A Real-time Method for CAN Bus Intrusion Detection by Means of Supervised Machine Learning

Nowadays vehicles are not composed only of mechanical parts, exits a plethora of electronics components in our cars, able to exchange information. The protection devices such as the airbags are activated electronically. This happens because the braking or acceleration signal from the pedal to the actuator arrives through a packet. The latter is an electronic and not a mechanical signal. For packets transmission a bus, i.e., the Controller Area Network, was designed and implemented in vehicles. This bus was not designed to receive access from the outside world, which happened when info-entertainment systems were introduced, opening up the possibility of accessing bus information from devices external to the vehicle. To avoid the possibility of those attacks, in this research article, we propose a method aimed to detect intrusions targeting the CAN bus. In particular, we analyze packets transiting through the CAN bus, and we build a set of models by exploiting supervised machine learning. We experiment with the proposed method on three different attacks (i.e., speedometer attack, arrows attack, and doors attack), obtaining interesting performances.