摘要
以数据加密和入侵检测为基础,建立了一种基于灵活数据速率控制器局域网络的汽车通信网络信息安全方法.提出了包括安全传输、安全启动、时间同步与密钥分配的汽车网络安全通信协议,并通过建立网络仿真模型验证安全协议的有效性.搭建了基于硬件实例的安全通信节点,测试硬件节点的实际通信性能和加密性能.最后针对汽车通信网络潜在的攻击方式,以Dolev-Yao入侵模型攻击和拒绝服务攻击为测试方法,对安全通信模型进行了安全性攻击测试和入侵检测功能验证,确定了网络入侵检测的判定指标.测试结果验证了该方法的安全性和可用性.
A security method for vehicle communication network based on controller area network with flexible data-rate(CAN-FD) was established with data encryption and intrusion detection. Secure communication protocols for vehicle network including secure transmission, secure boot, time synchronization, and key distribution were proposed, and a network simulation model was established to verify the validity of the secure protocols. Secure communication nodes based on hardware instance were established to test the actual communication performance and encryption performance of the hardware nodes. Aiming at the potential attack modes of the vehicle communication network, the Dolev-Yao intruder model attack and the denial of service attack were used as the test methods to test the security of communication model and verify the intrusion detection function. And the judgment index of the network intrusion detection was determined. The experimental results had confirmed the security and usability of the method.
作者
罗峰
胡强
刘宇
LUO Feng;HU Qirng;LIU Yu(School of Automotive Studies, Tongji University, Shanghai 201804,China)
出处
《同济大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2019年第3期386-391,共6页
Journal of Tongji University:Natural Science
基金
中央高校基本科研业务费专项资金(22120170265)
关键词
安全通信
车载网络
信息安全
secure communication
vehicle network
cybersecurity