GGNB: Graph-Based Gaussian Naive Bayes Intrusion Detection System for CAN Bus
Loading...
Author/Creator
Author/Creator ORCID
Date
2021-12-01
Type of Work
Department
Program
Citation of Original Publication
Islam, Riadul et al. GGNB: Graph-based Gaussian naive Bayes intrusion detection system for CAN bus. Vehicular Communications 33 (January 2022) 100442. https://doi.org/10.1016/j.vehcom.2021.100442.
Rights
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Subjects
Abstract
The national highway traffic safety administration (NHTSA) identified cybersecurity of the automobile systems are more critical than the security of other
information systems. Researchers already demonstrated remote attacks on
critical vehicular electronic control units (ECUs) using controller area network
(CAN). Besides, existing intrusion detection systems (IDSs) often propose
to tackle a specific type of attack, which may leave a system vulnerable to
numerous other types of attacks. A generalizable IDS that can identify a
wide range of attacks within the shortest possible time has more practical
value than attack-specific IDSs, which is not a trivial task to accomplish. In
this paper we propose a novel graph-based Gaussian naive Bayes (GGNB)
intrusion detection algorithm by leveraging graph properties and PageRankrelated features. The GGNB on the real rawCAN data set yields 99.61%,
99.83%, 96.79%, and 96.20% detection accuracy for denial of service (DoS),
fuzzy, spoofing, replay, mixed attacks, respectively. Also, using OpelAstra
data set, the proposed methodology has 100%, 99.85%, 99.92%, 100%,
99.92%, 97.75% and 99.57% detection accuracy considering DoS, diagnostic,
fuzzing CAN ID, fuzzing payload, replay, suspension, and mixed attacks,
respectively. The GGNB-based methodology requires about 239× and 135×
lower training and tests times, respectively, compared to the SVM classifier
used in the same application. Using Xilinx Zybo Z7 field-programmable gate array (FPGA) board, the proposed GGNB requires 5.7×, 5.9×, 5.1×,
and 3.6× fewer slices, LUTs, flip-flops, and DSP units, respectively, than
conventional NN architecture.