Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks

Andrew John Tomlinson, Jeremy Bryans, Siraj Shaikh

Research output: Chapter in Book/Report/Conference proceedingConference proceeding

2 Citations (Scopus)
14 Downloads (Pure)

Abstract

The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.
Original languageEnglish
Title of host publicationProceedings of the Genetic and Evolutionary Computation Conference Companion
PublisherAssociation for Computing Machinery (ACM)
Pages1926-1929
Number of pages4
ISBN (Print)978-1-4503-5764-7
DOIs
Publication statusPublished - 6 Jul 2018
EventThe Genetic and Evolutionary Computation Conference - Kyoto, Japan
Duration: 15 Jul 201819 Jul 2018
http://gecco-2018.sigevo.org/index.html/tiki-index.php

Conference

ConferenceThe Genetic and Evolutionary Computation Conference
Abbreviated titleGECCO 2018
CountryJapan
CityKyoto
Period15/07/1819/07/18
Internet address

Fingerprint

Classifiers
Intrusion detection
Controllers
Braking
Image processing
Positive ions
Engines
Communication

Bibliographical note

© ACM, 2018. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the Genetic and Evolutionary Computation Conference Companion
http://doi.acm.org/10.1145/3205651.3208223

Keywords

  • intrusion detection
  • nearest neighbour
  • classifier
  • cybersecurity
  • anomaly detection
  • one-class
  • controller area network

Cite this

Tomlinson, A. J., Bryans, J., & Shaikh, S. (2018). Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks. In Proceedings of the Genetic and Evolutionary Computation Conference Companion (pp. 1926-1929). Association for Computing Machinery (ACM). https://doi.org/10.1145/3205651.3208223

Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks. / Tomlinson, Andrew John; Bryans, Jeremy; Shaikh, Siraj.

Proceedings of the Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery (ACM), 2018. p. 1926-1929.

Research output: Chapter in Book/Report/Conference proceedingConference proceeding

Tomlinson, AJ, Bryans, J & Shaikh, S 2018, Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks. in Proceedings of the Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery (ACM), pp. 1926-1929, The Genetic and Evolutionary Computation Conference, Kyoto, Japan, 15/07/18. https://doi.org/10.1145/3205651.3208223
Tomlinson AJ, Bryans J, Shaikh S. Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks. In Proceedings of the Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery (ACM). 2018. p. 1926-1929 https://doi.org/10.1145/3205651.3208223
Tomlinson, Andrew John ; Bryans, Jeremy ; Shaikh, Siraj. / Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks. Proceedings of the Genetic and Evolutionary Computation Conference Companion. Association for Computing Machinery (ACM), 2018. pp. 1926-1929
@inproceedings{8746da6ccfc949c09432e2969ffcc4a5,
title = "Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks",
abstract = "The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.",
keywords = "intrusion detection, nearest neighbour, classifier, cybersecurity, anomaly detection, one-class, controller area network",
author = "Tomlinson, {Andrew John} and Jeremy Bryans and Siraj Shaikh",
note = "{\circledC} ACM, 2018. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the Genetic and Evolutionary Computation Conference Companion http://doi.acm.org/10.1145/3205651.3208223",
year = "2018",
month = "7",
day = "6",
doi = "10.1145/3205651.3208223",
language = "English",
isbn = "978-1-4503-5764-7",
pages = "1926--1929",
booktitle = "Proceedings of the Genetic and Evolutionary Computation Conference Companion",
publisher = "Association for Computing Machinery (ACM)",
address = "United States",

}

TY - GEN

T1 - Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks

AU - Tomlinson, Andrew John

AU - Bryans, Jeremy

AU - Shaikh, Siraj

N1 - © ACM, 2018. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the Genetic and Evolutionary Computation Conference Companion http://doi.acm.org/10.1145/3205651.3208223

PY - 2018/7/6

Y1 - 2018/7/6

N2 - The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.

AB - The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.

KW - intrusion detection

KW - nearest neighbour

KW - classifier

KW - cybersecurity

KW - anomaly detection

KW - one-class

KW - controller area network

U2 - 10.1145/3205651.3208223

DO - 10.1145/3205651.3208223

M3 - Conference proceeding

SN - 978-1-4503-5764-7

SP - 1926

EP - 1929

BT - Proceedings of the Genetic and Evolutionary Computation Conference Companion

PB - Association for Computing Machinery (ACM)

ER -