LATTE: LSTM Self-Attention based Anomaly Detection in Embedded Automotive Platforms
This work addresses cybersecurity vulnerabilities in connected vehicles, offering a domain-specific solution for automotive platforms, though it appears incremental as it builds on existing LSTM and attention methods.
The authors tackled the problem of detecting cyber-attacks in automotive Controller Area Network (CAN) systems by proposing LATTE, a framework using stacked LSTM with attention mechanisms, which demonstrated improved detection capabilities compared to prior works in various attack scenarios.
Modern vehicles can be thought of as complex distributed embedded systems that run a variety of automotive applications with real-time constraints. Recent advances in the automotive industry towards greater autonomy are driving vehicles to be increasingly connected with various external systems (e.g., roadside beacons, other vehicles), which makes emerging vehicles highly vulnerable to cyber-attacks. Additionally, the increased complexity of automotive applications and the in-vehicle networks results in poor attack visibility, which makes detecting such attacks particularly challenging in automotive systems. In this work, we present a novel anomaly detection framework called LATTE to detect cyber-attacks in Controller Area Network (CAN) based networks within automotive platforms. Our proposed LATTE framework uses a stacked Long Short Term Memory (LSTM) predictor network with novel attention mechanisms to learn the normal operating behavior at design time. Subsequently, a novel detection scheme (also trained at design time) is used to detect various cyber-attacks (as anomalies) at runtime. We evaluate our proposed LATTE framework under different automotive attack scenarios and present a detailed comparison with the best-known prior works in this area, to demonstrate the potential of our approach.