Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review

Lokman, Siti-Farhana; Othman, Abu Talib; Abu-Bakar, Muhammad-Husaini

doi:10.1186/s13638-019-1484-3

EURASIP Journal on Wireless Communications and Networking

Table 1 Summary of the IDS for CAN bus system literature in the automotive domain. IDS detection strategy methods are proposed based on how the attack manifest into CAN bus network: Manipulation on CAN frequency and CAN packet payload

From: Intrusion detection system for automotive Controller Area Network (CAN) bus system: a review

Key references	Detection strategy	Method	Placement strategy	Packet frequency	Packet payload modification
Hoppe et al. [36]	Anomaly-based	Frequency-based	CAN	✔	–
Hoppe et al. [56]	IDPS	Adaptive dynamic-based	CAN	–	–
Larson et al. [30]	Specification-based	CAN 2.0 and CANopen 3.01 specification	ECU	✔	✔
Hoppe et al. [36]	Anomaly-based	Frequency-based	CAN	✔	–
Müter et al. [81]	Signature-based	Sensor-based	ECU	–	–
Müter et al. [55]	Anomaly-based	Statistical-based (entropy-based)	CAN	✔	–
Ling et al. [58]	Anomaly-based	Frequency-based	CAN	✔	✔
Miller and Valasek [45]	Anomaly-based	Frequency-based	CAN	✔	–
Miller and Valasek [1]	Anomaly-based	Frequency-based	CAN	✔	–
Studnia et al. [38]	Signature-based	Finite-state automata	CAN	✔	✔
Wasicek et al. [68]	Anomaly-based	Machine learning-based (ANN)	Central gateway	–	✔
Taylor et al. [43]	Anomaly-based	Machine learning-based (deep neural network)	CAN	✔	–
Narayanan et al. [73]	Anomaly-based	Statistical-based (hidden Markov)	CAN	–	✔
Song et al. [57]	Signature-based	Frequency-based	CAN	✔	–
Kang et al. [62]	Anomaly-based	Machine learning-based (deep neural network)	CAN	–	✔
Cho et al. [22]	Anomaly-based	Statistical-based (RLS and CUSUM)	CAN	✔	✔
Taylor et al. [41]	Anomaly-based	Machine learning-based (OCSVM)	CAN	–	✔
Gmiden et al. [60]	Anomaly-based	Frequency-based	CAN	✔	✔
Marchetti et al. [24]	Anomaly-based	Statistical-based (information theoretic)	CAN	–	✔
Marchetti et al. [71]	Anomaly-based	Frequency-based (transition matrix)	CAN	✔	–
Lee et al. [11]	Anomaly-based	Time-based (offset ratio and time interval-based)	CAN	✔	✔
Moore et al. [61]	Anomaly-based	Frequency-based (Markov)	CAN	✔	–
Wang et al. [54]	Hybrid-based	Hierarchical temporal memory (HTM)	CAN	–	✔
Weber et al. [53]	Hybrid-based	Specification-based and machine learning-based	ECU	✔	✔
Tomlinson et al. [72]	Anomaly-based	Statistical-based (ARIMA and Z score)	CAN	✔	✔

Back to article page