基于LSTM-BiDBN入侵检测系统的在线车辆取证责任方认定方法

doi:10.1007/s12204-022-2549-8

J Shanghai Jiaotong Univ Sci ›› 2024, Vol. 29 ›› Issue (6): 1161-1168.doi: 10.1007/s12204-022-2549-8

基于LSTM-BiDBN入侵检测系统的在线车辆取证责任方认定方法

刘文1,3，许剑新2,4，杨根科1,3，陈媛芳5

（1. 宁波工业互联网研究院，浙江宁波 315000；2. 上海交通大学宁波人工智能研究院，浙江宁波 315000；3. 上海交通大学自动化系，上海 200240；4. 浙江大学控制科学与工程学院，杭州 310027；5. 杭州电子科技大学网络空间安全学院，杭州 310018）

收稿日期:2021-05-24 接受日期:2021-11-19 出版日期:2024-11-28 发布日期:2024-11-28

Online Vehicle Forensics Method of Responsible Party for Accidents Based on LSTM-BiDBN External Intrusion Detection

LIU Wen^1,3 (刘文), XU Jianxin^2,4 (许剑新), YANG Genke^1,3∗(杨根科), CHEN Yuanfang⁵ (陈媛芳)

（1. Ningbo Industrial Internet Institute, Ningbo 315000, Zhejiang, China; 2. Ningbo Artificial Intelligence Institute of Shanghai Jiao Tong University, Ningbo 315000, Zhejiang, China; 3. Department of Automation, Shanghai Jiao Tong University, Shanghai 200240, China; 4. College of Control Science and Engineering, Zhejiang University, Hangzhou 310027, China; 5. School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China)

Received:2021-05-24 Accepted:2021-11-19 Online:2024-11-28 Published:2024-11-28

摘要/Abstract

摘要： 车辆数据是交通事故数字取证的重要来源之一。提出了一种利用二进制编码的长短期记忆-深度信念网络（LSTM-BiDBN）控制器局域网标识符（CAN ID）提取CAN ID事件序列和CAN ID本身语义的新方法。该方法不仅检测针对特定CAN ID的攻击，而且充分考虑了电子控制单元之间潜在的相互作用。通过这种方式，可以检测车辆是否被外界入侵，从而在线确定事故的责任方。使用LSTM-BiDBN来区分CAN入侵数据集上的无攻击和异常情况。实验结果表明：与传统方法相比，该方法在识别拒绝服务攻击、模糊攻击和模拟攻击引起的异常方面更为有效，准确率为97.02%，误检率为6.09%，错误率为1.94%。

关键词: 数字取证, 深度信念网络, 长短期记忆, 二进制编码, 控制器局域网标识符, 责任方

Abstract: Vehicle data is one of the important sources of traffic accident digital forensics. We propose a novel method using long short-term memory-deep belief network by binary encoding (LSTM-BiDBN) controller area network identifier (CAN ID) to extract the event sequence of CAN IDs and the semantic of CAN IDs themselves. Instead of detecting attacks only aimed at a specific CAN ID, the proposed method fully considers the potential interaction between electronic control units. By this means, we can detect whether the vehicle has been invaded by the outside, to online determine the responsible party of the accident. We use our LSTM-BiDBN to distinguish attack-free and abnormal situations on CAN-intrusion-dataset. Experimental results show that our proposed method is more effective in identifying anomalies caused by denial of service attack, fuzzy attack and impersonation attack with an accuracy value of 97.02%, a false-positive rate of 6.09%, and a false-negative rate of 1.94% compared with traditional methods.

中图分类号:

TP181

刘文1, 3, 许剑新2, 4, 杨根科1, 3, 陈媛芳5. 基于LSTM-BiDBN入侵检测系统的在线车辆取证责任方认定方法[J]. J Shanghai Jiaotong Univ Sci, 2024, 29(6): 1161-1168.

LIU Wen^{1, 3} (刘文), XU Jianxin^{2, 4} (许剑新), YANG Genke^{1, 3∗}(杨根科), CHEN Yuanfang⁵ (陈媛芳). Online Vehicle Forensics Method of Responsible Party for Accidents Based on LSTM-BiDBN External Intrusion Detection[J]. J Shanghai Jiaotong Univ Sci, 2024, 29(6): 1161-1168.

参考文献

[1] LE-KHAC N A, JACOBS D, NIJHOFF J, et al. Smart vehicle forensics: Challenges and case study [J]. Future Generation Computer Systems, 2020, 109: 500-510.
[2] CHECKOWAY S, MCCOY D, KANTOR B, et al.Comprehensive experimental analyses of automotive attack surfaces [C]//20th USENIX Security Symposium. San Francisco: USENIX, 2011: 447-462.
[3] HAN K, DIVYA POTLURI S, SHIN K G. On authentication in a connected vehicle: Secure integration of mobile devices with vehicular networks [C]//2013 ACM/IEEE International Conference on Cyber-Physical Systems. Philadelphia: IEEE, 2013:160-169.
[4] FOSTER I, PRUDHOMME A, KOSCHER K, et al.Fast and vulnerable: A story of telematic failures[C]//9th USENIX Conference on Offensive Technologies. Washington: USENIX, 2015: 1-9.
[5] WANG E, XU W, SASTRY S, et al. Hardware modulebased message authentication in intra-vehicle networks[C]//2017 ACM/IEEE 8th International Conference on Cyber-Physical Systems. Pittsburgh: IEEE, 2017:207-216.
[6] MUTER M, ASAJ N. Entropy-based anomaly detection for in-vehicle networks [C]//2011 IEEE Intelligent Vehicles Symposium. Baden-Baden: IEEE, 2011:1110-1115.
[7] LEE H, JEONG S H, KIM H K. OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame [C]//2017 15th Annual Conferenceon Privacy, Security and Trust. Calgary: IEEE, 2017:57-66.
[8] ASHFAQ R A R, WANG X Z, HUANG J Z, et al.Fuzziness based semi-supervised learning approach for intrusion detection system [J]. Information Sciences,2017, 378: 484-497.
[9] IDHAMMAD M, AFDEL K, BELOUCH M. Semisupervised machine learning approach for DDoS detection [J]. Applied Intelligence, 2018, 48(10): 3193-3208.
[10] PAZUL K. Controller area network (CAN) basics[EB/OL]. [2022-05-24]. https://cika.com/soporte/Information/Microchip/AnalogInterface/CAN/AppNotes/AN713(DS00713a).pdf.
[11] YU F, LI D F, CROLLA D A. Integrated Vehicle Dynamics Control — state-of-the art review [C]//2008 IEEE Vehicle Power and Propulsion Conference.Harbin: IEEE, 2008: 1-6.
[12] KOSCHER K, CZESKIS A, ROESNER F, et al. Experimental security analysis of a modern automobile [C]//2010 IEEE Symposium on Security and Privacy.Oakland: IEEE, 2010: 447-462.
[13] HOPPE T, KILTZ S, DITTMANN J. Security threats to automotive CAN networks— Practical examples and selected short-term countermeasures [J]. Reliability Engineering & System Safety, 2011, 96(1): 11-25.
[14] THEISSLER A. Anomaly detection in recordings from in-vehicle networks [M]//Big data applications and principes. Madrid: Universidad Politecnica de Madrid,2014: 23-38.
[15] KANG M J, KANG J W. Intrusion detection system using deep neural network for in-vehicle network security [J]. PLoS ONE, 2016, 11(6): e0155781.
[16] YU Y, SI X S, HU C H, et al. A review of recurrent neural networks: LSTM cells and network architectures [J]. Neural Computation, 2019, 31(7): 1235-1270.
[17] ALKHATIB N, GHAUCH H, DANGER J L.SOME/IP intrusion detection using deep learningbased sequential models in automotive Ethernet networks [C]//2021 IEEE 12th Annual Information Technology, Electronics and Mobile Communication Conference. Vancouver: IEEE, 2021: 954-962.
[18] KHAN Z, CHOWDHURY M, ISLAM M, et al. Long short-term memory neural networks for false information attack detection in softwaredefined in-vehicle network [DB/OL]. (2019-06-24).https://arxiv.org/abs/1906.10203.
[19] HOSSAIN M D, INOUE H, OCHIAI H, et al. LSTMbased intrusion detection system for in-vehicle can bus communications [J]. IEEE Access, 2020, 8: 185489-185502.
[20] SEGER C. An investigation of categorical variable encoding techniques in machine learning: Binary versus one-hot and feature hashing [R]. Stockholm: KTH Royal Institute of Technology, 2018.
[21] HINTON G E, OSINDERO S, TEH Y W. A fast learning algorithm for deep belief nets [J]. Neural Computation, 2006, 18(7): 1527-1554.
[22] HE K M, ZHANG X Y, REN S Q, et al. Delving deep into rectifiers: Surpassing human-level performance on ImageNet classification [C]//2015 IEEE International Conference on Computer Vision. Santiago:IEEE, 2015: 1026-1034.
[23] HOCHREITER S, SCHMIDHUBER J. Long shortterm memory [J]. Neural Computation, 1997, 9(8):1735-1780.

基于LSTM-BiDBN入侵检测系统的在线车辆取证责任方认定方法

Online Vehicle Forensics Method of Responsible Party for Accidents Based on LSTM-BiDBN External Intrusion Detection

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	刘俊城, 谭勇, 张生杰. 地铁车站深基坑开挖变形智能多步预测方法[J]. 上海交通大学学报, 2024, 58(7): 1108-1117.
[2]	彭诗玮1, 张希1, 朱旺旺1, 窦瑞2. 融合乘客感受量化指标的智能汽车舒适性研究[J]. J Shanghai Jiaotong Univ Sci, 2024, 29(6): 1063-1070.
[3]	李芬, 孙凌, 王亚维, 屈爱芳, 梅念, 赵晋斌. 基于CEEMDAN-GSA-LSTM和SVR的光伏功率短期区间预测[J]. 上海交通大学学报, 2024, 58(6): 806-818.
[4]	朱昶胜，朱丽娜. 基于经验小波变换、循环神经网络和误差校正的短期风速预测[J]. J Shanghai Jiaotong Univ Sci, 2024, 29(2): 297-308.
[5]	卫慧, 陈鹏, 张芮菡, 程正顺. 基于长短期记忆网络的大型漂浮式风力发电机平台运动极短期预报方法[J]. 上海交通大学学报, 2023, 57(S1): 37-45.
[6]	尚凡成, 李传庆, 詹可, 朱仁传. 改进LSTM神经网络在极短期波浪时序预报中的应用[J]. 上海交通大学学报, 2023, 57(6): 659-665.
[7]	曹现刚1, 2，雷卓1，李彦川1，张梦园1，段欣宇1. 基于Self-Attention-LSTM神经网络的设备剩余寿命预测方法[J]. J Shanghai Jiaotong Univ Sci, 2023, 28(5): 652-664.
[8]	万安平, 杨洁, 缪徐, 陈挺, 左强, 李客. 基于注意力机制与神经网络的热电联产锅炉负荷预测[J]. 上海交通大学学报, 2023, 57(3): 316-325.
[9]	李琰, 肖龙飞, 魏汉迪, 寇雨丰. 基于长短期记忆网络的半潜平台波浪爬升预报[J]. 上海交通大学学报, 2023, 57(2): 161-167.
[10]	. 行人轨迹预测的动作感知编码器–解码器网络[J]. J Shanghai Jiaotong Univ Sci, 2023, 28(1): 20-27.
[11]	姜淏予, 王沛伦, 葛泉波, 徐今强, 罗朋, 姚刚. 漂浮式光伏网格对海上天气突变的感知方法[J]. 上海交通大学学报, 2022, 56(12): 1584-1597.
[12]	张松林, 马栋梁, 王德禹. 基于长短期记忆神经网络的板裂纹损伤检测方法[J]. 上海交通大学学报, 2021, 55(5): 527-535.
[13]	武光利, 郭振洲, 李雷霆, 王成祥. 融合FCN和LSTM的视频异常事件检测[J]. 上海交通大学学报, 2021, 55(5): 607-614.
[14]	谭嘉, 李知艺, 杨欢, 赵荣祥, 鞠平. 基于分布式优化思想的配电网用电负荷多层协同预测方法[J]. 上海交通大学学报, 2021, 55(12): 1544-1553.
[15]	钟光耀, 邰能灵, 黄文焘, 李然, 傅晓飞, 纪坤华. 基于多维聚类的配变负荷注意力短期预测方法[J]. 上海交通大学学报, 2021, 55(12): 1532-1543.