CRIS Current Research Information System

This paper evaluates the effectiveness of information-theoretic anomaly detection algorithms applied to networks included in modern vehicles. In particular, we focus on providing an experimental evaluation of anomaly detectors based on entropy. Attacks to in-vehicle networks were simulated by injecting different classes of forged CAN messages in traces captured from a modern licensed vehicle. Experimental results show that if entropy-based anomaly detection is applied to all CAN messages it is only possible to detect attacks that comprise a high volume of forged CAN messages. On the other hand, attacks characterized by the injection of few forged CAN messages attacks can be detected only by applying several independent instances of the entropy based anomaly detector, one for each class of CAN messages.

MARCHETTI, M., Stabili, D., GUIDO, A., COLAJANNI, M. (2016). Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms. IEEE [10.1109/RTSI.2016.7740627].

Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms

MARCHETTI, Mirco;COLAJANNI, Michele
2016

Abstract

This paper evaluates the effectiveness of information-theoretic anomaly detection algorithms applied to networks included in modern vehicles. In particular, we focus on providing an experimental evaluation of anomaly detectors based on entropy. Attacks to in-vehicle networks were simulated by injecting different classes of forged CAN messages in traces captured from a modern licensed vehicle. Experimental results show that if entropy-based anomaly detection is applied to all CAN messages it is only possible to detect attacks that comprise a high volume of forged CAN messages. On the other hand, attacks characterized by the injection of few forged CAN messages attacks can be detected only by applying several independent instances of the entropy based anomaly detector, one for each class of CAN messages.
2016
Proc. of the IEEE 2nd International Forum on Research and Technologies for Society and Industry (RTSI 2016)
429
434
MARCHETTI, M., Stabili, D., GUIDO, A., COLAJANNI, M. (2016). Evaluation of anomaly detection for in-vehicle networks through information-theoretic algorithms. IEEE [10.1109/RTSI.2016.7740627].
MARCHETTI, Mirco; Stabili, Dario; GUIDO, ALESSANDRO; COLAJANNI, Michele
4.01 Contributo in Atti di convegno
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/812087
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 141
  • ???jsp.display-item.citation.isi??? 52
social impact