GCNIDS: Graph Convolutional Network-Based Intrusion Detection System for CAN Bus

TL;DR

This paper introduces a novel GCN-based intrusion detection system for CAN bus in vehicles, improving attack detection accuracy and efficiency, especially for complex mixed attacks, with minimal manual feature engineering.

Contribution

It is the first to apply Graph Convolutional Networks to CAN bus intrusion detection, enhancing detection performance and real-time applicability.

Findings

Outperforms existing IDSs in accuracy, precision, and recall

Effective in detecting complex mixed attacks

Reduces manual feature engineering requirements

Abstract

The Controller Area Network (CAN) bus serves as a standard protocol for facilitating communication among various electronic control units (ECUs) within contemporary vehicles. However, it has been demonstrated that the CAN bus is susceptible to remote attacks, which pose risks to the vehicle's safety and functionality. To tackle this concern, researchers have introduced intrusion detection systems (IDSs) to identify and thwart such attacks. In this paper, we present an innovative approach to intruder detection within the CAN bus, leveraging Graph Convolutional Network (GCN) techniques as introduced by Zhang, Tong, Xu, and Maciejewski in 2019. By harnessing the capabilities of deep learning, we aim to enhance attack detection accuracy while minimizing the requirement for manual feature engineering. Our experimental findings substantiate that the proposed GCN-based method surpasses existing IDSs in terms of accuracy, precision, and recall. Additionally, our approach demonstrates efficacy in detecting mixed attacks, which are more challenging to identify than single attacks. Furthermore, it reduces the necessity for extensive feature engineering and is particularly well-suited for real-time detection systems. To the best of our knowledge, this represents the pioneering application of GCN to CAN data for intrusion detection. Our proposed approach holds significant potential in fortifying the security and safety of modern vehicles, safeguarding against attacks and preventing them from undermining vehicle functionality.