tomography-based monitoring solution. Compared to existing solutions, network tomography approaches require only limited number of probes and do not necessitate direct access to the vehicle's networking devices. In this work, we evaluate three types of network tomography (binary tomography, delay tomography, and deep learning-based tomography) to detect and locate anomalies in in-vehicle networks. The results show that binary tomography can accurately detect and locate Denial-of-Service (DoS) attacks in centralised in-vehicle networks.
KW - anomaly detection and localisation
KW - binary network tomography
KW - deep neural network
KW - denial-of-service attack
KW - in-vehicle network monitoring
KW - network tomography
UR - https://www.scopus.com/pages/publications/85167867655
U2 - 10.1109/COINS57856.2023.10189258
DO - 10.1109/COINS57856.2023.10189258
M3 - 会议稿件
AN - SCOPUS:85167867655
T3 - 2023 IEEE International Conference on Omni-Layer Intelligent Systems, COINS 2023
BT - 2023 IEEE International Conference on Omni-Layer Intelligent Systems, COINS 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2023 IEEE International Conference on Omni-Layer Intelligent Systems, COINS 2023
Y2 - 23 July 2023 through 25 July 2023
ER -