Description
Car-Hacking Dataset (hksecurity.net) in the link the dataset I need more studies about the topic my objective to detect the message if it is normal or not normal if it is not normal what kind it is using machine learning (SVM) I need background and related work in the literature review
99Cyberattacks and Countermeasures for In-Vehicle NetworksEMAD ALIWA,Cardiff University, UKOMER RANA,Cardiff University, UKCHARITH PERERA,Cardiff University, UKPETER BURNAP,Cardiff University, UKAs connectivity between and within vehicles increases, so does concern about safety and security. Variousautomotive serial protocols are used inside vehicles such as Controller Area Network (CAN), Local InterconnectNetwork (LIN) and FlexRay. CAN Bus is the most used in-vehicle network protocol to support exchange ofvehicle parameters between Electronic Control Units (ECUs). This protocol lacks security mechanisms bydesign and is therefore vulnerable to various attacks. Furthermore, connectivity of vehicles has made theCAN Bus not only vulnerable from within the vehicle but also from outside. With the rise of connected cars,more entry points and interfaces have been introduced on board vehicles, thereby also leading to a widerpotential attack surface. Existing security mechanisms focus on the use of encryption, authentication andvehicle Intrusion Detection Systems (IDS), which operate under various constrains such as low bandwidth,small frame size (e.g. in the CAN protocol), limited availability of computational resources and real-timesensitivity. We survey and classify current cryptographic and IDS approaches and compare these approachesbased on criteria such as real time constrains, types of hardware used, changes in CAN Bus behaviour, typesof attack mitigation and software/ hardware used to validate these approaches. We conclude with mitigationstrategies limitations and research challenges for the future.CCS Concepts:•Security and privacy;Additional Key Words and Phrases:CAN Bus, Cybersecurity, Intrusion Detection SystemsACM Reference Format:Emad Aliwa, Omer Rana, Charith Perera, and Peter Burnap. 9999. Cyberattacks and Countermeasures forIn-Vehicle Networks.ACM Comput. Surv.9, 9, Article 99 (September 9999), 36 pages. https://doi.org/10.1145/1122445.11224561 INTRODUCTIONIn recent years, vehicles have become more connected (to other vehicles – referred to as Vehicle-2-Vehicle (V2V) and external infrastructure – referred to as Vehicle-2-Infrastructure (V2I)) andthe cyberattack surface for these vehicles continues to increase. Cyberattacks have also becomea real concern for vehicle manufacturers, especially where services need to be supported usingnetworks outside a vehicle. These services can include Global Positioning Systems (GPS), On-BoardDiagnostic (OBD-2) based cellular dongles and entertainment services. As a result, vehicles arenow more vulnerable to attacks not only from inside but also from outside the vehicle. For instance,recent report has indicated that two famous connected cars are vulnerable to cyberattacks [141]. AsAuthors’ addresses: Emad Aliwa, aliwaem@cardiff.ac.uk, Cardiff University, UK, 5 The Parade, Cardiff, UK, CF24 3AA;Omer Rana, ranaof@cardiff.ac.uk, Cardiff University, UK; Charith Perera, pererac@cardiff.ac.uk, Cardiff University, UK;Peter Burnap, burnapp@cardiff.ac.uk, Cardiff University, UK.Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without feeprovided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice andthe full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored.Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requiresprior specific permission and/or a fee. Request permissions from permissions@acm.org.©2018 Association for Computing Machinery.0360-0300/9999/9-ART99 $15.00https://doi.org/10.1145/1122445.1122456ACM Comput. Surv., Vol. 9, No. 9, Article 99. Publication date: September 9999.
99:2Aliwa, et al.potential cyberattacks on vehicles have widened, more vulnerabilities and entry points have beendiscovered – generally grouped under: direct interfaces-initiated attacks, infotainment-initiatedattacks, telematics-initiated attacks and sensor-initiated attacks. This raises the need for bettersecurity mechanisms. Due to lack of suitable security support in the Controller Area Network(CAN) protocol itself, mechanisms to secure communications between components within a vehicleis also limited. Attacks such as CAN Bus Denial of Service (DoS) and bus injection attacks arecommon [27]. CAN Bus security limitations have been investigated by various researchers overboth laboratory-based environments and in real vehicles. The attacks demonstrate how attackersare able to successfully take control of various parts of a vehicle, such as brakes, lights, steeringand gears [23]. Such attacks and malicious data on the CAN Bus was generated from both on-boardthe vehicle and at remote locations.Serial protocols are used for in-vehicle networks to exchange parameters between ElectronicControl Units (ECUs) and sensors. These protocols lack security mechanisms by design and are thusvulnerable to various attacks. Researchers have also shown how to attack vehicles from within avehicle using direct interfaces and infotainment systems via the On-Board Diagnostics port (OBD-2),USB and CD player and from outside the vehicle using medium and long distance communicationsuch as Wi-Fi, Bluetooth, mobile (phone) networks, and sensors signals such as keyless fob attacksand tyre pressure monitoring system sensors. These attacks have widened the potential attackentry points within a connected vehicle – suggesting the importance of protecting the CAN Bus.To ensure focus, this survey does not cover a number of other related topics such as: drivingbehaviour, unauthorised drivers, software defined/updated ECUs and Blockchain for vehicularsecurity. Table 1 provides a comparison between this survey paper and other papers coveringvehicular security.CoverageOther PapersThis PaperFocus on In Vehicle Network security (IVN)[43, 46, 62, 90, 129, 161]✓Analysis of existing cryptographic methods for securing IVNs[62, 90]✓Analysis of existing IDS methods for securing IVNs[43, 62, 90]✓Introducing countermeasure & architecture for vehicles security[90, 129, 161]Limitation with current CAN Bus countermeasures✓Datasets, software and hardware used✓Table 1. Related Survey Papers on Vehicular Networks SecurityThis survey provides the following contributions: (i) description of in-vehicle serial bus protocols(particularly the CAN Bus); (ii) evaluation of current cryptographic and IDS approaches usedfor protecting vehicular data; (iii) comparison and assessment of current mitigation strategiesto protect vehicles against cyberattacks; (iv) challenges and potential future research directionsfor in-vehicular cybersecurity. The rest of this paper is structured as follows: Section 2 providesan introduction to serial data exchange protocols within a vehicle, outlining key concepts andterminology, and providing the context for the rest of this paper. In Section 3 the CAN Bus protocoland architecture along with hardware and software used inside vehicles utilising the CAN Busis described. In Section 4 we describe the connected car infrastructure, including various ECUsand sensors that can be used inside a vehicle. In Section 5 attacks initiated using data interfaces,telematics, infotainment and sensor entry points and how such attacks can be generated aredescribed. In Section 6, we review security mechanisms to secure the CAN Bus, which includeencryption, message authentication and vehicular Intrusion Detection Systems (IDS). We evaluateexisting approaches based on criteria such as real time data requirements, the types of networkACM Comput. Surv., Vol. 9, No. 9, Article 99. Publication date: September 9999.