Enhancing Cybersecurity of Automotive Ethernet Networks with Deep Learning-based Intrusion Detection Systems

Abstract

Modern automobiles are increasing the demand for automotive Ethernet as a flexible and high-bandwidth in-vehicle network (IVN) technology. Moreover, while enhanced connectivity brings new opportunities and capabilities to cars, it also presents security concerns to drivers and passengers. Traditional network security mechanisms (e.g., encryption and authentication) have drawbacks, such as computing and transmission overhead, when considered for IVNs. On the other hand, intrusion detection systems (IDSs) are a second line of defense triggered when other security mechanisms fail. Alongside, IDSs have smaller deployment costs and do not require modification of existing nodes’ message structures. Meanwhile, machine learning (ML) and deep learning (DL) techniques have shown promising results for designing IDSs because of their ability to learn hidden patterns in complex data, such as the network packets in IVNs. However, DL models often demand high computational power and storage size, making their adoption difficult in resource-constrained environments such as IVNs. In this dissertation, we propose two DL-based IDSs that target a low detection time and accurate cyberattack detection. Our first proposal is a deep learning-based intrusion detection system for detecting cyberattacks in an automotive Ethernet network. It uses a convolutional neural network architecture and a multi-criteria optimization technique. Our experimental results show a reduction of more than 100x in the storage size and a speedup of 1.4x in the detection time with a negligible drop in the F1-score compared to state-of-the-art work. The second proposal is a novel multi-stage deep learning-based intrusion detection system to detect and classify cyberattacks in automotive Ethernet networks. The first stage uses a Random Forest classifier to detect cyberattacks quickly. The second stage, on the other hand, uses a Pruned Convolutional Neural Network that minimizes false positive rates while classifying different types of cyberattacks. We evaluate our proposed IDS using two publicly available automotive Ethernet intrusion datasets. The experimental results show that our proposed solution detects cyberattacks with a similar detection rate and a faster detection time compared to other state-of-the-art baseline automotive Ethernet IDSs.