Search Icon
Register

HistCAN: A real-time CAN IDS with enhanced historical traffic learning capability (Short)

Shuguo Zhuo, Nuo Li, Kui Ren (The State Key Laboratory of Blockchain and Data Security, Zhejiang University)

NMFTA Best Short Paper Award Winner ($200 cash prize)!

Due to the absence of encryption and authentication mechanisms, the Controller Area Network (CAN) protocol, widely employed in in-vehicle networks, is susceptible to various cyber attacks. In safeguarding in-vehicle networks against cyber threats, numerous Machine Learning-based (ML) and Deep Learning-based (DL) anomaly detection methods have been proposed, demonstrating high accuracy and proficiency in capturing intricate data patterns. However, the majority of these methods are supervised and heavily reliant on labeled training datasets with known attack types, posing limitations in real-world scenarios where acquiring labeled attack data is challenging. In this paper, we present HistCAN, a lightweight and self-supervised Intrusion Detection System (IDS) designed to confront cyber attacks using solely benign training data. HistCAN employs a hybrid encoder capable of simultaneously learning spatial and temporal features of the input data, exhibiting robust patterncapturing capabilities with a relatively compact parameter set. Additionally, a historical information fusion module is integrated into HistCAN, facilitating the capture of long-term dependencies and trends within the CAN ID series. Extensive experimental results demonstrate that HistCAN generally outperforms the compared baseline methods, achieving a high F1 score of 0.9954 in a purely self-supervised manner while satisfying real-time requirements.

Paper

View More Papers

Low-Quality Training Data Only? A Robust Framework for Detecting...

Yuqi Qing (Tsinghua University), Qilei Yin (Zhongguancun Laboratory), Xinhao Deng (Tsinghua University), Yihao Chen (Tsinghua University), Zhuotao Liu (Tsinghua University), Kun Sun (George Mason University), Ke Xu (Tsinghua University), Jia Zhang (Tsinghua University), Qi Li (Tsinghua University)

Read More

Phoenix: Surviving Unpatched Vulnerabilities via Accurate and Efficient Filtering...

Hugo Kermabon-Bobinnec (Concordia University), Yosr Jarraya (Ericsson Security Research), Lingyu Wang (Concordia University), Suryadipta Majumdar (Concordia University), Makan Pourzandi (Ericsson Security Research)

Read More

ShapFuzz: Efficient Fuzzing via Shapley-Guided Byte Selection

Kunpeng Zhang (Shenzhen International Graduate School, Tsinghua University), Xiaogang Zhu (Swinburne University of Technology), Xi Xiao (Shenzhen International Graduate School, Tsinghua University), Minhui Xue (CSIRO's Data61), Chao Zhang (Tsinghua University), Sheng Wen (Swinburne University of Technology)

Read More