CN113242251A - Vehicle-mounted network safety protection system and application method thereof - Google Patents
Vehicle-mounted network safety protection system and application method thereof Download PDFInfo
- Publication number
- CN113242251A CN113242251A CN202110549799.XA CN202110549799A CN113242251A CN 113242251 A CN113242251 A CN 113242251A CN 202110549799 A CN202110549799 A CN 202110549799A CN 113242251 A CN113242251 A CN 113242251A
- Authority
- CN
- China
- Prior art keywords
- module
- vehicle
- security
- safety
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to a vehicle-mounted network information safety protection system, which comprises a safety engine module, an application program interface module, an authentication module, a safety communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein: the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system and is used for establishing a processing flow and a management rule set of vehicle-mounted network messages; the application program interface module is used for providing data encryption and decryption services for the application program; the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol; the data encryption module is used for providing algorithm support for data encryption and decryption; the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of the vehicle-mounted network message; and the log system module is responsible for recording system operation, network flow and operation behaviors.
Description
Technical Field
The invention relates to a vehicle-mounted network information safety protection system, in particular to a vehicle-mounted network information safety protection system of an intelligent networked automobile.
Background
With the increasing degree of automobile intellectualization and networking, the security threat faces is also greatly increased. Various connection paths of the networked automobile can be utilized to realize remote attack and control on the automobile. Smart networked cars typically face the following information security issues:
1) the traditional automobile bus realizes the communication between nodes based on message broadcasting and an arbitration mechanism according to priority; an intruder disassembles the vehicle, monitors the bus message and cracks the protocol; then, aiming at the similar vehicles, remote invasion can be realized through a vehicle-mounted network; after the management authority is obtained, the communication node is counterfeited, an illegal instruction is sent or the bus bandwidth is monopolized with high priority, and flooding attack is implemented; great potential safety hazard is brought to safe driving of the automobile;
2) the system comprises a plurality of automobile Electronic Control Units (ECUs) and vehicle-mounted information system units, which respectively bear different functional responsibilities, and has a huge supplier system, and no corresponding information safety implementation standard although the system conforms to a uniform functional safety standard;
3) the technical field of the embedded system of the automobile has uniqueness and specialty; the method and practice in the traditional internet security field can not be carried out as they are, and the information security of the automobile embedded system is lack of a referable method and reusable resources;
at present, in the technical field of vehicle-mounted network information security, various technical schemes only aim at certain specific service requirements, such as data encryption, system and application program reinforcement, OTA, encrypted communication protocol and the like, and no systematic and comprehensive network information security method and system are formed aiming at vehicle-mounted network information security protection; and other technical schemes are provided for moving methods and systems in the technical field of internet information security, but the technical speciality and the particularity of the embedded system technology of the automobile are not considered, so that the embedded system is difficult to avoid water and soil, and is in the embarrassment that the adaptation degree is low, the available resources are few, and the scheme is difficult to implement specifically.
Disclosure of Invention
In order to solve the technical problems, the technical scheme is as follows, the system comprises a security engine module, an application program interface module, an authentication module, a security communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein:
the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and the management rule set comprise a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism;
the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services;
the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process;
the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol;
the data encryption module is used for providing algorithm support for data encryption and decryption;
the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library;
the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy;
and the log system module is responsible for recording system operation, network flow and operation behaviors.
On the basis of the technical scheme, the system further comprises a security audit cooperation mechanism which is used for coordinating means or mechanisms of all modules for dealing with security risks. The safety audit cooperation mechanism comprises state detection and dynamic strategies, wherein the state detection is used for collecting log data of each module to obtain an operation state, the operation state is uploaded to the cloud end through a vehicle-mounted network, the dynamic strategies are adopted to adjust the safety strategies in real time according to the operation state of each module, and different safety risks are dealt with.
In order to solve the technical problems, an application method of the vehicle-mounted network information security system is also provided, and the provided technical scheme is as follows:
s1, extracting technical characteristics with commonality for an automobile embedded system environment and a communication service, and identifying safety risks;
s2, establishing a lightweight security engine architecture adaptive to the heterogeneous network of the automobile embedded system;
s3, providing security services such as data encryption and decryption, certificate and key management and the like for the automobile communication service;
s4, establishing a security audit cooperation mechanism;
and S5, establishing a log system and a security policy library, and updating.
On the basis of the above technical solution, S2 further includes:
s211, taking over a vehicle-mounted Ethernet communication protocol stack;
s212, real-time mapping and redundancy backup of the network message are carried out;
s213, encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
s214, identifying abnormal flow and abnormal behaviors based on a protocol standard and a safety rule set;
s215, matching and generating an attack protection strategy.
On the basis of the above technical solution, S2 further includes:
s221, taking over an automobile bus communication protocol stack;
s222, establishing safety isolation and access control of automobile bus communication;
s223, monitoring all bus messages in real time, and checking message compliance;
s224, establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
and S225, realizing bus intrusion detection and attack protection through a matching rule set.
Has the advantages that: aiming at the information security requirement of an automobile embedded system, an open information security application system and a unified information security service framework are provided, the unified management of an automobile bus and a vehicle-mounted network is realized, the communication requirement is met, meanwhile, a vehicle networking information security strategy can be configured as required, the realization difficulty of the information security protection of vehicle-mounted embedded equipment is greatly reduced, and the terminal information security guarantee is provided for the security operation of the vehicle networking.
Detailed Description
The first embodiment.
The embodiment aims to provide a system for carrying out network information security protection on an embedded system, which comprises a security engine module, an application program interface module, an authentication module, a security communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module.
The safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and management rule set comprises a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism; the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services; the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process; the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol; the data encryption module is used for providing algorithm support for data encryption and decryption; the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library; and the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy. And the log system module is responsible for recording system operation, network flow and operation behaviors.
The embodiment also has a preferable example, that is, a security audit cooperation mechanism is also provided, which is not used as a module, but is used as a means or mechanism for coordinating each module to deal with security risks. The safety audit cooperation mechanism comprises state detection and dynamic strategies, wherein the state detection is used for collecting log data of each module to obtain an operation state, the operation state is uploaded to the cloud end through a vehicle-mounted network, the dynamic strategies are adopted to adjust the safety strategies in real time according to the operation state of each module, and different safety risks are dealt with.
Example two.
The present embodiment provides a method for using a network information security protection system based on the first embodiment.
Step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, step 1 and step 2 are steps of establishing a security engine module to identify and process abnormal behavior and protect the security of the vehicle network, and steps 3 to step 5 are steps of establishing a security policy to provide support for the security engine module.
Example three.
The present embodiment is made on the basis of the second embodiment, wherein the step 2 is further preferably subdivided into:
step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
step 211: taking over the vehicle-mounted Ethernet communication protocol stack;
step 212: real-time mapping and redundant backup of network messages;
step 213: encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
step 214: identifying abnormal flow and abnormal behavior based on a protocol standard and a safety rule set;
step 215: matching and generating an attack protection strategy;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, the four steps of step 1, step 3 to step 5 are the same as those in the second embodiment, except that a protection means is provided for the security of the vehicle-mounted network information communication by means of mapping, backup and encryption.
Example four.
This embodiment is a parallel embodiment of the third embodiment on the basis of the second embodiment. In this embodiment, the information security protection of the vehicle bus is also covered, and the step 2 is further preferably subdivided into: .
Step 1: extracting technical features with commonality for the environment of the automobile embedded system and the communication service, and identifying safety risks;
step 2: establishing a lightweight security engine architecture adapted to the heterogeneous network of the automobile embedded system;
step 221: taking over an automobile bus communication protocol stack;
step 222: establishing safety isolation and access control of automobile bus communication;
step 223: monitoring all bus messages in real time, and checking message compliance;
step 224: establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
step 225: the bus intrusion detection and the attack protection are realized through matching a rule set;
and step 3: providing security services such as data encryption and decryption, certificate and key management and the like for automobile communication services;
and 4, step 4: establishing a security audit cooperation mechanism;
and 5: and establishing a log system and a security policy library, and updating.
In this embodiment, the four steps of step 1, step 3 to step 5 are the same as those of the second embodiment, except that a solution similar to a network sandbox is established when abnormal behaviors such as an attack are received, so as to protect the communication security of the automobile bus, prevent key information from being easily acquired, analyze and compare messages through a pre-established feature library, and start attack protection if the behaviors threatening the network security of the automobile are matched.
Claims (5)
1. The vehicle-mounted network information safety protection system is characterized by comprising a safety engine module, an application program interface module, an authentication module, a safety communication module, a data encryption module, an attack protection module, an intrusion detection module and a log system module, wherein:
the safety engine module is a dispatching center of the vehicle-mounted network information safety protection system, and establishes a processing flow and a management rule set of vehicle-mounted network messages by taking over a vehicle-mounted network communication protocol stack; the vehicle-mounted network communication protocol stack comprises a vehicle-mounted Ethernet communication protocol stack and a vehicle-mounted CAN bus communication protocol stack; the processing flow and the management rule set comprise a packet filtering mechanism, a redirection mechanism, a hook mechanism and a callback mechanism;
the application program interface module is used for providing data encryption and decryption services for the application program, cloud platform interaction services, certificate and key management services, remote upgrading services and log information reading and writing services;
the authentication module is responsible for managing certificates and user authorities and realizes the safety isolation and access control of vehicle-mounted network communication; the security isolation and access control refer to security domain management of the embedded system in particular, the embedded system is divided into different security domains according to security levels, the access authority of digital resources in the security domains is controlled and managed, and the access to the security domains needs to follow an identity identification and authorization process;
the safety communication module is used for realizing network transmission encryption based on a vehicle-mounted network transmission layer communication protocol and an SSL/TSL encryption transmission protocol;
the data encryption module is used for providing algorithm support for data encryption and decryption;
the intrusion detection module collects necessary data and information by methods of real-time mapping, redundant backup and the like of vehicle-mounted network messages, the necessary data and information at least comprise vehicle-mounted Ethernet network message data, vehicle-mounted CAN bus message data and message characteristic information of each communication node, the message characteristic information comprises statistical information including frame intervals, information entropy and load rate, and abnormal flow and abnormal behaviors are identified based on specific protocol standards, a safety rule set and a message characteristic library;
the attack protection module is used for protecting the safety of the vehicle-mounted network according to a preset protection strategy;
and the log system module is responsible for recording system operation, network flow and operation behaviors.
2. The system according to claim 1, further comprising a security audit coordination mechanism, configured to coordinate means or mechanisms for dealing with security risks of each module, wherein the security audit coordination mechanism includes a status detection and a dynamic policy, the status detection is configured to collect log data of each module to obtain an operating status, and upload the operating status to the cloud via the vehicle network, and the dynamic policy is adopted to adjust the security policy in real time according to the operating status of each module to deal with different security risks.
3. The application method of the vehicle-mounted network information safety system is characterized in that:
s1, extracting technical characteristics with commonality for an automobile embedded system environment and a communication service, and identifying safety risks;
s2, establishing a lightweight security engine architecture adaptive to the heterogeneous network of the automobile embedded system;
s3, providing security services such as data encryption and decryption, certificate and key management and the like for the automobile communication service;
s4, establishing a security audit cooperation mechanism;
and S5, establishing a log system and a security policy library, and updating.
4. The method for applying an in-vehicle network information security system of claim 3, wherein S2 further includes:
s211, taking over a vehicle-mounted Ethernet communication protocol stack;
s212, real-time mapping and redundancy backup of the network message are carried out;
s213, encrypting transmission of a vehicle-mounted network transmission layer communication protocol;
s214, identifying abnormal flow and abnormal behaviors based on a protocol standard and a safety rule set;
s215, matching and generating an attack protection strategy.
5. The method for applying an in-vehicle network information security system of claim 3, wherein S2 further includes:
s221, taking over an automobile bus communication protocol stack;
s222, establishing safety isolation and access control of automobile bus communication;
s223, monitoring all bus messages in real time, and checking message compliance;
s224, establishing a feature library according to the communication nodes, wherein the feature library at least comprises statistical information including frame intervals, information entropy and load rate;
and S225, realizing bus intrusion detection and attack protection through a matching rule set.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110549799.XA CN113242251A (en) | 2021-05-20 | 2021-05-20 | Vehicle-mounted network safety protection system and application method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110549799.XA CN113242251A (en) | 2021-05-20 | 2021-05-20 | Vehicle-mounted network safety protection system and application method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113242251A true CN113242251A (en) | 2021-08-10 |
Family
ID=77137740
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110549799.XA Withdrawn CN113242251A (en) | 2021-05-20 | 2021-05-20 | Vehicle-mounted network safety protection system and application method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113242251A (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113709011A (en) * | 2021-08-24 | 2021-11-26 | 山西暗石电子技术有限公司 | CAN-based DN-CAN communication protocol and communication method thereof |
CN113900429A (en) * | 2021-12-09 | 2022-01-07 | 北京航空航天大学 | Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus |
CN114760092A (en) * | 2022-03-09 | 2022-07-15 | 浙江零跑科技股份有限公司 | Network data safety detection system for intelligent automobile and cloud platform |
CN114900347A (en) * | 2022-04-28 | 2022-08-12 | 重庆长安汽车股份有限公司 | Ethernet-based intrusion detection method and data packet distribution method |
CN114978630A (en) * | 2022-05-11 | 2022-08-30 | 重庆长安汽车股份有限公司 | Safety event detection system and method for vehicle-mounted CAN network and storage medium |
CN115001815A (en) * | 2022-05-31 | 2022-09-02 | 重庆长安汽车股份有限公司 | Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment |
CN115150187A (en) * | 2022-07-28 | 2022-10-04 | 中汽创智科技有限公司 | Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium |
CN115208694A (en) * | 2022-09-13 | 2022-10-18 | 智己汽车科技有限公司 | Vehicle-mounted network communication encryption system based on central computing platform and vehicle |
CN115242530A (en) * | 2022-07-27 | 2022-10-25 | 常州星宇车灯股份有限公司 | Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile |
CN115664691A (en) * | 2022-08-05 | 2023-01-31 | 中电车联信安科技有限公司 | Communication security car networking system |
WO2023124100A1 (en) * | 2021-12-29 | 2023-07-06 | 北京国家新能源汽车技术创新中心有限公司 | Security architecture and system for central gateway, and storage medium |
WO2023178479A1 (en) * | 2022-03-21 | 2023-09-28 | Huawei Technologies Co., Ltd. | Method for detecting suspicious traffic for a vehicle and related device |
CN117354052A (en) * | 2023-12-04 | 2024-01-05 | 北京国双科技有限公司 | Network intrusion protection system based on data identification |
-
2021
- 2021-05-20 CN CN202110549799.XA patent/CN113242251A/en not_active Withdrawn
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113709011A (en) * | 2021-08-24 | 2021-11-26 | 山西暗石电子技术有限公司 | CAN-based DN-CAN communication protocol and communication method thereof |
CN113709011B (en) * | 2021-08-24 | 2022-09-27 | 山西暗石电子技术有限公司 | CAN-based DN-CAN communication protocol configuration method and communication method |
CN113900429A (en) * | 2021-12-09 | 2022-01-07 | 北京航空航天大学 | Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus |
CN113900429B (en) * | 2021-12-09 | 2022-03-18 | 北京航空航天大学 | Gateway system design method for converting CAN bus into vehicle-mounted Ethernet bus |
WO2023124100A1 (en) * | 2021-12-29 | 2023-07-06 | 北京国家新能源汽车技术创新中心有限公司 | Security architecture and system for central gateway, and storage medium |
CN114760092A (en) * | 2022-03-09 | 2022-07-15 | 浙江零跑科技股份有限公司 | Network data safety detection system for intelligent automobile and cloud platform |
WO2023178479A1 (en) * | 2022-03-21 | 2023-09-28 | Huawei Technologies Co., Ltd. | Method for detecting suspicious traffic for a vehicle and related device |
CN114900347B (en) * | 2022-04-28 | 2023-04-14 | 重庆长安汽车股份有限公司 | Ethernet-based intrusion detection method and data packet distribution method |
CN114900347A (en) * | 2022-04-28 | 2022-08-12 | 重庆长安汽车股份有限公司 | Ethernet-based intrusion detection method and data packet distribution method |
CN114978630A (en) * | 2022-05-11 | 2022-08-30 | 重庆长安汽车股份有限公司 | Safety event detection system and method for vehicle-mounted CAN network and storage medium |
CN115001815A (en) * | 2022-05-31 | 2022-09-02 | 重庆长安汽车股份有限公司 | Vehicle-mounted system attack event monitoring method, system, medium and electronic equipment |
CN115242530A (en) * | 2022-07-27 | 2022-10-25 | 常州星宇车灯股份有限公司 | Vehicle-mounted safety communication system and method based on state cryptographic algorithm and automobile |
CN115242530B (en) * | 2022-07-27 | 2023-10-13 | 常州星宇车灯股份有限公司 | Vehicle-mounted safety communication system and method based on national cryptographic algorithm and automobile |
CN115150187A (en) * | 2022-07-28 | 2022-10-04 | 中汽创智科技有限公司 | Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium |
CN115150187B (en) * | 2022-07-28 | 2024-04-26 | 中汽创智科技有限公司 | Vehicle-mounted bus message security detection method and device, vehicle-mounted terminal and storage medium |
CN115664691A (en) * | 2022-08-05 | 2023-01-31 | 中电车联信安科技有限公司 | Communication security car networking system |
CN115664691B (en) * | 2022-08-05 | 2023-04-11 | 中电车联信安科技有限公司 | Communication security car networking system |
CN115208694B (en) * | 2022-09-13 | 2023-01-13 | 智己汽车科技有限公司 | Vehicle-mounted network communication encryption system based on central computing platform and vehicle |
CN115208694A (en) * | 2022-09-13 | 2022-10-18 | 智己汽车科技有限公司 | Vehicle-mounted network communication encryption system based on central computing platform and vehicle |
CN117354052A (en) * | 2023-12-04 | 2024-01-05 | 北京国双科技有限公司 | Network intrusion protection system based on data identification |
CN117354052B (en) * | 2023-12-04 | 2024-03-12 | 北京国双科技有限公司 | Network intrusion protection system based on data identification |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113242251A (en) | Vehicle-mounted network safety protection system and application method thereof | |
AU2022201606B2 (en) | Cloaking authority system | |
CN106789015B (en) | Intelligent power distribution network communication safety system | |
CN105430000A (en) | Cloud computing security management system | |
CN111049803A (en) | Data encryption and platform security access method based on vehicle-mounted CAN bus communication system | |
CN112468504B (en) | Industrial control network access control method based on block chain | |
CN115549932B (en) | Security access system and access method for massive heterogeneous Internet of things terminals | |
DE102019127100A1 (en) | PROCEDURE AND SYSTEM FOR PROVIDING SECURITY OF AN IN-VEHICLE NETWORK | |
CN116405302B (en) | System and method for in-vehicle safety communication | |
CN111787027A (en) | Safety protection system and method for traffic information release | |
CN111654375A (en) | Block chain-based edge calculation security encryption method, device and system | |
CN114257388B (en) | Information safety protection method and device of Internet of vehicles system and electric automobile | |
EP1287655B1 (en) | Method for securing the authenticity of hardware and software in a network | |
CN114301739B (en) | Central gateway security architecture, system and storage medium | |
CN114157489B (en) | Communication domain controller safety communication method based on periodic authentication handshake mechanism | |
CN115766023A (en) | Encryption algorithm-based vehicle cross-functional domain secret key and certificate dynamic updating system | |
CN115225415B (en) | Password application platform for new energy centralized control system and monitoring and early warning method | |
CN115118449B (en) | Energy internet-oriented safe and efficient interactive edge proxy server | |
CN110661747B (en) | Terminal safety control method for rail transit cloud | |
CN118174924A (en) | Data asset authorization method and system based on industrial Internet of things | |
CN116996879A (en) | Public Key Infrastructure (PKI) -based civil aircraft flash image service (FLS) remote loading security authentication and encryption system | |
Fan et al. | Analysis on network security of intelligent connected in-vehicle bus | |
CN115766288A (en) | Safety management cooperation method for cross-network exchange | |
CN114448642A (en) | In-vehicle network communication safety method based on distribution | |
CN115842632A (en) | Identity authentication method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210810 |
|
WW01 | Invention patent application withdrawn after publication |