Comparative Performance Evaluation of Intrusion Detection Based on Machine Learning in In Vehicle Co

Comparative Performance Evaluation of Intrusion Detection Based on Machine Learning in In Vehicle Co

Abstract  

Communication between the nodes in a vehicle is performed using many protocols. The most common of these is known as the Controller Area Network (CAN). The functionality of the CAN protocol is based on sending messages from one node to all others throughout a bus. Messages are sent without either source or destination addresses. Consequently, it is simple for an attacker to inject malicious messages. This may lead to some nodes malfunctioning or to total system failure, which can affect the safety of the driver as well as the vehicle. Detecting intrusions is a challenging problem when using a CAN bus protocol for in-vehicle communication. Most existing work focuses on the physical aspects without taking into consideration the data itself. Machine Learning (ML) tools, especially classification techniques, have been widely used to address similar problems. In this paper, we use and compare several ML techniques to deal with the problem of detecting intrusions in in-vehicle communication. An experimental study is performed using a real dataset extracted from a KIA Soul car. Compared to previous work, which focuses on detecting intrusions based on the physical aspect, in this paper, data analysis and statistical learning techniques are applied. Furthermore, the paper provides a comparative study of the most common ML techniques. The results show that the techniques proposed in this paper outperform other techniques that have been used previously.