CN106685967A - Vehicle network communication encryption and intrusion monitoring device - Google Patents
Vehicle network communication encryption and intrusion monitoring device Download PDFInfo
- Publication number
- CN106685967A CN106685967A CN201611248135.5A CN201611248135A CN106685967A CN 106685967 A CN106685967 A CN 106685967A CN 201611248135 A CN201611248135 A CN 201611248135A CN 106685967 A CN106685967 A CN 106685967A
- Authority
- CN
- China
- Prior art keywords
- message
- monitoring
- gateway
- ecu
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to a vehicle network communication encryption and intrusion monitoring device. The vehicle network communication encryption and intrusion monitoring device is arranged in a vehicle communication system. The vehicle communication system includes a plurality of ECU nodes and one gateway, wherein each ECU node is connected with each other through the gateway. The vehicle network communication encryption and intrusion monitoring device includes verification modules in the ECU nodes, ECU monitoring modules, and a gateway monitoring module in the gateway, wherein the verification modules are used for encrypting identification bytes in a message, and verifying the identification bytes in the message when receiving the message; the ECU monitoring modules are used for monitoring the message information for communication, and generating the corresponding attack type prompt information according to the monitoring result; and the gateway monitoring module monitors the message information passing the gateway, and generates the corresponding attack type prompt information according to the monitoring result. Compared with the prior art, the vehicle network communication encryption and intrusion monitoring device has the advantages of low cost and high safety.
Description
Technical field
The present invention relates to In-vehicle networking and information security field, more particularly, to a kind of In-vehicle networking communication encryption and invasion
Monitoring device.
Background technology
With the intelligent development of automobile, the information security of In-vehicle networking receives increasing attention.In recent years, send out
Intrusion event of a lot of hackers to automobile is given birth to, has run the engine stop of automobile, skylight, anomalous of air conditioner work etc..
For the information security of automobile ECU, the EVITA projects in Europe add HSM (hardware security module) in ECU,
Enable the network service content of automobile encrypted.The safety encryption authentication mode of HSM adopts signature authentication for communicating pair
Mode.As signature authentication needs to take substantial amounts of transmission byte, the method is for FlexRay, MOST, vehicle-mounted Ethernet etc.
Can be preferably compatible, but for the In-vehicle networkings such as CAN, LIN bus then cannot transmit so big data volume completely.Together
When, the cost using the method for HSM is of a relatively high, and the popularization of the method also needs to the regular hour.
The content of the invention
The purpose of the present invention is exactly to provide a kind of In-vehicle networking communication to overcome the defect of above-mentioned prior art presence
Encryption and inbreak testing apparatus.
The purpose of the present invention can be achieved through the following technical solutions:
A kind of In-vehicle networking communication encryption and inbreak testing apparatus, the device are arranged in vehicular communication system, the car
Communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, described device bag
The correction verification module and ECU monitoring modulars that are arranged in ECU nodes and the gateway monitoring modular being arranged in gateway are included, wherein,
The correction verification module is used to add identification byte to be encrypted in messages, and when message is received in message
Identification byte verified;
The ECU monitoring modulars are monitored to the message information for communicating, and produce corresponding attack class according to monitoring result
Type information;
The gateway monitoring modular is produced according to monitoring result and is attacked accordingly to being monitored by the message information of gateway
Hit type prompts information.
The correction verification module includes:
Identification byte signal generating unit, for generating an identification byte according to set algorithm, the set algorithm is double by communicating
The ECU node definitions of side;
Identification byte verification unit, verifies for the identification byte to receiving in message, judges the mark for receiving
Whether character learning section is consistent with the identification byte generated in the identification byte signal generating unit;
Perform control unit, according to the judged result of the identification byte verification unit control ECU nodes receive message or
Rejection message.
The set algorithm defines production method, byte-sized and the deposit position of identification byte.
Identification byte change over time and change.
An ECU monitoring modular is provided with each described ECU node.
Two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring mould are provided with the gateway
Block.
In the ECU monitoring modulars, corresponding attack type information is produced according to monitoring result and is specially:
A1) if monitoring, the transmission of message or receives frequency are more than the first setting value, produce refusal service dos attack and carry
Show information;
A2) if monitoring to enable the information of " reading ", produce to monitor and attack information;
A3) if monitoring to enable the information of " writing ", produce fraudulence message information.
In the gateway monitoring modular, corresponding attack type information is produced according to monitoring result and is specially:
B1) if transmitting terminal monitoring module monitors to the difference of quantities of messages that arrives with receiving terminal monitoring module monitors of quantities of messages it is big
In the second setting value, then refusal service dos attack information is produced;
B2) if transmitting terminal monitoring module monitors to message it is different from the message that receiving terminal monitoring module monitors are arrived, produce
Raw message Tampering attack information;
B3) if transmitting terminal monitoring module monitors to message compared with the message that receiving terminal monitoring module monitors are arrived, have
Duplicate message, then produce message replay attack information.
Compared with prior art, the present invention has advantages below:
(1) present invention is provided with correction verification module in ECU nodes, carries out authentication and add by the way of identification byte
Close, the byte and system resource that the method takes is very little, and cost is relatively low, effectively improves the safety of vehicle area network message transmission
Property;
(2) present invention is fed back by the real-time monitoring of monitoring modular, the working condition to each ECU nodes and gateway in system
It is monitored, while the basic automobile mounted network information security is ensured, the working condition of Real-time Feedback ECU and gateway,
So that system is adjusted in time, automobile is enable safely, in order, reliably to run, it is ensured that the letter of automotive interior In-vehicle networking
Breath safety;
(3) present invention is provided with the monitoring function of monitoring modular, is capable of achieving Denial of Service attack, message monitoring, fraudulence
The monitoring of the attack such as message, message are distorted, message is replayed, monitoring function comprehensively, effectively improve safety;
(4) present invention can be effectively reduced system on the premise of the basic automobile mounted network information security is ensured
Occupation condition, it is adaptable to various In-vehicle networkings.
Description of the drawings
Fig. 1 is the structural representation of the present invention;
Fig. 2 is the flow chart of checking procedure in the embodiment of the present invention;
Fig. 3 is the monitoring flow chart of ECU2 in the embodiment of the present invention;
Fig. 4 is the monitoring flow chart of ECU6 in the embodiment of the present invention;
Fig. 5 is the monitoring flow chart of gateway in the embodiment of the present invention.
Specific embodiment
The present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.The present embodiment is with technical solution of the present invention
Premised on implemented, give detailed embodiment and specific operating process, but protection scope of the present invention be not limited to
Following embodiments.
The present embodiment provides a kind of In-vehicle networking communication encryption and inbreak testing apparatus, and the device is arranged at vehicle communication system
In system, vehicular communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, described device
Including the correction verification module and ECU monitoring modulars that are arranged in ECU nodes and the gateway monitoring modular being arranged in gateway, its
In, correction verification module is used to add identification byte to be encrypted in messages, and when message is received to the identifier word in message
Section is verified;ECU monitoring modulars are monitored to the message information for communicating, and produce corresponding attack type according to monitoring result
Information;Gateway monitoring modular produces corresponding attack according to monitoring result to being monitored by the message information of gateway
Type prompts information.
Correction verification module includes identification byte signal generating unit, identification byte verification unit and execution control unit, wherein, mark
Byte signal generating unit is for according to set algorithm one identification byte of generation, ECU node definition of the set algorithm by communicating pair, institute
Production method, byte-sized and deposit position that set algorithm defines identification byte are stated, the identification byte is over time
Change and change;Identification byte verification unit judges to receive for verifying the identification byte received in message
Identification byte whether be consistent with the identification byte generated in identification byte signal generating unit;Control unit is performed according to identification byte
The judged result control ECU nodes of verification unit receive message or rejection message.One is provided with each ECU node
ECU monitoring modulars.Two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring mould are provided with a gateway
Block.
As shown in figure 1, said apparatus are arranged at the car containing an ECU1~ECU8 and gateway Gateway of 8 ECU nodes
In communication system, wherein, ECU1, ECU2, ECU3, ECU4 are packet sending unit, and ECU5, ECU6, ECU7, ECU8 are message
Receiving unit, is respectively provided with correction verification module C and ECU monitoring modular D in each ECU node, receiving terminal prison is arranged in gateway Gateway
Survey module DA and transmitting terminal monitoring modular DB.
As shown in Fig. 2 the cipher mode that correction verification module is adopted is to add identification byte.Reported by sending to ECU5 with ECU1
As a example by text.For transmission message, communicating pair need arrange message in a byte or how each byte as identification byte.
For sender correction verification module C1, need the algorithm of agreement to generate an identification byte, and ensure the identification byte over time
Change and change;For recipient correction verification module C5, for sender ECU1, recipient's correction verification module C5 is needed according to employing
The identification byte is produced with sender's correction verification module C1 identical modes.Communication link is set up in sender ECU1 and recipient ECU5
When connecing, after recipient's correction verification module C5 receives the message of sender ECU1 every time, by the identification byte in message and reception
The identification byte that square correction verification module C5 bytes are produced is compared, if the identification byte of message and the local identification byte of recipient
Comply fully with, then recipient ECU5 receives message information completely;If the identification byte of message and the local identification byte of recipient
Do not meet, then recipient ECU5 does not receive message information.
As Figure 3-Figure 4, in ECU monitoring modulars, corresponding attack type information is produced according to monitoring result.With
ECU1 by give ECU5 send message, as a example by being monitored to ECU2, ECU6 and gateway gateway.
1、ECU2
1) if ECU monitoring modulars D2 monitors that the transmission frequency of message is increased sharply, i.e., frequency is more than the first setting value, then ECU2
May be attacked, attacker carries out refusal service dos attack using ECU2 to vehicle netbios;
If 2) ECU monitoring modulars D2 monitors the information for enabling " reading ", ECU2 may be monitored by attacker;
If 3) ECU monitoring modulars D2 does not monitor abnormal conditions, ECU2 is considered normal work;
ECU3, ECU4 are in the same manner.
2、ECU6
1) if ECU monitoring modulars D6 monitors that the receives frequency of message is increased sharply, i.e., frequency is more than the first setting value, then vehicle-mounted
Network system may be by attacker's refusal service dos attack;
If 2) ECU monitoring modulars D6 monitors the information for enabling " writing ", ECU6 may be utilized by attacker, send deception
Property message;
If 3) ECU monitoring modulars D6 does not monitor abnormal conditions, ECU6 is considered normal work;
ECU7, ECU8 are in the same manner.
The course of work of gateway monitoring modular is illustrated in figure 5, specially:
1) if monitoring modular DB is compared to monitoring modular DA, the message that monitoring modular DB is monitored is much larger than monitoring modular
DA, then gateway Gateway may be attacked, attacker using gateway Gateway to vehicle netbios carry out refusal service DOS
Attack;
If 2) monitoring modular DA is different with the message that monitoring modular DB is monitored, gateway Gateway may be attacked, and attack
The person of hitting has distorted the message content through gateway Gateway;
If 3) after monitoring modular DA monitors a message, a large amount of messages for repeating are monitored at monitoring modular DB, then
Gateway Gateway may be attacked, and the message for needing to send once is repeatedly sent by attacker always;
If 4) monitoring modular DA and monitoring modular DB do not monitor exception, then it is assumed that gateway Gateway is normal work.
Above-mentioned specific embodiment is exemplary, is to preferably make skilled artisans appreciate that originally
Patent, does not constitute the restriction to right;As long as any equivalent made of spirit according to disclosed in this patent
Change is modified, in the scope of protection of the invention.
Claims (8)
1. a kind of In-vehicle networking communication encryption and inbreak testing apparatus, it is characterised in that the device is arranged at vehicular communication system
In, the vehicular communication system includes multiple ECU nodes and a gateway, and each ECU nodes are connected with each other by gateway, institute
Stating device includes the correction verification module being arranged in ECU nodes and ECU monitoring modulars and the gateway monitoring mould being arranged in gateway
Block, wherein,
The correction verification module is used to add identification byte to be encrypted in messages, and when message is received to the mark in message
Character learning section is verified;
The ECU monitoring modulars are monitored to the message information for communicating, and are produced corresponding attack type according to monitoring result and are carried
Show information;
The gateway monitoring modular produces corresponding attack class according to monitoring result to being monitored by the message information of gateway
Type information.
2. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that the calibration mode
Block includes:
Identification byte signal generating unit, for generating an identification byte according to set algorithm, the set algorithm is by communicating pair
ECU node definitions;
Identification byte verification unit, verifies for the identification byte to receiving in message, judges the identifier word for receiving
Whether section is consistent with the identification byte generated in the identification byte signal generating unit;
Control unit is performed, ECU nodes is controlled according to the judged result of the identification byte verification unit and is received message or refusal
Receive message.
3. In-vehicle networking communication encryption according to claim 2 and inbreak testing apparatus, it is characterised in that the setting is calculated
Method defines production method, byte-sized and the deposit position of identification byte.
4. In-vehicle networking communication encryption according to claim 2 and inbreak testing apparatus, it is characterised in that the identifier word
Save change over time and change.
5. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that described in each
An ECU monitoring modular is provided with ECU nodes.
6. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that in the gateway
In be provided with two gateway monitoring modulars, respectively receiving terminal monitoring modular and transmitting terminal monitoring modular.
7. In-vehicle networking communication encryption according to claim 1 and inbreak testing apparatus, it is characterised in that the ECU prisons
Survey in module, corresponding attack type information is produced according to monitoring result and is specially:
A1) if monitoring, the transmission of message or receives frequency are more than the first setting value, produce refusal service dos attack prompting and believe
Breath;
A2) if monitoring to enable the information of " reading ", produce to monitor and attack information;
A3) if monitoring to enable the information of " writing ", produce fraudulence message information.
8. In-vehicle networking communication encryption according to claim 6 and inbreak testing apparatus, it is characterised in that the gateway prison
Survey in module, corresponding attack type information is produced according to monitoring result and is specially:
B1) if transmitting terminal monitoring module monitors to the difference of quantities of messages that arrives of quantities of messages and receiving terminal monitoring module monitors more than the
Two setting values, then produce refusal service dos attack information;
B2) if transmitting terminal monitoring module monitors to message it is different from the message that receiving terminal monitoring module monitors are arrived, produce report
Literary Tampering attack information;
B3) if transmitting terminal monitoring module monitors to message compared with the message that receiving terminal monitoring module monitors are arrived, with repeat
Information, then produce message replay attack information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611248135.5A CN106685967A (en) | 2016-12-29 | 2016-12-29 | Vehicle network communication encryption and intrusion monitoring device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611248135.5A CN106685967A (en) | 2016-12-29 | 2016-12-29 | Vehicle network communication encryption and intrusion monitoring device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106685967A true CN106685967A (en) | 2017-05-17 |
Family
ID=58872584
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611248135.5A Pending CN106685967A (en) | 2016-12-29 | 2016-12-29 | Vehicle network communication encryption and intrusion monitoring device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106685967A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109120490A (en) * | 2018-10-31 | 2019-01-01 | 百度在线网络技术(北京)有限公司 | Vehicle network communication means and device |
CN111443623A (en) * | 2018-12-29 | 2020-07-24 | 北京奇虎科技有限公司 | Safety protection device and method based on vehicle CAN bus structure |
CN111669352A (en) * | 2019-03-08 | 2020-09-15 | 广州汽车集团股份有限公司 | Method and device for preventing denial of service attack |
CN113448299A (en) * | 2020-03-25 | 2021-09-28 | 北京新能源汽车股份有限公司 | Vehicle gateway controller, information processing method and vehicle |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102404326A (en) * | 2011-11-23 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Method, system and device for validating safety of messages |
CN104012065A (en) * | 2011-12-21 | 2014-08-27 | 丰田自动车株式会社 | Vehilce network monitoring method and apparatus |
CN106101111A (en) * | 2016-06-24 | 2016-11-09 | 郑州信大捷安信息技术股份有限公司 | Vehicle electronics safe communication system and communication means |
CN106154903A (en) * | 2015-04-16 | 2016-11-23 | 上海汽车集团股份有限公司 | Carry out, with peripheral hardware, the system and method that information is mutual for car load network |
-
2016
- 2016-12-29 CN CN201611248135.5A patent/CN106685967A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102404326A (en) * | 2011-11-23 | 2012-04-04 | 北京星网锐捷网络技术有限公司 | Method, system and device for validating safety of messages |
CN104012065A (en) * | 2011-12-21 | 2014-08-27 | 丰田自动车株式会社 | Vehilce network monitoring method and apparatus |
CN106154903A (en) * | 2015-04-16 | 2016-11-23 | 上海汽车集团股份有限公司 | Carry out, with peripheral hardware, the system and method that information is mutual for car load network |
CN106101111A (en) * | 2016-06-24 | 2016-11-09 | 郑州信大捷安信息技术股份有限公司 | Vehicle electronics safe communication system and communication means |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109120490A (en) * | 2018-10-31 | 2019-01-01 | 百度在线网络技术(北京)有限公司 | Vehicle network communication means and device |
CN109120490B (en) * | 2018-10-31 | 2021-07-27 | 百度在线网络技术(北京)有限公司 | Vehicle network communication method and device |
CN111443623A (en) * | 2018-12-29 | 2020-07-24 | 北京奇虎科技有限公司 | Safety protection device and method based on vehicle CAN bus structure |
CN111669352A (en) * | 2019-03-08 | 2020-09-15 | 广州汽车集团股份有限公司 | Method and device for preventing denial of service attack |
CN113448299A (en) * | 2020-03-25 | 2021-09-28 | 北京新能源汽车股份有限公司 | Vehicle gateway controller, information processing method and vehicle |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Matsumoto et al. | A method of preventing unauthorized data transmission in controller area network | |
Bozdal et al. | A survey on can bus protocol: Attacks, challenges, and potential solutions | |
Avatefipour et al. | State-of-the-art survey on in-vehicle network communication (CAN-Bus) security and vulnerabilities | |
Jo et al. | A survey of attacks on controller area networks and corresponding countermeasures | |
Kleberger et al. | Security aspects of the in-vehicle network in the connected car | |
CN110324301B (en) | System and method for generating rules for thwarting computer attacks on vehicles | |
CN106685967A (en) | Vehicle network communication encryption and intrusion monitoring device | |
Nilsson et al. | A Defense-in-Depth Approach to Securing the Wireless Vehicle Infrastructure. | |
King | Investigating and securing communications in the Controller Area Network (CAN) | |
CN111077883A (en) | Vehicle-mounted network safety protection method and device based on CAN bus | |
Bresch et al. | Design and implementation of an intrusion detection system (IDS) for in-vehicle networks | |
Halabi et al. | A lightweight synchronous cryptographic hash chain solution to securing the vehicle CAN bus | |
Kwon et al. | Mitigation mechanism against in-vehicle network intrusion by reconfiguring ECU and disabling attack packet | |
Dadam et al. | Onboard Cybersecurity Diagnostic System for Connected Vehicles | |
Hartzell et al. | Security analysis of an automobile controller area network bus | |
Oyler et al. | Security in automotive telematics: a survey of threats and risk mitigation strategies to counter the existing and emerging attack vectors | |
CN114257388B (en) | Information safety protection method and device of Internet of vehicles system and electric automobile | |
EP3713190B1 (en) | Secure bridging of controller area network buses | |
Olivier et al. | Hashing-based authentication for CAN bus and application to Denial-of-Service protection | |
Carsten et al. | A system to recognize intruders in controller area network (can) | |
Ansari et al. | A low-cost masquerade and replay attack detection method for CAN in automobiles | |
CN114785543B (en) | In-vehicle network cross-domain communication method, computer equipment and intelligent terminal | |
Tashiro et al. | A secure protocol consisting of two different security-level message authentications over CAN | |
Sharma et al. | Review of the Security of Backward-Compatible Automotive Inter-ECU Communication | |
Li et al. | Research on CAN network security aspects and intrusion detection design |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170517 |