期刊文献+

基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 被引量:6

SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm
下载PDF
导出
摘要 随着车联网中车载装备智能化程度的飞速发展,其与互联网对接的程度日益加深,而车载CAN总线受到的网络攻击数量更多、攻击方式更复杂、攻击特征更隐蔽。目前车联网入侵检测才刚起步,基于防火墙或规则库等传统检测模型无法获取隐藏的深层攻击特征,基于深度学习的智能检测模型又因训练参数多、攻击数据不均衡等呈现过/欠拟合以及训练复杂等问题。针对以上问题,文中以车载CAN总线为对象,提出了一种基于SMOTE-SDSAE-SVM的CAN总线入侵检测方法(简称3S),尝试结合深度学习和机器学习理论,从而同时提取网络攻击的深度特征和保证模型训练的高效性,并解决网络攻击类别不平衡、CAN报文含噪声等问题。首先,为了解决网络攻击类别不平衡问题,利用SMOTE技术对不平衡类别的攻击数据进行近邻采样,从而生成更多同类别近似样本;其次,结合稀疏自编码和去噪自编码,以消除噪声数据的影响同时增加特征提取的时效性,并通过堆叠多层稀疏去噪自编码最终实现CAN报文的深度特征提取;最后,利用SVM对提取的深度特征进行精确分类,实现对CAN报文的异常检测,从而发现网络攻击。通过在沃尔沃CAN数据集和CAR-HACKING数据集上的大量实验,有效证明了本文3S算法较其他算法而言拥有更好的入侵检测准确率和更低的漏报率/误报率。 With the rapid development of in-vehicle equipment intelligence on the Internet of Vehicles,due to its increasingly deepened connection with the Internet,the number of network attacks on the vehicle CAN bus has been increased,the attack methods have become more complex and the attack characteristics have become more concealed.At present,the intrusion detection of the Internet of Vehicles has just started.Traditional detection models based on firewall or rule bases are unable to obtain the hidden deep features of network attacks,but the intelligent detection models based on deep learning present problems such as“over-fitting”or“under-fitting”due to too many training parameters and unbalanced training datasets.To solve the above problems,an SMOTE-SDSAE-SVM based intrusion detection algorithm for CAN bus of vehicles is proposed in this paper,which is simply called 3 S.This algorithm tries to combine deep learning and machine learning techniques to extract deep features of network attacks and ensure the efficiency of model training.The main contributions are as follows.Firstly,to balance the training samples of different categories,SMOTE method is used to generate more similar samples through the nearest neighbor sampling strategy.Secondly,sparse autoencoder and denoising autoencoder are combined to increase the speed of feature extraction and eliminate noise effects.And the deep feature of the CAN message is eventually extracted by stacking multi-layer sparse denoising autoencoder.Finally,SVM is used to accurately classify the extracted deep features of CAN messages,thereby discovering network attacks.According to the extensive experiments on the Volvo CAN dataset and the CAR-HACKING dataset,the proposed 3 S algorithm is proved to have better accuracy and lower false alarm rate than other algorithms.
作者 周志豪 陈磊 伍翔 丘东亮 梁广升 曾凡巧 ZHOU Zhi-hao;CHEN Lei;WU Xiang;QIU Dong-liang;LIANG Guang-sheng;ZENG Fan-qiao(School of Information and Electrical Engineering,Hunan University of Science and Technology,Xiangtan,Hunan 411201,China)
出处 《计算机科学》 CSCD 北大核心 2022年第S01期562-570,801,共10页 Computer Science
基金 国家自然科学基金(62103143) 湖南省自然科学基金(2020JJ5199) 国家重点研发计划(2019YFE0105300/2019YFE0118700)。
关键词 CAN总线 入侵检测 深度学习 SDSAE SMOTE SVM CAN bus Intrusion detection Deep learning SDSAE SMOTE SVM
  • 相关文献

参考文献10

二级参考文献52

  • 1李洁,高新波,焦李成.基于克隆算法的网络结构聚类新算法[J].电子学报,2004,32(7):1195-1199. 被引量:24
  • 2宁焕生,张瑜,刘芳丽,刘文明,渠慎丰.中国物联网信息服务系统研究[J].电子学报,2006,34(B12):2514-2517. 被引量:151
  • 3Jam A J, et al. A pharmaceutical intelligent information system to detect allergies and adverse drugs reactions based on inter- net of things[ A]. 2010 Eighth IEEE International Conference on Pervasive Computing and Communications Workshops [ C]. Mannheim, Germany: IEEE Press,2010. 809 - 812.
  • 4Luigi A, Antonio I, Giacomo M. The intemet of things: A sur- vey[ J]. Computer Networks,2010.2784- 2805.
  • 5Rolfh W. Intemet of things-new security and privacy chal- lenges[ J]. Computer LAW Security Review, 2010, 26:23 - 30.
  • 6Jens-Matthias Bohli, Christoph Sorge, Dirk Westhoff. Initial observations on economics, pricing and penetration of the in- temet of things market[ J]. ACM SIGCOMM Computer Com- munication Revie w, 2009,31 (2) : 50 - 55.
  • 7Huang Y H, Li G Y. Descriptive models for internet of things [A]. International Conference on Intelligent Control and Infor- marion Processing[ C ] - Harbin, China: IEEE Press, 2010. 483 - 486.
  • 8Welboume E, et al. Building the intemet of things using RFID: The RFID ecosystem experience[ J]. IEEE Intemet Computing, 2009, 13(3) :48 - 55.
  • 9Broll G, et al. Perci: Pervasive service interaction with the inter- net of things [J]. IEEE Intemet Computing, 2009, 13 ( 6 ) : 74 - 81.
  • 10Kranz M, et al. Embedded interaction: Interacting with the in- temet of things [ J ]. IEEE Intemet Computing, 2010, 14 (2) : 46 - 53.

共引文献1023

同被引文献52

引证文献6

二级引证文献8

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部