# 基于关联规则挖掘的车载网络入侵检测技术研究Research on Intrusion Detection Technology Based on Association Rules Mining in Vehicular Networks

• 全文下载: PDF(958KB)    PP.65-69   DOI: 10.12677/HJDM.2017.73007
• 下载量: 857  浏览量: 2,331

With the development of automobile information, many cars are connected with the external network through the network module. As the car is connected to the extranet, hackers are offered a long way to attack the car via the internet. This paper introduces the background of rough set and association rules, and then uses rough set technology to improve the traditional Apriori algorithm to be applied to the vehicle network intrusion detection, and finally through the test proves the vehicle network intrusion detection.

1. 引言

2. 相关背景

2.1. 粗糙集理论

1) 离散化问题

2) 不完整数据问题

2.2. 关联规则

$I=\left\{{i}_{1},{i}_{2},\cdots ,{i}_{m}\right\}$ 是所研究对象集合中所有属性(项)的集合。其中，如果一个集合里有k个属性的属性集就称为k-项集。设D是二维结构的数据集，其中每个记录T是项的集合，使得 $T\subset I$ 。设A是一个项集，要使记录T包含A，那么只有当且仅当 $A\subset T$

$\mathrm{sup}=\left(A⇒B\right)=P\left(A\cup B\right),\text{\hspace{0.17em}}\text{conf}=\left(A⇒B\right)=P\left(B|A\right)$

3. 粗糙集理论与关联规则挖掘结合

3.1. 数据的预处理

3.2. 属性限制

4. 实验与讨论

4.1. 数据源

4.2. 数据处理

Figure 1. Data acquisition equipment PFautoEcu-IV

Figure 2. Partial data acquisition

$|时间戳差|=\left[0.0060,0.0080\right]$

$关联规则=对应车速->对应转速$

4.3. 结果分析

Figure 3. Test result

5. 总结

 [1] Miller, C. and Valasek, C. (2013) Adventures in Automotive Networks and Control Units. DEF CON 21Hacking Con-ference, Las Vegas, NV, 2-4 August 2013, 230-235. [2] Miller, C. and Valasek, C. (2014) A Survey of Remote Au-tomotive Attack Surfaces. Black Hat, USA, 2-7 August 2014, 1-94. [3] Miller, C. and Valasek, C. (2015) Remote Exploitation of an Unaltered Passenger Vehicle. Black Hat, USA, 1-6 August 2015, 1-91. [4] Murvay, P.-S. and Groza, B. (2014) Source Identification Using Signal Characteristics in Controller Area Networks. IEEE Signal Processing Letters, 21, 395-399. https://doi.org/10.1109/LSP.2014.2304139 [5] Larson, U.E., Nilsson, D.K. and Jonsson, E. (2008) An Approach to Specification-Based Attack Detection for in-Vehicle Networks. 2008 IEEE Intelligent Vehicles Symposium, Eindhoven, 4-6 June 2008, 220-225. https://doi.org/10.1109/IVS.2008.4621263 [6] Muter, M., Groll, A. and Freiling, F.C. (2010) A Structured Approach to Anomaly Detection for in-Vehicle Networks. 2010 Sixth International Conference on Information Assurance and Security, Atlanta, GA, 23-25 August 2010, 92-98. https://doi.org/10.1109/ISIAS.2010.5604050 [7] 汽车电子与汽车CAN总线网络实验开发系统[EB/OL]. http://www.pfautocan.com/index.php?m=content&c=index&a=show&catid=8&id=22