RX-ADS: Interpretable Anomaly Detection using Adversarial ML for Electric Vehicle CAN data

TL;DR

This paper introduces RX-ADS, an interpretable anomaly detection system for EV CAN data that combines deep autoencoders and adversarial ML to detect and explain intrusions, outperforming existing methods on benchmark datasets.

Contribution

The paper presents a novel RX-ADS system integrating feature extraction, autoencoder-based anomaly detection, and adversarial explanation generation for EV CAN communication.

Findings

RX-ADS achieves comparable performance to state-of-the-art methods.

It outperforms existing approaches on the Car Hacking dataset.

The system provides validated explanations for detected anomalies.

Abstract

Recent year has brought considerable advancements in Electric Vehicles (EVs) and associated infrastructures/communications. Intrusion Detection Systems (IDS) are widely deployed for anomaly detection in such critical infrastructures. This paper presents an Interpretable Anomaly Detection System (RX-ADS) for intrusion detection in CAN protocol communication in EVs. Contributions include: 1) window based feature extraction method; 2) deep Autoencoder based anomaly detection method; and 3) adversarial machine learning based explanation generation methodology. The presented approach was tested on two benchmark CAN datasets: OTIDS and Car Hacking. The anomaly detection performance of RX-ADS was compared against the state-of-the-art approaches on these datasets: HIDS and GIDS. The RX-ADS approach presented performance comparable to the HIDS approach (OTIDS dataset) and has outperformed HIDS and GIDS approaches (Car Hacking dataset). Further, the proposed approach was able to generate explanations for detected abnormal behaviors arising from various intrusions. These explanations were later validated by information used by domain experts to detect anomalies. Other advantages of RX-ADS include: 1) the method can be trained on unlabeled data; 2) explanations help experts in understanding anomalies and root course analysis, and also help with AI model debugging and diagnostics, ultimately improving user trust in AI systems.