Malmö University Publications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Combining Anomaly- and Signaturebased Algorithms for IntrusionDetection in CAN-bus: A suggested approach for building precise and adaptiveintrusion detection systems to controller area networks
Malmö University, Faculty of Technology and Society (TS).
2021 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

With the digitalization and the ever more computerization of personal vehicles, new attack surfaces are introduced, challenging the security of the in-vehicle network. There is never such a thing as fully securing any computer system, nor learning all the methods of attack in order to prevent a break-in into a system. Instead, with sophisticated methods, we can focus on detecting and preventing attacks from being performed inside a system. The current state of the art of such methods, named intrusion detection systems (IDS), is divided into two main approaches. One approach makes its models very confident of detecting malicious activity, however only on activities that has been previously learned by this model. The second approach is very good at constructing models for detecting any type of malicious activity, even if never studied by the model before, but with less confidence. In this thesis, a new approach is suggested with a redesigned architecture for an intrusion detection system called Multi-mixed IDS. Where we take a middle ground between the two standardized approaches, trying to find a combination of both sides strengths and eliminating its weaknesses. This thesis aims to deliver a proof of concept for a new approach in the current state of the art in the CAN-bus security research field. This thesis also brings up some background knowledge about CAN and intrusion detection systems, discussing their strengths and weaknesses in further detail. Additionally, a brief overview from a handpick of research contributions from the field are discussed. Further, a simple architecture is suggested, three individual detection models are trained and combined to be tested against a CAN-bus dataset. Finally, the results are examined and evaluated. The results from the suggested approach shows somewhat poor results compared to other suggested algorithms within the field. However, it also shows some good potential, if better decision methods between the individual algorithms that constructs the model can be found. 

Place, publisher, year, edition, pages
2021. , p. 41
Keywords [en]
CAN, Controller Area Network, IDS, Intrusion detection, personal vehicles, machine learning, hybrid, proof of concept, embeded systems, software architecture, malicious, security
National Category
Engineering and Technology Computer Systems Embedded Systems
Identifiers
URN: urn:nbn:se:mau:diva-43450OAI: oai:DiVA.org:mau-43450DiVA, id: diva2:1566210
Educational program
TS Systemutvecklare
Presentation
, Malmö (English)
Supervisors
Examiners
Available from: 2021-06-28 Created: 2021-06-14 Last updated: 2021-07-06Bibliographically approved

Open Access in DiVA

fulltext(3418 kB)560 downloads
File information
File name FULLTEXT02.pdfFile size 3418 kBChecksum SHA-512
7388db71058209b735aa936cf49937b66ba2712c241a3414eecc003c73be7300770bb25db614d213ca1e0781d6b9803c0c92b0b1fb8e94fbaecd1de35f0f3ac5
Type fulltextMimetype application/pdf

By organisation
Faculty of Technology and Society (TS)
Engineering and TechnologyComputer SystemsEmbedded Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 560 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 709 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf