期刊文献+

面向总线网络攻击的快速响应熵分析与入侵检测系统

Quick Response Entropy Analysis and Intrusion Detection System for Bus Network Attacks
下载PDF
导出
摘要 为了解决传统的基于信息熵的车载总线网络入侵检测系统所存在的响应时间长、检测精度不足的弊端,提出了基于重叠滑动窗口优化与Renyi熵分析的快速响应入侵检测方法.首先,基于采集的总线报文数据集利用模拟退火优化算法对入侵检测系统进行离线训练,得到最优的系统配置参数;然后,依据报文ID序列构建总线网络通信数据的Renyi熵曲线,并进行实时分析,在线监测总线报文数据的异常情况;最后,利用实车ECU和攻击数据集开展硬件试验验证所提方案的有效性.测试结果表明,与传统的基于Shannon熵的入侵检测系统相比,所提方案能够有效地识别典型的车载总线网络攻击类型,同时提高非法入侵的检测精度,所提方法能够将检测响应时间缩短为传统熵检测方法的52%. To improve the response time and detection accuracy of traditional information intrusion detection system with information entropy in vehicle bus network,a new intrusion detection scheme with fast response was proposed based on overlapping sliding window optimization and Renyi entropy analysis.Firstly,based on the message dataset collected from bus network,the intrusion detection system was trained offline with simulated annealing optimization algorithm to obtain the optimal system configuration parameters.Then,based on the message ID sequence of bus network communication data,a Renyi entropy curve was constructed and analyzed in real time to monitor the abnormalities of the bus message data online.Finally,using real vehicle ECUs(electronic control units)and attack data sets,the hardware experiments were conducted to verify the effectiveness of the proposed scheme.The experimental results show that,compared with the traditional intrusion detection system based on Shannon entropy,the proposed scheme can effectively identify typical attack types to vehicle bus network and improve the detection accuracy of illegal intrusion,shortening the detection response time up to 52%.
作者 尹志华 魏洪乾 赵文强 王洪荣 张幽彤 YIN Zhihua;WEI Hongqian;ZHAO Wenqiang;WANG Hongrong;ZHANG Youtong(School of Mechanical Engineering,Beijing Institute of Technology,Beijing 100081,China;Key Laboratory of Low Emission Vehicles in Beijing,Beijing 100081,China;Vehicle Measurement,Control and Safety Key Laboratory of Sichuan Province,Chengdu,Sichuan 610039,China;China Automotive Engineering Research Institute Co.,Ltd.,Chongqing 401122,China)
出处 《北京理工大学学报》 EI CAS CSCD 北大核心 2024年第9期947-959,共13页 Transactions of Beijing Institute of Technology
基金 国家重点研发计划项目(2021YFB3101500) 国家自然科学基金资助项目(52202461) 中国博士后自然科学基金资助项目(2022TQ0032,2022M710380) 汽车新技术安徽省工程技术研究中心开放基金资助项目(QCKJ202202A) 汽车测控与安全四川省重点实验室开放基金资助项目(QCCK2023-001)。
关键词 总线网络 异常入侵检测 快速响应 信息安全 bus networks anomalous intrusion detection quick response information security
  • 相关文献

参考文献8

二级参考文献61

  • 1冯聪.智能网联汽车网络安全问题的治理与执法探索[J].信息网络安全,2020(S01):44-47. 被引量:5
  • 2魏学哲,孙泽昌,陈觉晓.汽车网络分类方法及其主流协议发展趋势[J].同济大学学报(自然科学版),2004,32(6):762-766. 被引量:14
  • 3丁宝苍,邹涛,李少远.时变不确定系统的变时域离线鲁棒预测控制[J].控制理论与应用,2006,23(2):240-244. 被引量:11
  • 4Miller C, Valasek C. Adventures in automotive net- works and control units[C]//DEFCON 21 Hacking Conference, Las Vegas,2013.
  • 5Miller C, Valasek C. A survey of remote automotive attack surfaces[C] // Black Hat, Las Vegas, USA, 2014.
  • 6Miller C, Valasek C. Remote Exploitation of an Un- altered Passenger Vehicle[C] // Black Hat, Las Ve- gas,USA, 2015.
  • 7Leinmtiller T, Buttyan L, Hubaux J P, et al. Seve- corn-secure vehicle communication[C]//IST Mobile and Wireless Communication Summit, Myconos Greece,2006.
  • 8European Commission within the Seventh Frame- work Programme. E-safety vehicle intrusion protec- ted applications (EVITA) project [OB/OL]. ht- tp ://www. evitaproject, org.
  • 9Groza B, Murvay S. Broadcast Authentication in a Low Speed Controller Area Network[M]. E-Busi- ness and Telecommunications: Springer, 2012: 330- 344.
  • 10Groza B, Murvay S. Efficient protocols for secure broadcast in controller area networks[J]. IEEE Transactions on Industrial Informatics, 2013, 9(4): 2034-2042.

共引文献113

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部