《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 其他 > 設(shè)計應(yīng)用 > 汽車CAN總線入侵檢測算法性能模糊測試方法研究
汽車CAN總線入侵檢測算法性能模糊測試方法研究
信息技術(shù)與網(wǎng)絡(luò)安全 4期
田韻嵩1,李中偉1,譚 凱1,洪 晟2,劉 勇1,金顯吉1
(1.哈爾濱工業(yè)大學 電氣工程及自動化學院,黑龍江 哈爾濱150001; 2.北京航空航天大學 網(wǎng)絡(luò)空間安全學院,北京100191)
摘要: 針對目前汽車CAN總線入侵檢測算法性能模糊測試方法因測試用例覆蓋率低、針對性差而導致的測試結(jié)果可信度不高的問題,提出一種改進的汽車CAN總線入侵檢測算法性能模糊測試方法。針對是否已知CAN總線協(xié)議規(guī)范的情況分別基于字段權(quán)重和改進Wasserstein生成對抗網(wǎng)絡(luò)(WGAN-GP)生成模糊測試用例,對KNN算法和AdaBoost算法進行了測試,測試結(jié)果表明,AdaBoost算法的檢測性能優(yōu)于KNN算法。試驗驗證了所提出的測試方法用于測試入侵檢測算法的性能能夠得到可信度較高的試驗結(jié)果,達到了為汽車CAN總線入侵檢測算法的選用提供參考依據(jù)的目的。
中圖分類號: TP306.2
文獻標識碼: A
DOI: 10.19358/j.issn.2096-5133.2022.04.005
引用格式: 田韻嵩,李中偉,譚凱,等. 汽車CAN總線入侵檢測算法性能模糊測試方法研究[J].信息技術(shù)與網(wǎng)絡(luò)安全,2022,41(4):32-38.
Research on fuzzy test method of the detection ability of in-vehicle CAN bus intrusion detection algorithm
Tian Yunsong1,Li Zhongwei1,Tan Kai1,Hong Sheng2,Liu Yong1,Jin Xianji1
(1.School of Electrical Engineering and Automation,Harbin Institute of Technology,Harbin 150001,China; 2.School of Cyber Science and Technology,Beihang University,Beijing 100191,China)
Abstract: The test results of the current vehicle CAN bus intrusion detection algorithm performance fuzzy test method are not highly reliable, due to the low test case coverage and poor pertinence. Aiming at this problem,an improved in-vehicle CAN bus intrusion detection algorithm performance fuzzy test method was proposed. According to whether the CAN bus protocol specification was known or not, fuzzy test cases were generated based on field weights or improved Wasserstein Generative Adversarial Network(WGAN-GP). The generated test cases were used to test the KNN algorithm and the AdaBoost algorithm. The test results showed that the detection performance of the AdaBoost algorithm was better than that of the KNN algorithm. The test verified that the test method proposed in this paper can obtain the test results with high reliability when used to test the performance of the intrusion detection algorithm, and achieved the purpose of providing a reference for the selection of the intrusion detection algorithm of the in-vehicle CAN bus.
Key words : intrusion detection algorithm;detecting ability test;Controller Area Network(CAN);Generative Adversarial Network(GAN); fuzzy test

0 引言

現(xiàn)代汽車智能化功能越來越豐富,汽車與外部的信息交互越來越頻繁,汽車網(wǎng)絡(luò)被入侵的風險越來越高[1]。而入侵檢測算法被應(yīng)用于汽車CAN總線網(wǎng)絡(luò)安全防御中,其檢測惡意攻擊的能力將對汽車CAN總線網(wǎng)絡(luò)的安全性產(chǎn)生影響。

入侵檢測算法能夠識別外部針對網(wǎng)絡(luò)資源的惡意操作,也能夠檢測內(nèi)部用戶的違規(guī)或未授權(quán)的非法行為。目前,入侵檢測算法從檢測技術(shù)的角度可分為以下3類:(1)基于規(guī)則的入侵檢測算法;(2)基于統(tǒng)計的入侵檢測算法;(3)基于機器學習的入侵檢測算法[2]。其中基于機器學習的入侵檢測算法能夠利用龐大的已有數(shù)據(jù)進行學習,發(fā)現(xiàn)內(nèi)在規(guī)律,實現(xiàn)網(wǎng)絡(luò)攻擊行為檢測的智能化。并且機器學習具備預測能力,對未知模式的攻擊也具備一定的檢測能力,是目前熱門的入侵檢測算法研究領(lǐng)域。



本文詳細內(nèi)容請下載http://ihrv.cn/resource/share/2000004096





作者信息:

田韻嵩1,李中偉1,譚  凱1,洪  晟2,劉  勇1,金顯吉1

(1.哈爾濱工業(yè)大學 電氣工程及自動化學院,黑龍江 哈爾濱150001;

2.北京航空航天大學 網(wǎng)絡(luò)空間安全學院,北京100191)


此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。