A Lightweight Multi-Attack CAN Intrusion Detection System on Hybrid FPGAs
Citation:
Shashwat Khandelwal and Shanker Shreejith, A Lightweight Multi-Attack CAN Intrusion Detection System on Hybrid FPGAs, International Conference on Field Programmable Logic and Applications (FPL), Belfast, UK, Aug 29-31, 2022Download Item:
FPL_2022_Camera_Ready (1).pdf (Accepted for publication (author's copy) - Peer Reviewed) 162.6Kb
Abstract:
Rising connectivity in vehicles is enabling new capabilities like connected autonomous driving and advanced driver
assistance systems (ADAS) for improving the safety and reliability of next-generation vehicles. This increased access to in-vehicle functions compromises critical capabilities that use legacy in-vehicle networks like Controller Area Network (CAN), which has no inherent security or authentication mechanism. Intrusion detection and mitigation approaches, particularly using machine learning models, have shown promising results in detecting multiple attack vectors in CAN through their ability to generalise to new vectors. However, most deployments require dedicated computing units like GPUs to perform line-rate detection, consuming much higher power. In this paper, we present a lightweight multi-attack quantised machine learning model that is deployed using Xilinx’s Deep Learning Processing Unit IP on a Zynq Ultrascale+ (XCZU3EG) FPGA, which is trained and validated using the public CAN Intrusion Detection dataset. The quantised model detects denial of service and fuzzing attacks with an accuracy of above 99% and a false positive rate of 0.07%, which are comparable to the state-of-the-art techniques in the literature. The Intrusion Detection System (IDS) execution consumes just 2.0 W with software tasks running on the ECU and achieves a 25% reduction in per-message processing latency over the state-of-the-art implementations. This deployment allows the ECU function to coexist with the IDS with minimal changes to the tasks, making it ideal for real-time IDS in in-vehicle systems.
Author's Homepage:
http://people.tcd.ie/shankers
Author: Shanker, Shreejith
Other Titles:
International Conference on Field Programmable Logic and Applications (FPL)Type of material:
Conference PaperAvailability:
Full text availableKeywords:
Controller Area Network, Machine Learning, FPGASubject (TCD):
Smart & Sustainable Planet , Telecommunications , Automotive Electronics , Computer/Data/Network Security , Field Programmable Gate Arrays (FPGAs) , MACHINE LEARNING , NETWORK SECURITY , Reconfigurable Computing , deep learningSource URI:
https://ocslab.hksecurity.net/datasets/can intrusion-datasetLicences: