Time Sensitive Networking; Cybersecurity; Connected Vehicles; Automotive Ethernet
Abstract :
[en] Due to the promise of deterministic Ethernet networking, Time Sensitive Network (TSN) standards are gaining popularity in the vehicle on-board networks sector. Among these, Generalized Precision Time Protocol (gPTP) allows network devices to be synchronized with a greater degree of precision than other synchronization protocols, such as Network Time Protocol (NTP). However, gPTP was developed without security measures, making it susceptible to a variety of attacks. Adding security controls is the initial step in securing the protocol. However, due to current gPTP design limitations, this countermeasure is insufficient to protect against all types of threats. In this paper, we present a novel supervised Machine Learning (ML)-based pipeline for the detection of high-risk rogue master attacks.
Disciplines :
Computer science
Author, co-author :
Buscemi, Alessio ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Ponaka, Manasvi ; University of Luxembourg > Faculty of Science, Technology and Medecine (FSTM)
Fotouhi, Mahdi ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
Koebel, Christian; Honda R&D (Germany)
Jomrich, Florian; Honda R&D (Germany)
Engel, Thomas ; University of Luxembourg > Faculty of Science, Technology and Medicine (FSTM) > Department of Computer Science (DCS)
External co-authors :
yes
Language :
English
Title :
An Intrusion Detection System Against Rogue Master Attacks on gPTP
C. Miller and C. Valasek, "Adventures in automotive networks and control units, " Def Con, vol. 21, no. 260-264, pp. 15-31, 2013.
S. Jafarnejad, L. Codeca, W. Bronzi, R. Frank, and T. Engel, "A car hacking experiment: When connectivity meets vulnerability, " in 2015 IEEE Globecom Workshops (GC Wkshps), IEEE, 2015, pp. 1-6.
C. Miller and C. Valasek, "Remote exploitation of an unaltered passenger vehicle, " Black Hat USA, vol. 2015, no. S 91, 2015.
M. Bertoncello, G. Camplone, P. Gao, et al., "Monetizing car data-new service business opportunities to create new customer benefits, " McKinsey & Company, 2016.
IEEE SA, "IEEE Standard for Local and Metropolitan Area Networks-Timing and Synchronization for Time-Sensitive Applications, " Standard, 2019.
IEEE Std 1588™-2019, "IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems, " IEEE SA, Standard, 2019.
M. Fotouhi, A. Buscemi, A. Boualouache, F. Jomrich, C. Koebel, and T. Engel, "Assessing the Impact of Attacks on an Automotive Ethernet Time Synchronization Testbed, " 2023 IEEE Vehicular Networking Conference (VNC), 2023.
C. Young, J. Zambreno, H. Olufowobi, and G. Bloom, "Survey of automotive controller area network intrusion detection systems, " IEEE Design & Test, vol. 36, no. 6, pp. 48-55, 2019.
M. Muter, A. Groll, and F. C. Freiling, "A structured approach to anomaly detection for in-vehicle networks, " in 2010 Sixth International Conference on Information Assurance and Security, IEEE, 2010, pp. 92-98.
A. Taylor, N. Japkowicz, and S. Leblanc, "Frequency-based anomaly detection for the automotive CAN bus, " in 2015 World Congress on Industrial Control Systems Security (WCICSS), IEEE, 2015, pp. 45-49.
Y. Hamada, M. Inoue, H. Ueda, Y. Miyashita, and Y. Hata, "Anomalybased intrusion detection using the density estimation of reception cycle periods for in-vehicle networks, " SAE International Journal of Transportation Cybersecurity and Privacy, vol. 1, no. 11-01-01-0003, pp. 39-56, 2018.
H. Lee, S. H. Jeong, and H. K. Kim, "OTIDS: A novel intrusion detection system for in-vehicle network by using remote frame, " in 2017 15th Annual Conference on Privacy, Security and Trust (PST), IEEE, 2017, pp. 57-5709.
G. Kumar, "Evaluation metrics for intrusion detection systems-a study, " Evaluation, vol. 2, no. 11, pp. 11-7, 2014.
K.-T. Cho and K. G. Shin, "Fingerprinting Electronic Control Units for Vehicle Intrusion Detection, " in 25th USENIX Security Symposium (USENIX Security 16), Aug. 2016, pp. 911-927.
Netgear. "A New Generation of Gigabit Smart Switches. " (2019), [Online]. Available: Https: //www. downloads. netgear. com/files/GDC/ datasheet/en/GS716Tv3-GS724Tv4-GS748Tv5. pdf?_ga=2. 213794839. 222651013. 1652102686-21276228. 1652102686.
P. Engine, apu2e4, May 2016. [Online]. Available: Https: //pcengines. ch/ apu2e4. htm.