关键词: 车载网络, 异常检测, 长短期记忆模型, 注意力机制

Abstract: With the advancement of intelligent driving technology, the connection between vehicles and the external environment through in-vehicle networks is becoming increasingly frequent. The Controller Area Network (CAN) is the primary in-vehicle network currently, and attackers can exploit security vulnerabilities in the CAN network to gain control of vehicles, posing significant safety threats to occupants. In response to this issue, this paper proposes an anomaly detection model based on Long Short-Term Memory (LSTM) and attention mechanism. The model employs a dual-layer attention encoder to deeply mine information between local and global features of CAN data streams. By efficiently searching and learning sequential patterns between features, the proposed model significantly reduces feature information redundancy, leading to improved detection performance, enhanced efficiency, and accuracy in anomaly detection. The model also demonstrates effectiveness in handling imbalanced classification tasks. Finally, multiple independent repeated tests are conducted on the CarHacking dataset. The results show that the proposed method achieves detection accuracy above 99.2% for all attack categories in the CarHacking dataset, significantly outperforming other anomaly detection methods. Additionally, this paper accomplishes a multi-classification task that other methods have not achieved, with an average detection accuracy of 99.26% for the proposed method.

Key words: vehicle network, anomaly detection, long short-term memory model, attention mechanism