CN112887302A - Automobile controller local area network bus intrusion detection method and system - Google Patents
Automobile controller local area network bus intrusion detection method and system Download PDFInfo
- Publication number
- CN112887302A CN112887302A CN202110091222.9A CN202110091222A CN112887302A CN 112887302 A CN112887302 A CN 112887302A CN 202110091222 A CN202110091222 A CN 202110091222A CN 112887302 A CN112887302 A CN 112887302A
- Authority
- CN
- China
- Prior art keywords
- area network
- data
- local area
- controller
- network bus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 31
- 238000000034 method Methods 0.000 claims abstract description 35
- 238000012545 processing Methods 0.000 claims abstract description 21
- 238000000605 extraction Methods 0.000 claims abstract description 17
- 238000013527 convolutional neural network Methods 0.000 claims abstract description 15
- 238000007477 logistic regression Methods 0.000 claims abstract description 8
- 238000007781 pre-processing Methods 0.000 claims abstract description 7
- 230000003213 activating effect Effects 0.000 claims abstract description 4
- 230000006870 function Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 6
- 230000004044 response Effects 0.000 claims description 6
- 239000013598 vector Substances 0.000 claims description 3
- 238000013507 mapping Methods 0.000 abstract 1
- 230000005856 abnormality Effects 0.000 description 4
- 238000013528 artificial neural network Methods 0.000 description 4
- 238000010801 machine learning Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000005070 sampling Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000011176 pooling Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 238000003066 decision tree Methods 0.000 description 2
- 238000013136 deep learning model Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000003062 neural network model Methods 0.000 description 2
- 238000011897 real-time detection Methods 0.000 description 2
- 239000000523 sample Substances 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000012706 support-vector machine Methods 0.000 description 2
- 238000012300 Sequence Analysis Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Biomedical Technology (AREA)
- Molecular Biology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biophysics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a method and a system for detecting the intrusion of a local area network bus of an automobile controller, wherein the method comprises the following steps: processing the pre-data; according to the pre-processed data, carrying out character-level one-hot coding on the identification number sequence of the message frame identity card of the local area network bus of the controller; performing characteristic extraction on the one-hot code obtained by preprocessing the data; sending the coded data into a convolutional neural network for feature extraction; constructing a classifier by activating a function through a full-connection structure and a logistic regression model according to data prediction and a convolutional neural network; further mapping the data records in the database into a given category; the invention provides a convolutional neural network detection model as an engine of controller local area network bus intrusion detection, and character-level unique hot coding preprocessing is carried out on controller local area network bus data, so that dimensionality is reduced.
Description
Technical Field
The invention relates to a network security and software technology, in particular to a method and a system for detecting the intrusion of a local area network bus of an automobile controller.
Background
Currently, the security scheme of the controller area network bus is divided into three directions: message authentication based on cryptography, message authentication based on physical characteristics, and anomaly detection of a controller area network bus; controller area network bus anomaly detection probes attacks by exploiting the characteristics of the communication network and data or by monitoring and probing network anomalies on the controller area network bus using big data analysis and machine learning.
Currently, some traditional machine learning methods are applied to intrusion detection aiming at a controller local area network bus; for example, in a method for detecting an abnormality of a controller area network bus based on a decision tree, and in the method for detecting an abnormality of a controller area network bus message using a support vector machine, in recent years, a deep learning model has been applied to intrusion detection due to its good ability to extract complex features, but a neural network model for intrusion detection of a controller area network bus is still lacking.
The controller local area network bus network is a vehicle-mounted control network which is widely applied at present, and is connected with control units of most vehicles to enable the vehicle-mounted control network to become a final target of vehicle network intrusion; once the hacker successfully invades the controller area network of the car, he can easily interfere with and even control the car; the current main methods for intrusion detection of the controller area network bus have certain defects.
Disclosure of Invention
The embodiment of the invention provides an intrusion detection method for a local area network bus of an automobile controller, which reduces dimensionality by performing character-level one-hot encoding preprocessing on controller local area network bus data.
In a first aspect, a method for detecting intrusion of a local area network bus of an automobile controller is provided, which includes;
processing the pre-data;
according to the pre-processed data, carrying out character-level one-hot coding on the identification number sequence of the message frame identity card of the local area network bus of the controller;
obtaining a unique hot code according to the processing advance data for feature extraction;
sending the coded data into a convolutional neural network for feature extraction;
compared with a two-dimensional convolution structure, the one-dimensional convolution neural network extracts the characteristics of the sequence time dimension under fewer parameters;
constructing a classifier by activating a function through a full-connection structure and a logistic regression model according to the processing advance data and the convolutional neural network; the data records in the database are further mapped into a given category.
In some realizations of the first aspect, the network consists of three hidden layers; each hidden layer comprises at least one convolution layer and at least one pool layer; the convolution kernel number of each hidden layer is different, and the original features are mapped to a high-dimensional space, so that the capability of learning the features is improved.
In some implementations of the first aspect, the message frame includes an identification number segment, a control segment, and a data segment; in the process of processing the data of the controller local area network, the identification number section of the identity card is used as the original data of intrusion detection, so that the encoding time can be effectively reduced, and the method is suitable for real-time detection.
In some implementations of the first aspect, the identification number segment is preprocessed first, because the collected data of the identification number segment is hexadecimal, each bit is subjected to unique hot coding, and a coded identification number sequence of the identification card is obtained from an original identification number data sequence of the identification card; each identification card identification number is represented by at least three unique heat coding vectors instead of one unique heat coding for each identification card identification number.
In a second aspect, a system for detecting intrusion of a local area network bus of an automobile controller is provided, which includes:
the processing module is used for preprocessing data; carrying out character-level one-hot coding on the identification number sequence of the controller local area network bus message frame identity card;
the characteristic extraction module is used for extracting characteristics according to the one-hot code obtained by the processing module; sending the coded data into a convolutional neural network for feature extraction;
and the classifier activates the function structure through a full-connection structure and a logistic regression model so as to predict the data of the processing module and the characteristic extraction module and map the data records in the database to a given category.
In a third aspect, an intrusion detection device for a local area network bus of an automobile controller is provided, wherein the device simulates an intruded computer control module node, a local area network client of the controller simulates a network environment of a local area network bus of an on-board controller, and the node is provided with at least 3 attack scenes; the scenario is as follows:
the method comprises the following steps that in the first attack scenario, service attack is refused, a large number of messages with high priority are sent, message frames of 0x00 are sent to a bus at high frequency, and response of a vehicle-mounted bus system is damaged;
an attack scene II, namely fuzzy attack; detecting the information of the automobile computer control module by sending a large number of message frames of random ID card identification numbers and probing the response of a controller local area network bus;
an attack scene three, replay attack; by sending a specific normal message, such as: messages that control the rpm tachometer interfere with the vehicle system.
In some implementations of the third aspect, the apparatus further comprises:
a processor and a memory storing computer program instructions;
the processor reads and executes the computer program instructions to implement the method for detecting intrusion of the local area network bus of the vehicle controller according to the first aspect.
In a fourth aspect, a computer-readable storage medium having a computer stored thereon is provided;
program instructions, which when executed by a processor, implement the method for detecting intrusion of a local area network bus of an automobile controller according to the first aspect.
Has the advantages that: the invention designs a method and a system for detecting the intrusion of a local area network bus of an automobile controller, and provides a convolutional neural network detection model as an engine for detecting the intrusion of the local area network bus of the controller, and character-level unique hot coding pretreatment is carried out on the data of the local area network bus of the controller to reduce dimensionality, so that the data can be used as the input of an intrusion detection model, and three different types of attacks of the local area network bus of the controller, including denial of service attack, fuzzy attack and replay attack, can be effectively identified; the intrusion detection system of the local area network bus of the automobile controller adopts a one-dimensional convolutional neural network structure; the one-dimensional convolution structure performs convolution operation on the time dimension, saves a plurality of parameters compared with a two-dimensional convolution structure, is suitable for quick detection, can be applied to time sequence analysis, and can also be used for analyzing signal data with fixed-length periods.
Drawings
Fig. 1 is a diagram of a neural network structure of a local area network bus intrusion detection system of an automobile controller according to the present invention.
Fig. 2 is a schematic diagram of a controller area network bus message frame of the present invention.
Fig. 3 is a schematic diagram of encoding an identification number of a message frame id card by taking 0x123 as an example in the invention.
Detailed Description
In the embodiment, the method and the system for detecting the intrusion of the local area network bus of the automobile controller reduce the dimensionality by performing character-level one-hot coding preprocessing on the data of the local area network bus of the automobile controller; the present invention will be further described in detail with reference to the following examples and accompanying drawings.
Currently, the security scheme of the controller area network bus is divided into three directions: message authentication based on cryptography, message authentication based on physical characteristics, and anomaly detection of a controller area network bus; controller area network bus anomaly detection probes attacks by exploiting the characteristics of the communication network and data or by monitoring and probing network anomalies on the controller area network bus using big data analysis and machine learning.
Currently, some traditional machine learning methods are applied to intrusion detection aiming at a controller local area network bus; for example, in a method for detecting an abnormality of a controller area network bus based on a decision tree, and in the method for detecting an abnormality of a controller area network bus message using a support vector machine, in recent years, a deep learning model has been applied to intrusion detection due to its good ability to extract complex features, but a neural network model for intrusion detection of a controller area network bus is still lacking.
The convolutional neural network is widely applied to the fields of images, videos and the like, can reduce the complexity of the network due to the characteristics of parameter sharing, local perception and the like, has high good characteristics of no deformation for the transformation of data translation, scaling and the like, and becomes a common neural network structure.
In summary, in the present application, the applicant believes that there are at least the following disadvantages in the prior art: the controller local area network bus network is a vehicle-mounted control network which is widely applied at present, and is connected with control units of most vehicles to enable the vehicle-mounted control network to become a final target of vehicle network intrusion; once the hacker successfully invades the controller area network of the car, he can easily interfere with and even control the car; the current main methods for intrusion detection of the controller area network bus have certain defects.
In order to solve the disadvantages in the prior art, embodiments of the present invention provide a method and a system for detecting intrusion of a local area network bus of an automobile controller, and a technical solution of the embodiments of the present invention is described below with reference to the accompanying drawings.
The first embodiment,
According to an embodiment, a method for detecting intrusion of a local area network bus of an automobile controller is provided, and the method comprises the following steps of;
processing the pre-data;
according to the pre-processed data, carrying out character-level one-hot coding on the identification number sequence of the message frame identity card of the local area network bus of the controller;
obtaining a unique hot code according to the processing advance data for feature extraction;
sending the coded data into a convolutional neural network for feature extraction;
compared with a two-dimensional convolution structure, the one-dimensional convolution neural network extracts the characteristics of the sequence time dimension under fewer parameters;
constructing a classifier by activating a function through a full-connection structure and a logistic regression model according to the processing advance data and the convolutional neural network; the data records in the database are further mapped into a given category.
Example II,
On the basis of the first embodiment, the network consists of three hidden layers; each hidden layer comprises at least one convolution layer and at least one pool layer; the convolution kernel number of each hidden layer is different, and the original features are mapped to a high-dimensional space, so that the capability of learning the features is improved.
Example III,
On the basis of the first embodiment, as shown in fig. 2, the message frame includes an identification number segment, a control segment and a data segment; in the process of processing the data of the controller local area network, the identification number section of the identity card is used as the original data of intrusion detection, so that the encoding time can be effectively reduced, and the method is suitable for real-time detection.
Example four,
On the basis of the third embodiment, as shown in fig. 3, the identification number segment of the identification card is preprocessed, each bit is subjected to unique hot coding because the collected data of the identification number segment of the identification card is hexadecimal, and a coded identification number sequence of the identification card is obtained from an original identification number data sequence of the identification card; each identification card identification number is represented by at least three independent heat coding vectors instead of one independent heat coding for each identification card identification number; reducing the space after encoding.
Example V,
According to a fifth embodiment, a system for detecting intrusion of a local area network bus of an automobile controller is provided, the system comprising:
the processing module is used for preprocessing data; carrying out character-level one-hot coding on the identification number sequence of the controller local area network bus message frame identity card;
the characteristic extraction module is used for extracting characteristics according to the one-hot code obtained by the processing module; sending the coded data into a convolutional neural network for feature extraction;
and the classifier activates the function structure through a full-connection structure and a logistic regression model so as to predict the data of the processing module and the characteristic extraction module and map the data records in the database to a given category.
Example six,
According to the sixth embodiment, the intrusion detection equipment for the local area network bus of the automobile controller is provided, the equipment simulates an intruded computer control module node, a controller local area network client simulates the network environment of the local area network bus of the automobile controller, and the node is provided with at least 3 attack scenes; the scenario is as follows:
the method comprises the following steps that in the first attack scenario, service attack is refused, a large number of messages with high priority are sent, message frames of 0x00 are sent to a bus at high frequency, and response of a vehicle-mounted bus system is damaged;
an attack scene II, namely fuzzy attack; detecting the information of the automobile computer control module by sending a large number of message frames of random ID card identification numbers and probing the response of a controller local area network bus;
an attack scene three, replay attack; by sending a specific normal message, such as: messages that control the rpm tachometer interfere with the vehicle system.
Example seven,
And on the basis of the sixth embodiment, a sequence of the controller local area network bus message frames is collected in the scene, and an intrusion detection model is trained.
Example eight,
On the basis of the sixth embodiment, the apparatus further includes:
a processor and a memory storing computer program instructions;
the processor reads and executes the computer program instructions to implement the method for detecting intrusion of the local area network bus of the vehicle controller according to the first embodiment.
Examples nine,
According to a ninth embodiment, a computer-readable storage medium is provided, the computer-readable storage medium having a computer stored thereon;
and program instructions, which when executed by the processor, implement the method for detecting intrusion of the local area network bus of the vehicle controller according to the first embodiment.
Examples ten,
According to the tenth embodiment, as shown in fig. 1, the one-dimensional convolution layers (32, 4) indicate that the number of convolution kernels is 64 and the size of the convolution kernels is 4; a one-dimensional pooling layer (4), wherein the down-sampling mode is to take a characteristic maximum value, and the down-sampling size is 4; finally, using a logistic regression model classification function as a classifier to determine whether the controller local area network identification card identification number data sequence contains intrusion behaviors;
wherein, the one-dimensional convolutional layers (64, 2) represent one-dimensional convolutional layers, the number of convolutional kernels is 128, and the size of the convolutional kernels is 2; the one-dimensional pooling layer (2) represents a one-dimensional pooling layer, the down-sampling mode is to take a characteristic maximum value, and the down-sampling size is 2; the one-dimensional convolutional layers (96, 2) represent one-dimensional convolutional layers, the number of convolutional cores is 192, and the size of convolutional cores is 2.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As will be apparent to those skilled in the art, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.
Claims (8)
1. A method for detecting the intrusion of a local area network bus of an automobile controller comprises the following steps:
processing the pre-data; according to the pre-processed data, carrying out character-level one-hot coding on the identification number sequence of the message frame identity card of the local area network bus of the controller;
obtaining a unique hot code according to the processing advance data for feature extraction;
sending the coded data into a convolutional neural network for feature extraction;
constructing a classifier by activating a function through a full-connection structure and a logistic regression model according to the processing advance data and the convolutional neural network; the data records in the database are further mapped into a given category.
2. The method according to claim 1, wherein the network is composed of three hidden layers; each hidden layer comprises at least one convolution layer and at least one pool layer; the convolution kernel number of each hidden layer is different, and the original features are mapped to a high-dimensional space, so that the capability of learning the features is improved.
3. The method according to claim 1, wherein the message frame includes an identification number segment, a control segment and a data segment.
4. The method for detecting the intrusion of the local area network bus of the automobile controller according to claim 3, wherein the identification number section is preprocessed firstly, because the collected data of the identification number section is hexadecimal, each bit is subjected to one-hot coding, and a coded identification number sequence is obtained from an original identification number data sequence; each of the identification card identification numbers is represented by at least three unique heat coding vectors.
5. An intrusion detection system for a local area network bus of an automobile controller, the system comprising:
the processing module is used for preprocessing data; carrying out character-level one-hot coding on the identification number sequence of the controller local area network bus message frame identity card;
the characteristic extraction module is used for extracting characteristics according to the one-hot code obtained by the processing module; sending the coded data into a convolutional neural network for feature extraction;
and the classifier activates the function structure through a full-connection structure and a logistic regression model so as to predict the data of the processing module and the characteristic extraction module and map the data records in the database to a given category.
6. A local area network bus intrusion detection device of an automobile controller is characterized in that the device simulates an intruded computer control module node, a local area network client of the controller simulates the network environment of a local area network bus of an automobile controller, and the node is provided with at least 3 attack scenes; the scenario is as follows:
the method comprises the following steps that in the first attack scenario, service attack is refused, a large number of messages with high priority are sent, message frames of 0x00 are sent to a bus at high frequency, and response of a vehicle-mounted bus system is damaged;
an attack scene II, namely fuzzy attack; detecting the information of the automobile computer control module by sending a large number of message frames of random ID card identification numbers and probing the response of a controller local area network bus;
an attack scene three, replay attack; by sending a special normal message.
7. The device of claim 6, further comprising:
a processor and a memory storing computer program instructions;
the processor reads and executes the computer program instructions to implement the intrusion detection method for the local area network bus of the automobile controller according to any one of claims 1 to 4.
8. A computer-readable storage medium having a computer stored thereon;
program instructions which, when executed by a processor, implement a method of intrusion detection for a vehicle controller area network bus according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110091222.9A CN112887302A (en) | 2021-01-22 | 2021-01-22 | Automobile controller local area network bus intrusion detection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110091222.9A CN112887302A (en) | 2021-01-22 | 2021-01-22 | Automobile controller local area network bus intrusion detection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112887302A true CN112887302A (en) | 2021-06-01 |
Family
ID=76050537
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110091222.9A Pending CN112887302A (en) | 2021-01-22 | 2021-01-22 | Automobile controller local area network bus intrusion detection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112887302A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113625681A (en) * | 2021-07-19 | 2021-11-09 | 湖南大学 | CAN bus abnormality detection method, system and storage medium |
| CN114222300A (en) * | 2022-02-23 | 2022-03-22 | 南京理工大学 | Method and equipment for detecting local area network intrusion of vehicle-mounted controller |
| CN116112193A (en) * | 2022-10-18 | 2023-05-12 | 贵州师范大学 | Lightweight vehicle-mounted network intrusion detection method based on deep learning |
| CN116155645A (en) * | 2023-02-27 | 2023-05-23 | 上海中韩杜科泵业制造有限公司 | CAN bus-based equipment network access method, device, equipment and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109309675A (en) * | 2018-09-21 | 2019-02-05 | 华南理工大学 | A kind of network inbreak detection method based on convolutional neural networks |
| CN111294341A (en) * | 2020-01-17 | 2020-06-16 | 成都信息工程大学 | Vehicle-mounted system intrusion detection method based on self-encoder and recurrent neural network |
| CN111835695A (en) * | 2019-04-23 | 2020-10-27 | 华东师范大学 | Vehicle-mounted CAN bus intrusion detection method based on deep learning |
| CN112202722A (en) * | 2020-09-08 | 2021-01-08 | 华东师范大学 | Intrusion detection method |
-
2021
- 2021-01-22 CN CN202110091222.9A patent/CN112887302A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109309675A (en) * | 2018-09-21 | 2019-02-05 | 华南理工大学 | A kind of network inbreak detection method based on convolutional neural networks |
| CN111835695A (en) * | 2019-04-23 | 2020-10-27 | 华东师范大学 | Vehicle-mounted CAN bus intrusion detection method based on deep learning |
| CN111294341A (en) * | 2020-01-17 | 2020-06-16 | 成都信息工程大学 | Vehicle-mounted system intrusion detection method based on self-encoder and recurrent neural network |
| CN112202722A (en) * | 2020-09-08 | 2021-01-08 | 华东师范大学 | Intrusion detection method |
Non-Patent Citations (1)
| Title |
|---|
| 王蓉等: "基于联邦学习和卷积神经网络的入侵检测方法", 《信息网络安全》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113625681A (en) * | 2021-07-19 | 2021-11-09 | 湖南大学 | CAN bus abnormality detection method, system and storage medium |
| CN113625681B (en) * | 2021-07-19 | 2022-12-13 | 湖南大学 | CAN bus abnormality detection method, system and storage medium |
| CN114222300A (en) * | 2022-02-23 | 2022-03-22 | 南京理工大学 | Method and equipment for detecting local area network intrusion of vehicle-mounted controller |
| CN116112193A (en) * | 2022-10-18 | 2023-05-12 | 贵州师范大学 | Lightweight vehicle-mounted network intrusion detection method based on deep learning |
| CN116112193B (en) * | 2022-10-18 | 2023-07-28 | 贵州师范大学 | Lightweight vehicle-mounted network intrusion detection method based on deep learning |
| CN116155645A (en) * | 2023-02-27 | 2023-05-23 | 上海中韩杜科泵业制造有限公司 | CAN bus-based equipment network access method, device, equipment and medium |
| CN116155645B (en) * | 2023-02-27 | 2023-09-22 | 上海中韩杜科泵业制造有限公司 | CAN bus-based equipment network access method, device, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112887302A (en) | Automobile controller local area network bus intrusion detection method and system | |
| Ahmed et al. | Deep learning-based intrusion detection system for internet of vehicles | |
| CN111918039B (en) | Artificial intelligence high risk operation management and control system based on 5G network | |
| CN110826429A (en) | Scenic spot video-based method and system for automatically monitoring travel emergency | |
| CN116112193B (en) | Lightweight vehicle-mounted network intrusion detection method based on deep learning | |
| CN106596122A (en) | Vehicle diagnosis method and device | |
| CN116992299B (en) | Training method, detecting method and device of blockchain transaction anomaly detection model | |
| CN113378675A (en) | Face recognition method for simultaneous detection and feature extraction | |
| CN114372535A (en) | Power equipment fault recognition device and method based on generative countermeasure network | |
| Irfan et al. | Towards deep learning: A review on adversarial attacks | |
| CN117596038A (en) | Vehicle-mounted network intrusion detection method and device based on deep learning and storage medium | |
| CN110119621B (en) | Attack defense method, system and defense device for abnormal system call | |
| Zhou et al. | VDTNet: A High-Performance Visual Network for Detecting and Tracking of Intruding Drones | |
| CN113037750B (en) | Vehicle detection data enhancement training method and system, vehicle and storage medium | |
| CN114900331A (en) | Vehicle-mounted CAN bus intrusion detection method based on CAN message characteristics | |
| CN114244596A (en) | Vehicle-mounted CAN (controller area network) anomaly detection method and system based on HTM (hyper text transport protocol) | |
| Kang et al. | A transfer learning based abnormal can bus message detection system | |
| CN115393743A (en) | Vehicle detection method based on double-branch encoding and decoding network, unmanned aerial vehicle and medium | |
| CN118101330B (en) | CAN vehicle-mounted network intrusion detection method, device, system and storage medium | |
| CN113887300A (en) | Method and device for detecting target, human face and human face key point and storage medium | |
| CN109753894A (en) | Alarm method and device | |
| CN115277071B (en) | Method and device for detecting abnormal communication behavior of equipment | |
| CN118333030B (en) | Firewall configuration acquisition method, system and computer readable storage medium | |
| Zhang et al. | Efficient and Effective In-Vehicle Intrusion Detection System using Binarized Convolutional Neural Network | |
| CN118820897A (en) | Deep neural network composite fault diagnosis method and system based on multiple outputs |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210601 |