SISSA: Real-time Monitoring of Hardware Functional Safety and Cybersecurity with In-vehicle SOME/IP Ethernet Traffic
arxiv(2024)
摘要
Scalable service-Oriented Middleware over IP (SOME/IP) is an Ethernet
communication standard protocol in the Automotive Open System Architecture
(AUTOSAR), promoting ECU-to-ECU communication over the IP stack. However,
SOME/IP lacks a robust security architecture, making it susceptible to
potential attacks. Besides, random hardware failure of ECU will disrupt SOME/IP
communication. In this paper, we propose SISSA, a SOME/IP communication
traffic-based approach for modeling and analyzing in-vehicle functional safety
and cyber security. Specifically, SISSA models hardware failures with the
Weibull distribution and addresses five potential attacks on SOME/IP
communication, including Distributed Denial-of-Services, Man-in-the-Middle, and
abnormal communication processes, assuming a malicious user accesses the
in-vehicle network. Subsequently, SISSA designs a series of deep learning
models with various backbones to extract features from SOME/IP sessions among
ECUs. We adopt residual self-attention to accelerate the model's convergence
and enhance detection accuracy, determining whether an ECU is under attack,
facing functional failure, or operating normally. Additionally, we have created
and annotated a dataset encompassing various classes, including indicators of
attack, functionality, and normalcy. This contribution is noteworthy due to the
scarcity of publicly accessible datasets with such characteristics.Extensive
experimental results show the effectiveness and efficiency of SISSA.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要