PLoS ONE (Jan 2022)

A multi-attack intrusion detection model based on Mosaic coded convolutional neural network and centralized encoding.

  • Rong Hu,
  • Zhongying Wu,
  • Yong Xu,
  • Taotao Lai,
  • Canyu Xia

DOI
https://doi.org/10.1371/journal.pone.0267910
Journal volume & issue
Vol. 17, no. 5
p. e0267910

Abstract

Read online

With the development of the Internet of Vehicles (IoV), attacks to the vehicle-mounted control area network (CAN) have seriously jeopardized the security of automobiles. As an important security measure, intrusion detection technologies have aroused great interest in researchers and many detection methods have also been proposed based on the vehicle's CAN bus. However, many studies only considered one type of attack at a time but in real environments there may contain a variety of attack types simultaneously. In view of the deficiency in the current methods, this paper proposed a method to detect multi-intrusions at one time based on a Mosaic coded convolutional neural network (CNN) and a centralized coding method. A Mosaic-like data block was created to convert the one-dimensional CAN ID into a two-dimensional data grid for the CNN to effectively extract the data characteristics and maintain the time characteristics between the CAN IDs. Four types of attacks and all combinations of them were used to train and test our model. Finally, a centralized coding method was used to increase the discrimination capability of the model. Experimental results showed that this single model could successfully detect any combinations of the intrusion types with very high and stable performance.