Skip to content
/ CAN-ADF Public

CAN-ADF: The controller area network attack detection framework

License

MIT license
7 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shahroztariq/CAN-ADF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CAN-ADF

CAN-ADF: The controller area network attack detection framework.

You can also check out our work on CANTransfer.

Citation

If you find our work useful for your research, please consider citing the following papers :)

@article{TARIQ2020101857,
title = "CAN-ADF: The controller area network attack detection framework",
journal = "Computers & Security",
volume = "94",
pages = "101857",
year = "2020",
issn = "0167-4048",
doi = "https://doi.org/10.1016/j.cose.2020.101857",
url = "http://www.sciencedirect.com/science/article/pii/S0167404820301292",
author = "Shahroz Tariq and Sangyup Lee and Huy Kang Kim and Simon S. Woo",
keywords = "Intrusion detection, Security and privacy, Recurrent neural network, Controller area network, In-Vehicle network",
abstract = "In recent years, there has been significant interest in developing autonomous vehicles such as self-driving cars. In-vehicle communications, due to simplicity and reliability, a Controller Area Network (CAN) bus is widely used as the de facto standard to provide serial communications between Electronic Control Units (ECUs). However, prior research reveals that several network-level attacks can be performed due to the lack of defense mechanisms in the CAN bus. In this work, we propose CAN Bus Message Attack Detection Framework (CAN-ADF) - a comprehensive anomaly generation, detection, and evaluation system for a CAN bus. In CAN-ADF, not only various anomalies and attack characteristics can be configured but also different detection methods, and visualization frameworks are provided to effectively detect those attacks and anomalies. For the detector, we employ both a rule-based approach crafted from dynamic network traffic characteristics and Recurrent Neural Networks (RNN). For evaluation, we use 7,875,791 in-vehicle CAN packets collected from real cars, KIA Soul and Hyundai Sonata. Our detection algorithm achieves accurate intrusion detection performance, with an average accuracy of 99.45% on CAN datasets, outperforming prior approach. Furthermore, we developed a visualization tool to validate the detection of anomalies by CAN-ADF and to find new patterns in the dataset."
}

About

CAN-ADF: The controller area network attack detection framework

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages