An Intelligent, Two-Stage, In-Vehicle Diagnostic-Based Secured Framework

Abstract

Read online

Recent research interests have been directed to study the security of vehicles due to the advancement of their technologies. Due to the rapid growth and accelerated development of electronic control units (ECUs), they are countered to be exploited by external attacks. As a result, recent research efforts have been focused on investigating alternative countermeasures that might be implemented by introducing different intrusion detection systems (IDSs). The problem with some of IDSs is the location of their deployment because of the ECU limitations and constraints. Other introduced IDSs require severe changes in the in-vehicle network, which is not preferred by vehicle manufacturers. In this research, we introduce a novel design of a framework to check the state of the vehicle and capture possible attacks by detecting any malicious data in the diagnostic parameters of the vehicle. The framework is divided into two phases: the specific-based detection phase and the anomaly-based detection phase. The proposed system employs the extreme gradient boosting (XGBoost) algorithm to detect anomalies in diagnostic data and it is optimized by a non-dominated sorting genetic algorithm II (NSGA-II). The model is verified against two datasets collected from real vehicles. To generate anomalies in datasets, an attack generation algorithm is introduced. The model is trained on a dataset that contains different attack types and verified blindly against various attacks that have not been seen before. The framework’s experimental results show that it can detect abnormalities with accuracy 97.00% for the Seat Leon 2018 dataset and 97.49% for the KIA SOUL dataset.

Keywords

• Anomaly detection
• cyber-physical security threats
• diagnostics
• genetic algorithm
• intrusion detection
• machine learning