Lightweight Intrusion Detection Method of Vehicle CAN Bus under Computational Resource Constraints

Main Article Content

Xiancheng Ming
Zhenyu Wang
Bo Xu


In order to improve the security protection performance of the vehicle Controller Area Network (CAN) bus, the research builds an adaptive lightweight intrusion detection algorithm based on the limited computing and storage resources of the on-board ECU environment and the message cycle characteristics to supervise and detect the vehicle CAN bus intrusion. The results showed that the message cycle-based adaptive intrusion detection algorithm had high accuracy and recall rate, and fast computational search efficiency, with a stable detection time of less than 3 seconds. The intrusion detection capability is continuously optimized as the training time increases, and after stabilization, the resource utilization rate reaches over 95% with a throughput of 100Mb/s. The algorithm has strong protection capabilities. The average vehicle CPU usage of the algorithm is only 4.76%, which is 10.17% lower than the intrusion detection algorithm based on support vector machines. It can effectively prevent interference with the normal operation of the vehicle CAN bus. The algorithm has high detection accuracy for interrupt type attacks, and there are no false positives or missed alarms. For injection type attacks, the probability of missed alarms is less than 1%. The intrusion detection of vehicle CAN bus based on the message cycle characteristics provides technical reference for the safety and stability of the vehicle network, and has important practical value for the intelligent and networked development of the automobile industry.

Article Details

Special Issue - Cloud Computing for Intelligent Traffic Management and Control