Cyber-Physical System Intrusion: A Case Study of Automobile Identification Vulnerabilities and Automated Approaches for Intrusion Detection
Abstract
Today's vehicle manufacturers do not tend to publish proprietary packet formats for the CAN. This is a form of security through obscurity, but obfuscating the network in this way does not adequately hide the vehicle's unique signature. To prove this, we train two distinct deep learning models on data from 11 different vehicles. Our results indicate that one can determine which vehicle generated a given sample of CAN data. A sophisticated attacker who establishes a presence on an unknown vehicle can use similar techniques to identify the vehicle and better format attacks. To protect critical CPSs against attacks like those enabled by this vulnerability, system administrators often employ IDSs. One requires an understanding of the behavior and causality of the CPS to develop an IDS. This research explores two different time series analysis techniques, Granger causality and EDM, which may contribute to this understanding. Our findings indicate that Granger causality is not a suitable approach to IDS development but that EDM might be. We thus encourage further research into EDM applications to IDSs.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 26, 2020
- Accession Number
- AD1102913
Entities
People
- David R. Crow
Organizations
- Air Force Institute of Technology