In English

Intrusion Detection Systems in Trucks - Evaluation of Intrusion Detection Systems in Dynamic Automotive Environments

Manne Engelke ; Jesper Ivarsson
Göteborg : Chalmers tekniska högskola, 2018. 88 s.
[Examensarbete på avancerad nivå]

Vehicles of today are becoming increasingly connected, both internally and to the surrounding world. In the vehicle industry, and the world at large, new technology is being developed and integrated faster than ever before. Recently, several hacks of vehicles have been performed, utilising new technology in vehicles, proving the need for increased security in vehicles. The concept of Intrusion Detection Systems (IDSs) has recently been researched heavily in the vehicle industry, in order to make it work effectively with Controller Area Network (CAN) which is the de-facto standard for internal vehicle networks. Specifically, communication on the CAN network is subject to change based on aftermarket modifications in trucks, something that is not the case for cars, which leave the factory as a complete consumer product. Therefore the effectiveness of IDSs in trucks is uncertain. The aim of this project is to determine an ideal IDS design in an automotive environment where the internal communication is dynamic and configurable on a per vehicle basis. The thesis covers resource utilisation, detection, placement, logging and updating requirements. Such a design is developed based on current state-ofthe- art research and the strict industry requirements in the field. Specifically the specification targets lean general implementations as a means to alleviate the issues with low memory resources, low computing power and the volatile nature of the internal communication of trucks. Additionally, a proprietary commercial in-vehicle IDS is compared to the proposed specification in order to test the validity of the specification. Comparing the ideal IDS design proposal to the commercial IDS shows that the developed specification proposal is reasonable, with minor modifications. The evaluated commercial IDS is shown to lack support for crucial functionality, making it unsuitable for use in the truck industry. Additionally, all detection schemes of the commercial IDS are signature based, which is not a lean nor scalable solution. In conclusion, the proposed specification is appropriate but the evaluated IDS solution is unsatisfactory as it deviates from the proposed specification making it hard to recommend for manufacturers who wish to protect their vehicles against the fullfeatured intruder of today.

Nyckelord: IDS, IDPS, Intrusion, Detection, ECU, CAN, SAE J1939, Trucks, Vehicle

Publikationen registrerades 2018-09-18. Den ändrades senast 2018-09-28

CPL ID: 255943

Detta är en tjänst från Chalmers bibliotek