CN113242251A - Vehicle-mounted network safety protection system and application method thereof - Google Patents

Vehicle-mounted network safety protection system and application method thereof Download PDF

Info

Publication number
CN113242251A
CN113242251A CN202110549799.XA CN202110549799A CN113242251A CN 113242251 A CN113242251 A CN 113242251A CN 202110549799 A CN202110549799 A CN 202110549799A CN 113242251 A CN113242251 A CN 113242251A
Authority
CN
China
Prior art keywords
module
vehicle
security
safety
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202110549799.XA
Other languages
Chinese (zh)
Inventor
郑强
卞军
李哲
曾剑隽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jiuzhou Yunchi Technology Co ltd
Original Assignee
Beijing Jiuzhou Yunchi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jiuzhou Yunchi Technology Co ltd filed Critical Beijing Jiuzhou Yunchi Technology Co ltd
Priority to CN202110549799.XA priority Critical patent/CN113242251A/en
Publication of CN113242251A publication Critical patent/CN113242251A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention relates to a vehicle-mounted network information safety protection system, which comprises a safety engine module, an application program interface module, an authentication module, a safety communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein: the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system and is used for establishing a processing flow and a management rule set of vehicle-mounted network messages; the application program interface module is used for providing data encryption and decryption services for the application program; the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol; the data encryption module is used for providing algorithm support for data encryption and decryption; the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of the vehicle-mounted network message; and the log system module is responsible for recording system operation, network flow and operation behaviors.

Description

Vehicle-mounted network safety protection system and application method thereof
Technical Field
The invention relates to a vehicle-mounted network information safety protection system, in particular to a vehicle-mounted network information safety protection system of an intelligent networked automobile.
Background
With the increasing degree of automobile intellectualization and networking, the security threat faces is also greatly increased. Various connection paths of the networked automobile can be utilized to realize remote attack and control on the automobile. Smart networked cars typically face the following information security issues:
1) the traditional automobile bus realizes the communication between nodes based on message broadcasting and an arbitration mechanism according to priority; an intruder disassembles the vehicle, monitors the bus message and cracks the protocol; then, aiming at the similar vehicles, remote invasion can be realized through a vehicle-mounted network; after the management authority is obtained, the communication node is counterfeited, an illegal instruction is sent or the bus bandwidth is monopolized with high priority, and flooding attack is implemented; great potential safety hazard is brought to safe driving of the automobile;
2) the system comprises a plurality of automobile Electronic Control Units (ECUs) and vehicle-mounted information system units, which respectively bear different functional responsibilities, and has a huge supplier system, and no corresponding information safety implementation standard although the system conforms to a uniform functional safety standard;
3) the technical field of the embedded system of the automobile has uniqueness and specialty; the method and practice in the traditional internet security field can not be carried out as they are, and the information security of the automobile embedded system is lack of a referable method and reusable resources;
at present, in the technical field of vehicle-mounted network information security, various technical schemes only aim at certain specific service requirements, such as data encryption, system and application program reinforcement, OTA, encrypted communication protocol and the like, and no systematic and comprehensive network information security method and system are formed aiming at vehicle-mounted network information security protection; and other technical schemes are provided for moving methods and systems in the technical field of internet information security, but the technical speciality and the particularity of the embedded system technology of the automobile are not considered, so that the embedded system is difficult to avoid water and soil, and is in the embarrassment that the adaptation degree is low, the available resources are few, and the scheme is difficult to implement specifically.
Disclosure of Invention
In order to solve the technical problems, the technical scheme is as follows, the system comprises a security engine module, an application program interface module, an authentication module, a security communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein:
the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and the management rule set comprise a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism;
the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services;
the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process;
the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol;
the data encryption module is used for providing algorithm support for data encryption and decryption;
the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library;
the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy;
and the log system module is responsible for recording system operation, network flow and operation behaviors.
On the basis of the technical scheme, the system further comprises a security audit cooperation mechanism which is used for coordinating means or mechanisms of all modules for dealing with security risks. The safety audit cooperation mechanism comprises state detection and dynamic strategies, wherein the state detection is used for collecting log data of each module to obtain an operation state, the operation state is uploaded to the cloud end through a vehicle-mounted network, the dynamic strategies are adopted to adjust the safety strategies in real time according to the operation state of each module, and different safety risks are dealt with.
In order to solve the technical problems, an application method of the vehicle-mounted network information security system is also provided, and the provided technical scheme is as follows:
s1, extracting technical characteristics with commonality for an automobile embedded system environment and a communication service, and identifying safety risks;
s2, establishing a lightweight security engine architecture adaptive to the heterogeneous network of the automobile embedded system;
s3, providing security services such as data encryption and decryption, certificate and key management and the like for the automobile communication service;
s4, establishing a security audit cooperation mechanism;
and S5, establishing a log system and a security policy library, and updating.
On the basis of the above technical solution, S2 further includes:
s211, taking over a vehicle-mounted Ethernet communication protocol stack;
s212, real-time mapping and redundancy backup of the network message are carried out;
s213, encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
s214, identifying abnormal flow and abnormal behaviors based on a protocol standard and a safety rule set;
s215, matching and generating an attack protection strategy.
On the basis of the above technical solution, S2 further includes:
s221, taking over an automobile bus communication protocol stack;
s222, establishing safety isolation and access control of automobile bus communication;
s223, monitoring all bus messages in real time, and checking message compliance;
s224, establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
and S225, realizing bus intrusion detection and attack protection through a matching rule set.
Has the advantages that: aiming at the information security requirement of an automobile embedded system, an open information security application system and a unified information security service framework are provided, the unified management of an automobile bus and a vehicle-mounted network is realized, the communication requirement is met, meanwhile, a vehicle networking information security strategy can be configured as required, the realization difficulty of the information security protection of vehicle-mounted embedded equipment is greatly reduced, and the terminal information security guarantee is provided for the security operation of the vehicle networking.
Detailed Description
The first embodiment.
The embodiment aims to provide a system for carrying out network information security protection on an embedded system, which comprises a security engine module, an application program interface module, an authentication module, a security communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module.
The safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and management rule set comprises a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism; the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services; the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process; the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol; the data encryption module is used for providing algorithm support for data encryption and decryption; the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library; and the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy. And the log system module is responsible for recording system operation, network flow and operation behaviors.
The embodiment also has a preferable example, that is, a security audit cooperation mechanism is also provided, which is not used as a module, but is used as a means or mechanism for coordinating each module to deal with security risks. The safety audit cooperation mechanism comprises state detection and dynamic strategies, wherein the state detection is used for collecting log data of each module to obtain an operation state, the operation state is uploaded to the cloud end through a vehicle-mounted network, the dynamic strategies are adopted to adjust the safety strategies in real time according to the operation state of each module, and different safety risks are dealt with.
Example two.
The present embodiment provides a method for using a network information security protection system based on the first embodiment.
Step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, step 1 and step 2 are steps of establishing a security engine module to identify and process abnormal behavior and protect the security of the vehicle network, and steps 3 to step 5 are steps of establishing a security policy to provide support for the security engine module.
Example three.
The present embodiment is made on the basis of the second embodiment, wherein the step 2 is further preferably subdivided into:
step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
step 211: taking over the vehicle-mounted Ethernet communication protocol stack;
step 212: real-time mapping and redundant backup of network messages;
step 213: encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
step 214: identifying abnormal flow and abnormal behavior based on a protocol standard and a safety rule set;
step 215: matching and generating an attack protection strategy;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, the four steps of step 1, step 3 to step 5 are the same as those in the second embodiment, except that a protection means is provided for the security of the vehicle-mounted network information communication by means of mapping, backup and encryption.
Example four.
This embodiment is a parallel embodiment of the third embodiment on the basis of the second embodiment. In this embodiment, the information security protection of the vehicle bus is also covered, and the step 2 is further preferably subdivided into: .
Step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
step 221: taking over an automobile bus communication protocol stack;
step 222: establishing safety isolation and access control of automobile bus communication;
step 223: monitoring all bus messages in real time, and checking message compliance;
step 224: establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
step 225: the bus intrusion detection and the attack protection are realized through matching a rule set;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, the four steps of step 1, step 3 to step 5 are the same as those of the second embodiment, except that a solution similar to a network sandbox is established when abnormal behaviors such as an attack are received, so as to protect the communication security of the automobile bus, prevent key information from being easily acquired, analyze and compare messages through a pre-established feature library, and start attack protection if the behaviors threatening the network security of the automobile are matched.

Claims (5)

1. The vehicle-mounted network information safety protection system is characterized by comprising a safety engine module, an application program interface module, an authentication module, a safety communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein:
the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and the management rule set comprise a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism;
the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services;
the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process;
the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol;
the data encryption module is used for providing algorithm support for data encryption and decryption;
the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library;
the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy;
and the log system module is responsible for recording system operation, network flow and operation behaviors.
2. The system according to claim 1, further comprising a security audit coordination mechanism, configured to coordinate means or mechanisms for dealing with security risks of each module, wherein the security audit coordination mechanism includes a status detection and a dynamic policy, the status detection is configured to collect log data of each module to obtain an operating status, and upload the operating status to the cloud via the vehicle network, and the dynamic policy is adopted to adjust the security policy in real time according to the operating status of each module to deal with different security risks.
3. The application method of the vehicle-mounted network information safety system is characterized in that:
s1, extracting technical characteristics with commonality for an automobile embedded system environment and a communication service, and identifying safety risks;
s2, establishing a lightweight security engine architecture adaptive to the heterogeneous network of the automobile embedded system;
s3, providing security services such as data encryption and decryption, certificate and key management and the like for the automobile communication service;
s4, establishing a security audit cooperation mechanism;
and S5, establishing a log system and a security policy library, and updating.
4. The method for applying an in-vehicle network information security system of claim 3, wherein S2 further includes:
s211, taking over a vehicle-mounted Ethernet communication protocol stack;
s212, real-time mapping and redundancy backup of the network message are carried out;
s213, encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
s214, identifying abnormal flow and abnormal behaviors based on a protocol standard and a safety rule set;
s215, matching and generating an attack protection strategy.
5. The method for applying an in-vehicle network information security system of claim 3, wherein S2 further includes:
s221, taking over an automobile bus communication protocol stack;
s222, establishing safety isolation and access control of automobile bus communication;
s223, monitoring all bus messages in real time, and checking message compliance;
s224, establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
and S225, realizing bus intrusion detection and attack protection through a matching rule set.
CN202110549799.XA 2021-05-20 2021-05-20 Vehicle-mounted network safety protection system and application method thereof Withdrawn CN113242251A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110549799.XA CN113242251A (en) 2021-05-20 2021-05-20 Vehicle-mounted network safety protection system and application method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110549799.XA CN113242251A (en) 2021-05-20 2021-05-20 Vehicle-mounted network safety protection system and application method thereof

Publications (1)

Publication Number Publication Date
CN113242251A true CN113242251A (en) 2021-08-10

Family

ID=77137740

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110549799.XA Withdrawn CN113242251A (en) 2021-05-20 2021-05-20 Vehicle-mounted network safety protection system and application method thereof

Country Status (1)

Country Link
CN (1) CN113242251A (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709011A (en) * 2021-08-24 2021-11-26 山西暗石电子技术有限公司 CAN-based DN-CAN communication protocol and communication method thereof
CN113900429A (en) * 2021-12-09 2022-01-07 北京航空航天大学 Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus
CN114760092A (en) * 2022-03-09 2022-07-15 浙江零跑科技股份有限公司 Network data safety detection system for intelligent automobile and cloud platform
CN114900347A (en) * 2022-04-28 2022-08-12 重庆长安汽车股份有限公司 Ethernet-based intrusion detection method and data packet distribution method
CN114978630A (en) * 2022-05-11 2022-08-30 重庆长安汽车股份有限公司 Safety event detection system and method for vehicle-mounted CAN network and storage medium
CN115001815A (en) * 2022-05-31 2022-09-02 重庆长安汽车股份有限公司 Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment
CN115150187A (en) * 2022-07-28 2022-10-04 中汽创智科技有限公司 Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium
CN115208694A (en) * 2022-09-13 2022-10-18 智己汽车科技有限公司 Vehicle-mounted network communication encryption system based on central computing platform and vehicle
CN115242530A (en) * 2022-07-27 2022-10-25 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile
CN115664691A (en) * 2022-08-05 2023-01-31 中电车联信安科技有限公司 Communication security car networking system
WO2023124100A1 (en) * 2021-12-29 2023-07-06 北京国家新能源汽车技术创新中心有限公司 Security architecture and system for central gateway, and storage medium
WO2023178479A1 (en) * 2022-03-21 2023-09-28 Huawei Technologies Co., Ltd. Method for detecting suspicious traffic for a vehicle and related device
CN117354052A (en) * 2023-12-04 2024-01-05 北京国双科技有限公司 Network intrusion protection system based on data identification

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709011A (en) * 2021-08-24 2021-11-26 山西暗石电子技术有限公司 CAN-based DN-CAN communication protocol and communication method thereof
CN113709011B (en) * 2021-08-24 2022-09-27 山西暗石电子技术有限公司 CAN-based DN-CAN communication protocol configuration method and communication method
CN113900429A (en) * 2021-12-09 2022-01-07 北京航空航天大学 Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus
CN113900429B (en) * 2021-12-09 2022-03-18 北京航空航天大学 Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus
WO2023124100A1 (en) * 2021-12-29 2023-07-06 北京国家新能源汽车技术创新中心有限公司 Security architecture and system for central gateway, and storage medium
CN114760092A (en) * 2022-03-09 2022-07-15 浙江零跑科技股份有限公司 Network data safety detection system for intelligent automobile and cloud platform
WO2023178479A1 (en) * 2022-03-21 2023-09-28 Huawei Technologies Co., Ltd. Method for detecting suspicious traffic for a vehicle and related device
CN114900347B (en) * 2022-04-28 2023-04-14 重庆长安汽车股份有限公司 Ethernet-based intrusion detection method and data packet distribution method
CN114900347A (en) * 2022-04-28 2022-08-12 重庆长安汽车股份有限公司 Ethernet-based intrusion detection method and data packet distribution method
CN114978630A (en) * 2022-05-11 2022-08-30 重庆长安汽车股份有限公司 Safety event detection system and method for vehicle-mounted CAN network and storage medium
CN115001815A (en) * 2022-05-31 2022-09-02 重庆长安汽车股份有限公司 Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment
CN115242530A (en) * 2022-07-27 2022-10-25 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile
CN115242530B (en) * 2022-07-27 2023-10-13 常州星宇车灯股份有限公司 Vehicle-mounted safety communication system and method based on national cryptographic algorithm and automobile
CN115150187A (en) * 2022-07-28 2022-10-04 中汽创智科技有限公司 Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium
CN115150187B (en) * 2022-07-28 2024-04-26 中汽创智科技有限公司 Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium
CN115664691A (en) * 2022-08-05 2023-01-31 中电车联信安科技有限公司 Communication security car networking system
CN115664691B (en) * 2022-08-05 2023-04-11 中电车联信安科技有限公司 Communication security car networking system
CN115208694B (en) * 2022-09-13 2023-01-13 智己汽车科技有限公司 Vehicle-mounted network communication encryption system based on central computing platform and vehicle
CN115208694A (en) * 2022-09-13 2022-10-18 智己汽车科技有限公司 Vehicle-mounted network communication encryption system based on central computing platform and vehicle
CN117354052A (en) * 2023-12-04 2024-01-05 北京国双科技有限公司 Network intrusion protection system based on data identification
CN117354052B (en) * 2023-12-04 2024-03-12 北京国双科技有限公司 Network intrusion protection system based on data identification

Similar Documents

Publication Publication Date Title
CN113242251A (en) Vehicle-mounted network safety protection system and application method thereof
AU2022201606B2 (en) Cloaking authority system
CN106789015B (en) Intelligent power distribution network communication safety system
CN105430000A (en) Cloud computing security management system
CN111049803A (en) Data encryption and platform security access method based on vehicle-mounted CAN bus communication system
CN112468504B (en) Industrial control network access control method based on block chain
CN115549932B (en) Security access system and access method for massive heterogeneous Internet of things terminals
DE102019127100A1 (en) PROCEDURE AND SYSTEM FOR PROVIDING SECURITY OF AN IN-VEHICLE NETWORK
CN116405302B (en) System and method for in-vehicle safety communication
CN111787027A (en) Safety protection system and method for traffic information release
CN111654375A (en) Block chain-based edge calculation security encryption method, device and system
CN114257388B (en) Information safety protection method and device of Internet of vehicles system and electric automobile
EP1287655B1 (en) Method for securing the authenticity of hardware and software in a network
CN114301739B (en) Central gateway security architecture, system and storage medium
CN114157489B (en) Communication domain controller safety communication method based on periodic authentication handshake mechanism
CN115766023A (en) Encryption algorithm-based vehicle cross-functional domain secret key and certificate dynamic updating system
CN115225415B (en) Password application platform for new energy centralized control system and monitoring and early warning method
CN115118449B (en) Energy internet-oriented safe and efficient interactive edge proxy server
CN110661747B (en) Terminal safety control method for rail transit cloud
CN118174924A (en) Data asset authorization method and system based on industrial Internet of things
CN116996879A (en) Public Key Infrastructure (PKI) -based civil aircraft flash image service (FLS) remote loading security authentication and encryption system
Fan et al. Analysis on network security of intelligent connected in-vehicle bus
CN115766288A (en) Safety management cooperation method for cross-network exchange
CN114448642A (en) In-vehicle network communication safety method based on distribution
CN115842632A (en) Identity authentication method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20210810

WW01 Invention patent application withdrawn after publication