学术文献库

Controller Area Network (CAN) is one of the in-vehicle network protocols that is used to communicate among Electronic Control Units (ECUs) and has been de-facto standard. CAN is simple and has several vulnerabilities such as unable to distinguish spoofing messages because it does not support any authentication or sender identification properties. In previous work, some voltage-based methods to identify the sender node have been proposed. The methods can identify ECUs with high accuracy. However, the accuracy of source identification depends on a feature that is extracted from a continuous function of voltage use sampling. In general, as the sampling rate increases, the accuracy of identification is improved. Though the amount of data used for the identification increases too. Hence, it is desired to create an Intrusion Detection System (IDS) that identifies ECUs using few sampling features as there is a limited computing resource in vehicles. In this paper, we propose a delay-time based sender identification method of ECUs. We confirm that the proposed method achieved a true positive rate of 96.7% in CAN bus prototype against spoofing attack from a compromised ECU, detecting spoofing attack from an unmonitored ECU with a true positive rate of 98.0% in real-vehicle.