Network intrusion detection systems for in-vehicle network - Technical report
This work provides a structured overview for researchers and practitioners working on vehicle security, but it is incremental as it reviews existing solutions without introducing new methods.
The authors compiled an organized inventory of existing network intrusion detection systems (NIDS) for in-vehicle CAN buses, categorizing them based on the information they extract and how they build their models.
Modern vehicles are complex safety critical cyber physical systems, that are connected to the outside world, with all security implications that brings. To enhance vehicle security several network intrusion detection systems (NIDS) have been proposed for the CAN bus, the predominant type of in-vehicle network. The in-vehicle CAN bus, however, is a challenging place to do intrusion detection as messages provide very little information; interpreting them requires specific knowledge about the implementation that is not readily available. In this technical report we collect how existing solutions address this challenge by providing an organized inventory of various CAN NIDSs present in the literature, categorizing them based on what information they extract from the network and how they build their model.