CANGuard: An Enhanced Approach to the Detection of Anomalies in CAN-Enabled Vehicles

CANGuard: An Enhanced Approach to the Detection of Anomalies in CAN-Enabled Vehicles

As modern vehicles continue to evolve, advanced technologies are integrated to enhance the driving experience. A key enabler of this advancement is the Controller Area Network (CAN) bus, which facilitates seamless communication between vehicle components. Despite its widespread adoption, the CAN bus...

Full description

Saved in:
Bibliographic Details
Main Authors: Damilola Oladimeji, Razaq Jinad, Amar Rasheed, Mohamed Baza
Format: Article
Language:English
Published: MDPI AG 2025-01-01
Series:Sensors
Subjects:
Controller Area Network (CAN)
CAN bus anomaly detection
CAN Intrusion Detection System (IDS)
machine learning for CAN security
DoS attack detection in CAN
vehicle communication security
Online Access:https://www.mdpi.com/1424-8220/25/1/278
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:As modern vehicles continue to evolve, advanced technologies are integrated to enhance the driving experience. A key enabler of this advancement is the Controller Area Network (CAN) bus, which facilitates seamless communication between vehicle components. Despite its widespread adoption, the CAN bus was not designed with security as a priority, making it vulnerable to various attacks. In this paper, we propose CANGuard, an Intrusion Detection System (IDS) designed to detect attacks on the CAN network and identify the originating node in real time. Using a simulated CAN-enabled system with four nodes representing diverse vehicle components, we generated a dataset featuring Denial-of-Service (DoS) attacks by exploiting the arbitration feature of the CAN bus, which prioritizes high-criticality messages (e.g., engine control) over lower-criticality ones (e.g., infotainment). We trained and evaluated several machine learning models for their ability to detect attacks and pinpoint the responsible node. Results indicate that Gradient Boosting outperformed other models, achieving high accuracy in both attack detection and node identification. While the Multi-Layer Perceptron (MLP) model demonstrated strong attack detection performance, it struggled with node identification, achieving less than 50% accuracy. These findings underscore the potential of tree-based models for real-time IDS applications in CAN-enabled vehicles.
ISSN:1424-8220

Similar Items