基于特征融合的控制器局域网入侵检测方法

北京邮电大学学报

• •

基于特征融合的控制器局域网入侵检测方法

杜欣颖,何明枢,王小娟

北京邮电大学

收稿日期:2023-12-18 修回日期:2024-03-06 发布日期:2024-07-18
通讯作者: 何明枢

An Intrusion Detection System for Controller Area Network Based on Feature Fusion Multi-Encoder Network

Xin-Ying DU,MINGSHU HE,

Received:2023-12-18 Revised:2024-03-06 Published:2024-07-18
Contact: MINGSHU HE

摘要/Abstract

摘要： 由于控制器局域网（CAN）缺乏报文加密、发送方身份验证等安全功能，使得CAN容易受到恶意网络攻击，影响到人类和道路的安全。基于这种情况，本文提出一种基于特征融合的控制器局域网入侵检测方法，更加关注报文内部特征间的关系而非时序关系，首先对CAN报文中提取的全局特征和分组特征进行融合，再使用多编码器网络检测多种类型的注入攻击。同时，添加自注意力机制，产生不同特征的可解释权值，用来衡量特征的重要性。本文使用基于真实车辆构建的数据集进行了实验验证，单一注入攻击检测准确率高于97%，多种注入攻击总体检测准确率为98.23%，优于现有方法，证明本文提出的入侵检测系统具有高度的准确性以及良好的鲁棒性。

关键词: 控制器局域网, 入侵检测系统, 特征融合, 自注意力机制, 注入攻击

Abstract: A Controller Area Network (CAN) lacks security features such as message encryption and sender authentication, making it vulnerable to malicious network attacks that can compromise both human and road safety. In light of this situation, a feature fusion-based intrusion detection method for Controller Area Networks is proposed. This method focused on the relationships between internal features of messages rather than their temporal order. Firstly, global features and group features extracted from CAN messages were fused, and a multi-encoder network was employed to detect various types of injection attacks. Additionally, a self-attention mechanism was incorporated to generate interpretable weights for different features, which measured their importance. Experimental validation was conducted using a dataset constructed from real vehicles. The detection accuracy of single injection attacks surpassed 97%, while the overall detection accuracy for multiple injection attacks was 98.23%, outperforming existing methods. This demonstrates the high accuracy and robustness of the proposed intrusion detection system.

Key words: controller area networks, intrusion detection system, feature fusion, self-attention mechanism, injection attacks

中图分类号:

TP183

杜欣颖何明枢王小娟. 基于特征融合的控制器局域网入侵检测方法[J]. 北京邮电大学学报.

Xin-Ying DU MINGSHU HE. An Intrusion Detection System for Controller Area Network Based on Feature Fusion Multi-Encoder Network[J]. Journal of Beijing University of Posts and Telecommunications.

[1]	韩晶张天鹏吕学强. 基于多模态特征与增强对齐的细粒度图像分类[J]. 北京邮电大学学报, 2024, 47(4): 0-0.
[2]	张光耀高欣张云凯刘婧叶平. 融合序列间显隐式关联的图卷积多维时序异常检测方法[J]. 北京邮电大学学报, 2024, 47(3): 75-82.
[3]	王科平张自娇杨艺费树岷韦金阳. 基于双注意力卷积及Transformer融合的非均匀去雾算法[J]. 北京邮电大学学报, 2024, 47(2): 30-37.
[4]	陈可嘉黄春香林鸿熙. 基于自注意力与图卷积网络的方面级情感分析[J]. 北京邮电大学学报, 2024, 47(1): 127-132.
[5]	周雨昊孙哲吴晓非禹可. 基于门控特征融合的中文错别字纠正模型[J]. 北京邮电大学学报, 2023, 46(4): 91-96,122.
[6]	苏兴禹可吴晓非. 基于层次门控交互融合网络的谣言检测方法[J]. 北京邮电大学学报, 2023, 46(4): 97-102.
[7]	宋宇博高嘉振. 改进YOLOv3算法的交通多目标检测方法[J]. 北京邮电大学学报, 2022, 45(5): 103-108.
[8]	李雪, 李晓艳, 王鹏, 孙梦宇, 吕志刚. 结合双注意力与特征融合的孪生网络目标跟踪[J]. 北京邮电大学学报, 2022, 45(4): 116-122.
[9]	晁浩, 马庆敏, 刘永利. 利用卷积回声状态网络实现脑电情感识别[J]. 北京邮电大学学报, 2022, 45(2): 36-43.
[10]	刘逸琛, 孙华志, 马春梅, 姜丽芬, 钟长鸿. 一种基于高层特征融合的网络商品分类[J]. 北京邮电大学学报, 2020, 43(5): 98-104,117.
[11]	刘渭滨, 邹智元, 邢薇薇. 模式分类中的特征融合方法[J]. 北京邮电大学学报, 2017, 40(4): 1-8.
[12]	王剑, 张子键, 袁坚. 应用于CAN总线的广播认证系统[J]. 北京邮电大学学报, 2015, 38(4): 24-28.

基于特征融合的控制器局域网入侵检测方法

An Intrusion Detection System for Controller Area Network Based on Feature Fusion Multi-Encoder Network

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 12

编辑推荐

Metrics

本文评价