Machine Learning Based Intrusion Detection in Controller Area Networks

Abstract

This project examines the feasibility of machine learning based fingerprinting of CAN transceivers for the purpose of uniquely identifying signal sources during intrusion detection.

A working multi-node CAN bus development environment was constructed, and an OpenCL Deep Learning Python Wrapper was ported to the platform.

Multiple Machine Learning Algorithms were compared Systematically, and two models fully implemented on a SoC ARM/FPGA device, with computationally intensive tasks running as Software Defined Hardware using an OpenCL FPGA interface.

The implementation achieves a higher hit rate than earlier work based on least-mean squares and convolution Digital Signals Processing (DSP). Performance on learning tasks is comparable to high end CPU devices, indicating that FPGA is a cost effective solution for utilizing machine learning in embedded systems.

While statistical methods are not sufficient on their own, these results demonstrate that machine learning based methods are now viable in embedded devices, presenting a useful way to circumvent security issues faced by Controller Area Networks on the protocol level.