Security Assessment of in-vehicle Network Intrusion Detection in Real-life Scenarios

Kamronbek Yusupov¹, Md Rezanur Islam¹, Insu Oh², Mahdi Sahlabadi², and Kangbin Yim², ¹Software Convergence, Soonchunhyang University, Asan-si, South Korea, ²Department of Information Security Engineering, Soonchunhyang University, Asan-si, South Korea

ABSTRACT

This research focuses on evaluating the security of an intrusion detection system in a CAN bus-based vehicle control network. A series of studies were conducted to evaluate the performance of models proposed by previous researchers, testing their effectiveness in real-world scenarios as opposed to those on which they were trained. The article demonstrates that models trained and tested on the same dataset can only sometimes be considered adequate. An approach that included models trained only on CAN ID, Payload, or full data was chosen. The research results show that such methods are ineffective enough in real-world attack scenarios because they cannot distinguish between new scenarios not presented during training. The results of testing the models in various attack scenarios are presented, and their limitations are identified. In addition, a new method is proposed explicitly for attack scenarios that may occur in the real-world use of an in-vehicle CAN communication system.

KEYWORDS

Intrusion Detection System, Controller Area Network, In-Vehicle Network, LSTM.