Side Channel Analysis: A Novel Intrusion Detection System Based on Vehicle Voltage Signals

Intelligent connected vehicles (ICVs) integrate advanced equipment and communication network technologies to realize information exchange and sharing between vehicles and people, roads, clouds, etc., bringing great convenience to people's lives. However, the interconnection of intelligent equipment and vehicles also brings many vulnerable interfaces, threatening the security of in-vehicle networks, e.g., controller area network (CAN) bus. For protecting the security of CAN bus, some researchers propose a data encryption and decryption protocol-based method. Note that due to the resource constraints of computing and bandwidth and the requirements for low-delay data transmission, the research on protocol-based data encryption and decryption method is progressing slowly. For this reason, more researchers study vehicle intrusion detection systems (IDSs) based on side channel analysis. It does not occupy the bandwidth of CAN bus, and detects intrusion by analyzing the physical characteristics of CAN bus. Nevertheless, most of the existing work either cannot locate the source electronic control unit (ECU) of the malicious data frames, or cannot detect malicious data frames from ECUs and external nodes simultaneously, which greatly limits their practical application value. Therefore, we propose a novel IDS based on vehicle voltage signals. Specifically, we map multiple identifiers (IDs) sent for each ECU without developer documentation. In addition, we creatively design FeatureBagging-CNN combined model to detect malicious intrusion. When the external nodes or compromised ECUs send malicious data frames, the system can accurately detect them and locate their sender.