Attacker Identification and Intrusion Detection for In-Vehicle Networks

Jing Ning, Jiadai Wang, Jiajia Liu, Nei Kato

Research output: Contribution to journalArticlepeer-review

44 Citations (Scopus)


As the most wide-spread in-vehicle data bus protocol, CAN (Controller Area Network) has attracted more and more attention due to its lack of security protection mechanism. A variety of attacks against CAN bus have emerged, posing serious threat to vehicle safety. Accordingly, some methods have been proposed to detect CAN bus attacks, however, they have certain shortcomings such as additional computing burden and obvious false detection rate. Therefore, using the physical characteristics of voltage signal on CAN bus, we propose an LOF (Local Outlier Factor)-based intrusion detection method, which can greatly reduce the false detection rate as well as improve the detection accuracy. The modification of CAN protocol and the additional computation burden can also be avoided. In addition, to the best of our knowledge, we are the first to implement bus-off intrusion detection on real vehicles.

Original languageEnglish
Article number8811570
Pages (from-to)1927-1930
Number of pages4
JournalIEEE Communications Letters
Issue number11
Publication statusPublished - 2019 Nov


  • Controller area network
  • intrusion detection
  • local outlier factor


Dive into the research topics of 'Attacker Identification and Intrusion Detection for In-Vehicle Networks'. Together they form a unique fingerprint.

Cite this