Unsupervised Network Intrusion Detection System for AVTP in Automotive Ethernet Networks
This work addresses the need for real-time intrusion detection in automotive networks, but it is incremental as it applies existing deep learning methods to a new protocol and dataset.
The paper tackled the problem of detecting unknown cyberattacks in automotive Ethernet networks by comparing unsupervised deep learning and machine learning anomaly detection algorithms for the Audio Video Transport Protocol (AVTP). The results showed that deep learning models significantly outperformed traditional state-of-the-art anomaly detection models in various experimental settings.
Network Intrusion Detection Systems (NIDSs) are widely regarded as efficient tools for securing in-vehicle networks against diverse cyberattacks. However, since cyberattacks are always evolving, signature-based intrusion detection systems are no longer adopted. An alternative solution can be the deployment of deep learning based intrusion detection system which play an important role in detecting unknown attack patterns in network traffic. Hence, in this paper, we compare the performance of different unsupervised deep and machine learning based anomaly detection algorithms, for real-time detection of anomalies on the Audio Video Transport Protocol (AVTP), an application layer protocol implemented in the recent Automotive Ethernet based in-vehicle network. The numerical results, conducted on the recently published "Automotive Ethernet Intrusion Dataset", show that deep learning models significantly outperfom other state-of-the art traditional anomaly detection models in machine learning under different experimental settings.