Kamronbek Yusupov, Md Rezanur Islam, Insu Oh, Mahdi Sahlabadi and Kangbin Yim, Soonchunhyang University, South Korea
This research focuses on evaluating the security of an intrusion detection system in a CAN bus-based vehicle control network. A series of studies were conducted to evaluate the performance of models proposed by previous researchers, testing their effectiveness in real-world scenarios as opposed to those on which they were trained. The article demonstrates that models trained and tested on the same dataset can only sometimes be considered adequate. An approach that included models trained only on CAN ID, payload, or full data was chosen. The research results show that such methods are ineffective enough in real-world attack scenarios because they cannot distinguish between new scenarios not presented during training. The results of testing the models in various attack scenarios are presented, and their limitations are identified. In addition, a new method is proposed explicitly for attack scenarios that may occur in the real-world use of an in-vehicle CAN communication system.
Intrusion Detection System, Controller Area Network, In-Vehicle Network, LSTM