CN106685967A - Vehicle network communication encryption and intrusion monitoring device - Google Patents

Vehicle network communication encryption and intrusion monitoring device Download PDF

Info

Publication number
CN106685967A
CN106685967A CN201611248135.5A CN201611248135A CN106685967A CN 106685967 A CN106685967 A CN 106685967A CN 201611248135 A CN201611248135 A CN 201611248135A CN 106685967 A CN106685967 A CN 106685967A
Authority
CN
China
Prior art keywords
message
monitoring
gateway
ecu
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611248135.5A
Other languages
Chinese (zh)
Inventor
罗峰
胡强
常欣伟
谢凌风
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tongji University
Original Assignee
Tongji University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tongji University filed Critical Tongji University
Priority to CN201611248135.5A priority Critical patent/CN106685967A/en
Publication of CN106685967A publication Critical patent/CN106685967A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention relates to a vehicle network communication encryption and intrusion monitoring device. The vehicle network communication encryption and intrusion monitoring device is arranged in a vehicle communication system. The vehicle communication system includes a plurality of ECU nodes and one gateway, wherein each ECU node is connected with each other through the gateway. The vehicle network communication encryption and intrusion monitoring device includes verification modules in the ECU nodes, ECU monitoring modules, and a gateway monitoring module in the gateway, wherein the verification modules are used for encrypting identification bytes in a message, and verifying the identification bytes in the message when receiving the message; the ECU monitoring modules are used for monitoring the message information for communication, and generating the corresponding attack type prompt information according to the monitoring result; and the gateway monitoring module monitors the message information passing the gateway, and generates the corresponding attack type prompt information according to the monitoring result. Compared with the prior art, the vehicle network communication encryption and intrusion monitoring device has the advantages of low cost and high safety.

Description

A kind of In-vehicle networking communication encryption and inbreak testing apparatus
Technical field
The present invention relates to In-vehicle networking and information security field, more particularly, to a kind of In-vehicle networking communication encryption and invasion Monitoring device.
Background technology
With the intelligent development of automobile, the information security of In-vehicle networking receives increasing attention.In recent years, send out Intrusion event of a lot of hackers to automobile is given birth to, has run the engine stop of automobile, skylight, anomalous of air conditioner work etc..
For the information security of automobile ECU, the EVITA projects in Europe add HSM (hardware security module) in ECU, Enable the network service content of automobile encrypted.The safety encryption authentication mode of HSM adopts signature authentication for communicating pair Mode.As signature authentication needs to take substantial amounts of transmission byte, the method is for FlexRay, MOST, vehicle-mounted Ethernet etc. Can be preferably compatible, but for the In-vehicle networkings such as CAN, LIN bus then cannot transmit so big data volume completely.Together When, the cost using the method for HSM is of a relatively high, and the popularization of the method also needs to the regular hour.
The content of the invention
The purpose of the present invention is exactly to provide a kind of In-vehicle networking communication to overcome the defect of above-mentioned prior art presence Encryption and inbreak testing apparatus.
The purpose of the present invention can be achieved through the following technical solutions:
A kind of In-vehicle networking communication encryption and inbreak testing apparatus, the device are arranged in vehicular communication system, the car Communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, described device bag The correction verification module and ECU monitoring modulars that are arranged in ECU nodes and the gateway monitoring modular being arranged in gateway are included, wherein,
The correction verification module is used to add identification byte to be encrypted in messages, and when message is received in message Identification byte verified;
The ECU monitoring modulars are monitored to the message information for communicating, and produce corresponding attack class according to monitoring result Type information;
The gateway monitoring modular is produced according to monitoring result and is attacked accordingly to being monitored by the message information of gateway Hit type prompts information.
The correction verification module includes:
Identification byte signal generating unit, for generating an identification byte according to set algorithm, the set algorithm is double by communicating The ECU node definitions of side;
Identification byte verification unit, verifies for the identification byte to receiving in message, judges the mark for receiving Whether character learning section is consistent with the identification byte generated in the identification byte signal generating unit;
Perform control unit, according to the judged result of the identification byte verification unit control ECU nodes receive message or Rejection message.
The set algorithm defines production method, byte-sized and the deposit position of identification byte.
Identification byte change over time and change.
An ECU monitoring modular is provided with each described ECU node.
Two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring mould are provided with the gateway Block.
In the ECU monitoring modulars, corresponding attack type information is produced according to monitoring result and is specially:
A1) if monitoring, the transmission of message or receives frequency are more than the first setting value, produce refusal service dos attack and carry Show information;
A2) if monitoring to enable the information of " reading ", produce to monitor and attack information;
A3) if monitoring to enable the information of " writing ", produce fraudulence message information.
In the gateway monitoring modular, corresponding attack type information is produced according to monitoring result and is specially:
B1) if transmitting terminal monitoring module monitors to the difference of quantities of messages that arrives with receiving terminal monitoring module monitors of quantities of messages it is big In the second setting value, then refusal service dos attack information is produced;
B2) if transmitting terminal monitoring module monitors to message it is different from the message that receiving terminal monitoring module monitors are arrived, produce Raw message Tampering attack information;
B3) if transmitting terminal monitoring module monitors to message compared with the message that receiving terminal monitoring module monitors are arrived, have Duplicate message, then produce message replay attack information.
Compared with prior art, the present invention has advantages below:
(1) present invention is provided with correction verification module in ECU nodes, carries out authentication and add by the way of identification byte Close, the byte and system resource that the method takes is very little, and cost is relatively low, effectively improves the safety of vehicle area network message transmission Property;
(2) present invention is fed back by the real-time monitoring of monitoring modular, the working condition to each ECU nodes and gateway in system It is monitored, while the basic automobile mounted network information security is ensured, the working condition of Real-time Feedback ECU and gateway, So that system is adjusted in time, automobile is enable safely, in order, reliably to run, it is ensured that the letter of automotive interior In-vehicle networking Breath safety;
(3) present invention is provided with the monitoring function of monitoring modular, is capable of achieving Denial of Service attack, message monitoring, fraudulence The monitoring of the attack such as message, message are distorted, message is replayed, monitoring function comprehensively, effectively improve safety;
(4) present invention can be effectively reduced system on the premise of the basic automobile mounted network information security is ensured Occupation condition, it is adaptable to various In-vehicle networkings.
Description of the drawings
Fig. 1 is the structural representation of the present invention;
Fig. 2 is the flow chart of checking procedure in the embodiment of the present invention;
Fig. 3 is the monitoring flow chart of ECU2 in the embodiment of the present invention;
Fig. 4 is the monitoring flow chart of ECU6 in the embodiment of the present invention;
Fig. 5 is the monitoring flow chart of gateway in the embodiment of the present invention.
Specific embodiment
The present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.The present embodiment is with technical solution of the present invention Premised on implemented, give detailed embodiment and specific operating process, but protection scope of the present invention be not limited to Following embodiments.
The present embodiment provides a kind of In-vehicle networking communication encryption and inbreak testing apparatus, and the device is arranged at vehicle communication system In system, vehicular communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, described device Including the correction verification module and ECU monitoring modulars that are arranged in ECU nodes and the gateway monitoring modular being arranged in gateway, its In, correction verification module is used to add identification byte to be encrypted in messages, and when message is received to the identifier word in message Section is verified;ECU monitoring modulars are monitored to the message information for communicating, and produce corresponding attack type according to monitoring result Information;Gateway monitoring modular produces corresponding attack according to monitoring result to being monitored by the message information of gateway Type prompts information.
Correction verification module includes identification byte signal generating unit, identification byte verification unit and execution control unit, wherein, mark Byte signal generating unit is for according to set algorithm one identification byte of generation, ECU node definition of the set algorithm by communicating pair, institute Production method, byte-sized and deposit position that set algorithm defines identification byte are stated, the identification byte is over time Change and change;Identification byte verification unit judges to receive for verifying the identification byte received in message Identification byte whether be consistent with the identification byte generated in identification byte signal generating unit;Control unit is performed according to identification byte The judged result control ECU nodes of verification unit receive message or rejection message.One is provided with each ECU node ECU monitoring modulars.Two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring mould are provided with a gateway Block.
As shown in figure 1, said apparatus are arranged at the car containing an ECU1~ECU8 and gateway Gateway of 8 ECU nodes In communication system, wherein, ECU1, ECU2, ECU3, ECU4 are packet sending unit, and ECU5, ECU6, ECU7, ECU8 are message Receiving unit, is respectively provided with correction verification module C and ECU monitoring modular D in each ECU node, receiving terminal prison is arranged in gateway Gateway Survey module DA and transmitting terminal monitoring modular DB.
As shown in Fig. 2 the cipher mode that correction verification module is adopted is to add identification byte.Reported by sending to ECU5 with ECU1 As a example by text.For transmission message, communicating pair need arrange message in a byte or how each byte as identification byte. For sender correction verification module C1, need the algorithm of agreement to generate an identification byte, and ensure the identification byte over time Change and change;For recipient correction verification module C5, for sender ECU1, recipient's correction verification module C5 is needed according to employing The identification byte is produced with sender's correction verification module C1 identical modes.Communication link is set up in sender ECU1 and recipient ECU5 When connecing, after recipient's correction verification module C5 receives the message of sender ECU1 every time, by the identification byte in message and reception The identification byte that square correction verification module C5 bytes are produced is compared, if the identification byte of message and the local identification byte of recipient Comply fully with, then recipient ECU5 receives message information completely;If the identification byte of message and the local identification byte of recipient Do not meet, then recipient ECU5 does not receive message information.
As Figure 3-Figure 4, in ECU monitoring modulars, corresponding attack type information is produced according to monitoring result.With ECU1 by give ECU5 send message, as a example by being monitored to ECU2, ECU6 and gateway gateway.
1、ECU2
1) if ECU monitoring modulars D2 monitors that the transmission frequency of message is increased sharply, i.e., frequency is more than the first setting value, then ECU2 May be attacked, attacker carries out refusal service dos attack using ECU2 to vehicle netbios;
If 2) ECU monitoring modulars D2 monitors the information for enabling " reading ", ECU2 may be monitored by attacker;
If 3) ECU monitoring modulars D2 does not monitor abnormal conditions, ECU2 is considered normal work;
ECU3, ECU4 are in the same manner.
2、ECU6
1) if ECU monitoring modulars D6 monitors that the receives frequency of message is increased sharply, i.e., frequency is more than the first setting value, then vehicle-mounted Network system may be by attacker's refusal service dos attack;
If 2) ECU monitoring modulars D6 monitors the information for enabling " writing ", ECU6 may be utilized by attacker, send deception Property message;
If 3) ECU monitoring modulars D6 does not monitor abnormal conditions, ECU6 is considered normal work;
ECU7, ECU8 are in the same manner.
The course of work of gateway monitoring modular is illustrated in figure 5, specially:
1) if monitoring modular DB is compared to monitoring modular DA, the message that monitoring modular DB is monitored is much larger than monitoring modular DA, then gateway Gateway may be attacked, attacker using gateway Gateway to vehicle netbios carry out refusal service DOS Attack;
If 2) monitoring modular DA is different with the message that monitoring modular DB is monitored, gateway Gateway may be attacked, and attack The person of hitting has distorted the message content through gateway Gateway;
If 3) after monitoring modular DA monitors a message, a large amount of messages for repeating are monitored at monitoring modular DB, then Gateway Gateway may be attacked, and the message for needing to send once is repeatedly sent by attacker always;
If 4) monitoring modular DA and monitoring modular DB do not monitor exception, then it is assumed that gateway Gateway is normal work.
Above-mentioned specific embodiment is exemplary, is to preferably make skilled artisans appreciate that originally Patent, does not constitute the restriction to right;As long as any equivalent made of spirit according to disclosed in this patent Change is modified, in the scope of protection of the invention.

Claims (8)

1. a kind of In-vehicle networking communication encryption and inbreak testing apparatus, it is characterised in that the device is arranged at vehicular communication system In, the vehicular communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, institute Stating device includes the correction verification module being arranged in ECU nodes and ECU monitoring modulars and the gateway monitoring mould being arranged in gateway Block, wherein,
The correction verification module is used to add identification byte to be encrypted in messages, and when message is received to the mark in message Character learning section is verified;
The ECU monitoring modulars are monitored to the message information for communicating, and are produced corresponding attack type according to monitoring result and are carried Show information;
The gateway monitoring modular produces corresponding attack class according to monitoring result to being monitored by the message information of gateway Type information.
2. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that the calibration mode Block includes:
Identification byte signal generating unit, for generating an identification byte according to set algorithm, the set algorithm is by communicating pair ECU node definitions;
Identification byte verification unit, verifies for the identification byte to receiving in message, judges the identifier word for receiving Whether section is consistent with the identification byte generated in the identification byte signal generating unit;
Control unit is performed, ECU nodes is controlled according to the judged result of the identification byte verification unit and is received message or refusal Receive message.
3. In-vehicle networking communication encryption according to claim 2 and inbreak testing apparatus, it is characterised in that the setting is calculated Method defines production method, byte-sized and the deposit position of identification byte.
4. In-vehicle networking communication encryption according to claim 2 and inbreak testing apparatus, it is characterised in that the identifier word Save change over time and change.
5. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that described in each An ECU monitoring modular is provided with ECU nodes.
6. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that in the gateway In be provided with two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring modular.
7. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that the ECU prisons Survey in module, corresponding attack type information is produced according to monitoring result and is specially:
A1) if monitoring, the transmission of message or receives frequency are more than the first setting value, produce refusal service dos attack prompting and believe Breath;
A2) if monitoring to enable the information of " reading ", produce to monitor and attack information;
A3) if monitoring to enable the information of " writing ", produce fraudulence message information.
8. In-vehicle networking communication encryption according to claim 6 and inbreak testing apparatus, it is characterised in that the gateway prison Survey in module, corresponding attack type information is produced according to monitoring result and is specially:
B1) if transmitting terminal monitoring module monitors to the difference of quantities of messages that arrives of quantities of messages and receiving terminal monitoring module monitors more than the Two setting values, then produce refusal service dos attack information;
B2) if transmitting terminal monitoring module monitors to message it is different from the message that receiving terminal monitoring module monitors are arrived, produce report Literary Tampering attack information;
B3) if transmitting terminal monitoring module monitors to message compared with the message that receiving terminal monitoring module monitors are arrived, with repeat Information, then produce message replay attack information.
CN201611248135.5A 2016-12-29 2016-12-29 Vehicle network communication encryption and intrusion monitoring device Pending CN106685967A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611248135.5A CN106685967A (en) 2016-12-29 2016-12-29 Vehicle network communication encryption and intrusion monitoring device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611248135.5A CN106685967A (en) 2016-12-29 2016-12-29 Vehicle network communication encryption and intrusion monitoring device

Publications (1)

Publication Number Publication Date
CN106685967A true CN106685967A (en) 2017-05-17

Family

ID=58872584

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611248135.5A Pending CN106685967A (en) 2016-12-29 2016-12-29 Vehicle network communication encryption and intrusion monitoring device

Country Status (1)

Country Link
CN (1) CN106685967A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109120490A (en) * 2018-10-31 2019-01-01 百度在线网络技术(北京)有限公司 Vehicle network communication means and device
CN111443623A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Safety protection device and method based on vehicle CAN bus structure
CN111669352A (en) * 2019-03-08 2020-09-15 广州汽车集团股份有限公司 Method and device for preventing denial of service attack
CN113448299A (en) * 2020-03-25 2021-09-28 北京新能源汽车股份有限公司 Vehicle gateway controller, information processing method and vehicle

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404326A (en) * 2011-11-23 2012-04-04 北京星网锐捷网络技术有限公司 Method, system and device for validating safety of messages
CN104012065A (en) * 2011-12-21 2014-08-27 丰田自动车株式会社 Vehilce network monitoring method and apparatus
CN106101111A (en) * 2016-06-24 2016-11-09 郑州信大捷安信息技术股份有限公司 Vehicle electronics safe communication system and communication means
CN106154903A (en) * 2015-04-16 2016-11-23 上海汽车集团股份有限公司 Carry out, with peripheral hardware, the system and method that information is mutual for car load network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404326A (en) * 2011-11-23 2012-04-04 北京星网锐捷网络技术有限公司 Method, system and device for validating safety of messages
CN104012065A (en) * 2011-12-21 2014-08-27 丰田自动车株式会社 Vehilce network monitoring method and apparatus
CN106154903A (en) * 2015-04-16 2016-11-23 上海汽车集团股份有限公司 Carry out, with peripheral hardware, the system and method that information is mutual for car load network
CN106101111A (en) * 2016-06-24 2016-11-09 郑州信大捷安信息技术股份有限公司 Vehicle electronics safe communication system and communication means

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109120490A (en) * 2018-10-31 2019-01-01 百度在线网络技术(北京)有限公司 Vehicle network communication means and device
CN109120490B (en) * 2018-10-31 2021-07-27 百度在线网络技术(北京)有限公司 Vehicle network communication method and device
CN111443623A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Safety protection device and method based on vehicle CAN bus structure
CN111669352A (en) * 2019-03-08 2020-09-15 广州汽车集团股份有限公司 Method and device for preventing denial of service attack
CN113448299A (en) * 2020-03-25 2021-09-28 北京新能源汽车股份有限公司 Vehicle gateway controller, information processing method and vehicle

Similar Documents

Publication Publication Date Title
Matsumoto et al. A method of preventing unauthorized data transmission in controller area network
Bozdal et al. A survey on can bus protocol: Attacks, challenges, and potential solutions
Avatefipour et al. State-of-the-art survey on in-vehicle network communication (CAN-Bus) security and vulnerabilities
Jo et al. A survey of attacks on controller area networks and corresponding countermeasures
Kleberger et al. Security aspects of the in-vehicle network in the connected car
CN110324301B (en) System and method for generating rules for thwarting computer attacks on vehicles
CN106685967A (en) Vehicle network communication encryption and intrusion monitoring device
Nilsson et al. A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure.
King Investigating and securing communications in the Controller Area Network (CAN)
CN111077883A (en) Vehicle-mounted network safety protection method and device based on CAN bus
Bresch et al. Design and implementation of an intrusion detection system (IDS) for in-vehicle networks
Halabi et al. A lightweight synchronous cryptographic hash chain solution to securing the vehicle CAN bus
Kwon et al. Mitigation mechanism against in-vehicle network intrusion by reconfiguring ECU and disabling attack packet
Dadam et al. Onboard Cybersecurity Diagnostic System for Connected Vehicles
Hartzell et al. Security analysis of an automobile controller area network bus
Oyler et al. Security in automotive telematics: a survey of threats and risk mitigation strategies to counter the existing and emerging attack vectors
CN114257388B (en) Information safety protection method and device of Internet of vehicles system and electric automobile
EP3713190B1 (en) Secure bridging of controller area network buses
Olivier et al. Hashing-based authentication for CAN bus and application to Denial-of-Service protection
Carsten et al. A system to recognize intruders in controller area network (can)
Ansari et al. A low-cost masquerade and replay attack detection method for CAN in automobiles
CN114785543B (en) In-vehicle network cross-domain communication method, computer equipment and intelligent terminal
Tashiro et al. A secure protocol consisting of two different security-level message authentications over CAN
Sharma et al. Review of the Security of Backward-Compatible Automotive Inter-ECU Communication
Li et al. Research on CAN network security aspects and intrusion detection design

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170517