現今科技下的車載網路面臨網路安全的議題與挑戰，由於具網路連線功能的車輛日益增加也越趨複雜，使得這些車輛能夠與其他的連網設備共享數據並具有網路存取功能。入侵偵測系統 (Intrusion Detection System, IDS) 能夠作為一種可靠的方法用以提升車載網路中的網路安全性。基於上述，我們利用控制區域網絡 (Controller Area Network, CAN) 之流量，並且結合時間序列分類方法來設計並提出一個基於集成技術的入侵偵測系統。我們所提出的IDS分為兩個部分。第一部分中，我們透過使用控制器區域網路訊息中的位元欄位 (Bit Field) 作為特徵來設計入侵偵測系統，並基於One-hot Encoding技術將提取的特徵編碼成圖像或資料矩陣。於第二部分中，我們使用控制器區域網路流量 (CAN Traffic) 來計算特定時間內的封包數量，並將網路流量轉換為可表示成向量的時間序列資料。最後，根據得到的網路流量，並透過特定的編碼技術來將對應的時間序列編碼為圖像或資料矩陣。我們將上述兩個基於殘差網路 (Residual Network) 且透過不同編碼資料所訓練出的模型進行集成。並且將這些模型加入集成分類器並賦予各自的權重。而透過上述兩個訓練模型所輸出的預測結果也將被賦予相對應的權重。接著，透過集成演算法或規則來計算並得出集成系統的最終預測結果。我們將提出的入侵偵測系統視為一個混合型偵測系統，在執行的過程中有多種方法可以同時進行偵測。為了實際呈現車載網路的實驗場景，我們將此系統的偵測功能實作於 ARM 架構的微控制器，檢驗所提出的混合型偵測系統可於現今科技或自動駕駛的車輛中執行與應用。最後，我們分別對二元分類與多類別分類進行實驗。基於公開且相同的網路攻擊資料集，我們的集成偵測系統對於阻斷服務攻擊(DoS)的偵測優於先前的幾種方法，錯誤率低於 0.01%。另外，我們也呈現同時偵測複數種攻擊類別的實驗結果，並可達到 99.59% 的整體偵測準確率。

The in-vehicle networks are facing the automotive security. One of the reliable approaches to enhance safety against network attacks on in-vehicle networks is through the use of an Intrusion Detection System (IDS). Therefore, we combine the time series classification and use the Controller Area Network (CAN) traffic to propose an ensemble IDS. There are two parts in our proposed IDS. In the first part, we designed our IDS by using the bit fields in the CAN messages as features and we encoded the extracted features into images or data matrices by One-hot Encoding. In the second part, we use CAN traffic to count the number of CAN messages in a specified period and convert the CAN traffic into time series data which can be represented as vectors. We convert the time series data into images or data matrices corresponding to the CAN traffic. Furthermore, based on Residual Networks and trained using different encoded data, we combine the two models with appropriate ensemble strategies. Then, we assign the weights for multiple models to build an ensemble classifier. The weighted prediction results output through the trained models will be computed as the final predictions. In order to present the experimental scenario of in-vehicle networks, we divide the experimental hardware that the detection phase of our ensemble IDS is executed on an ARM microcontroller which contains a general purpose operating system. We conduct our experiment in both binary and multi-class classification. For our ensemble IDS, the detection of DoS attack with an error rate lower than 0.01%, outperforms the previous methods. At last, we present the overall accuracy (99.59%) for detecting multiple types of network attacks.

[1] Young, Clinton, et al. "Survey of automotive controller area network intrusion detection systems." IEEE Design & Test 36.6 (2019): 48-55.
[2] Lin, Chung-Wei, and Alberto Sangiovanni-Vincentelli. "Cyber-security for the controller area network (CAN) communication protocol." 2012 International Conference on Cyber Security. IEEE, 2012.
[3] Koscher, Karl, et al. "Experimental security analysis of a modern automobile." 2010 IEEE symposium on security and privacy. IEEE, 2010.
[4] Miller, Charlie, and Chris Valasek. "Remote exploitation of an unaltered passenger vehicle." Black Hat USA 2015.S 91 (2015): 1-91.
[5] HPL, Steve Corrigan. "Introduction to the controller area network (CAN)." Application Report SLOA101 (2002): 1-17.
[6] Alshammari, Abdulaziz, et al. "Classification approach for intrusion detection in vehicle systems." Wireless Engineering and Technology 9.4 (2018): 79-94.
[7] Amazon Web Services (AWS). "Introduction Denial of Service attacks." AWS Documentation, https://docs.aws.amazon.com/whitepapers/latest/aws-best-practices-ddos-resiliency/introduction-denial-of-service-attacks.html.
[8] Song, Hyun Min, Jiyoung Woo, and Huy Kang Kim. "In-vehicle network intrusion detection using deep convolutional neural network." Vehicular Communications 21 (2020): 100198.
[9] Wu, Wufei, et al. "A survey of intrusion detection for in-vehicle networks." IEEE Transactions on Intelligent Transportation Systems 21.3 (2019): 919-933.
[10] Ahmad, Zeeshan, et al. "Network intrusion detection system: A systematic study of machine learning and deep learning approaches." Transactions on Emerging Telecommunications Technologies 32.1 (2021): e4150.
[11] Liu, Hongyu, and Bo Lang. "Machine learning and deep learning methods for intrusion detection systems: A survey." applied sciences 9.20 (2019): 4396.
[12] Taylor, Adrian, Nathalie Japkowicz, and Sylvain Leblanc. "Frequency-based anomaly detection for the automotive CAN bus." 2015 World Congress on Industrial Control Systems Security (WCICSS). IEEE, 2015.
[13] Song, Hyun Min, Ha Rang Kim, and Huy Kang Kim. "Intrusion detection system based on the analysis of time intervals of CAN messages for in-vehicle network." 2016 international conference on information networking (ICOIN). IEEE, 2016.
[14] Yin, Chuanlong, et al. "A deep learning approach for intrusion detection using recurrent neural networks." Ieee Access 5 (2017): 21954-21961.
[15] Javaid, Ahmad, et al. "A deep learning approach for network intrusion detection system." Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS). 2016.
[16] Xiao, Yihan, et al. "An intrusion detection model based on feature reduction and convolutional neural networks." IEEE Access 7 (2019): 42210-42219.
[17] Kang, Min-Joo, and Je-Won Kang. "Intrusion detection system using deep neural network for in-vehicle network security." PloS one 11.6 (2016): e0155781.
[18] Seo, Eunbi, Hyun Min Song, and Huy Kang Kim. "GIDS: GAN based intrusion detection system for in-vehicle network." 2018 16th Annual Conference on Privacy, Security and Trust (PST). IEEE, 2018.
[19] Desta, Araya Kibrom, et al. "Rec-CNN: In-vehicle networks intrusion detection using convolutional neural networks trained on recurrence plots." Vehicular Communications 35 (2022): 100470.
[20] Potdar, Kedar, Taher S. Pardawala, and Chinmay D. Pai. "A comparative study of categorical variable encoding techniques for neural network classifiers." International journal of computer applications 175.4 (2017): 7-9.
[21] Hancock, John T., and Taghi M. Khoshgoftaar. "Survey on categorical data for neural networks." Journal of Big Data 7.1 (2020): 1-41.
[22] Zhang, Hongpo, et al. "An effective deep learning based scheme for network intrusion detection." 2018 24th International Conference on Pattern Recognition (ICPR). IEEE, 2018.
[23] Potluri, Sasanka, Shamim Ahmed, and Christian Diedrich. "Convolutional neural networks for multi-class intrusion detection system." Mining Intelligence and Knowledge Exploration: 6th International Conference, MIKE 2018, Cluj-Napoca, Romania, December 20–22, 2018, Proceedings 6. Springer International Publishing, 2018.
[24] Li, Zhipeng, et al. "Intrusion detection using convolutional neural networks for representation learning." International conference on neural information processing. Cham: Springer International Publishing, 2017.
[25] Brockwell, Peter J., and Richard A. Davis. Time series: theory and methods. Springer science & business media, 2009.
[26] Zhao, Bendong, et al. "Convolutional neural networks for time series classification." Journal of Systems Engineering and Electronics 28.1 (2017): 162-169.
[27] Ismail Fawaz, Hassan, et al. "Deep learning for time series classification: a review." Data mining and knowledge discovery 33.4 (2019): 917-963.
[28] Wang, Zhiguang, and Tim Oates. "Imaging time-series to improve classification and imputation." arXiv preprint arXiv:1506.00327 (2015).
[29] Wang, Zhiguang, and Tim Oates. "Encoding time series as images for visual inspection and classification using tiled convolutional neural networks." Workshops at the twenty-ninth AAAI conference on artificial intelligence. Vol. 1. Menlo Park, CA, USA: AAAI, 2015.
[30] Wang, Zhiguang, Weizhong Yan, and Tim Oates. "Time series classification from scratch with deep neural networks: A strong baseline." 2017 International joint conference on neural networks (IJCNN). IEEE, 2017.
[31] Hatami, Nima, Yann Gavet, and Johan Debayle. "Classification of time-series images using deep convolutional neural networks." Tenth international conference on machine vision (ICMV 2017). Vol. 10696. SPIE, 2018.
[32] Barra, Silvio, et al. "Deep learning and time series-to-image encoding for financial forecasting." IEEE/CAA Journal of Automatica Sinica 7.3 (2020): 683-692.
[33] He, Kaiming, et al. "Deep residual learning for image recognition." Proceedings of the IEEE conference on computer vision and pattern recognition. 2016.
[34] Zagoruyko, Sergey, and Nikos Komodakis. "Wide residual networks." arXiv preprint arXiv:1605.07146 (2016).
[35] Dietterich, Thomas G. "Ensemble methods in machine learning." International workshop on multiple classifier systems. Berlin, Heidelberg: Springer Berlin Heidelberg, 2000.
[36] Polikar, Robi. "Ensemble based systems in decision making." IEEE Circuits and systems magazine 6.3 (2006): 21-45.
[37] Ganaie, Mudasir A., et al. "Ensemble deep learning: A review." Engineering Applications of Artificial Intelligence 115 (2022): 105151.
[38] Aburomman, Abdulla Amin, and Mamun Bin Ibne Reaz. "A survey of intrusion detection systems based on ensemble and hybrid classifiers." Computers & security 65 (2017): 135-152.