CN115102706B - HOST-IDS safety detection system and method of vehicle ECU - Google Patents
HOST-IDS safety detection system and method of vehicle ECU Download PDFInfo
- Publication number
- CN115102706B CN115102706B CN202210454243.7A CN202210454243A CN115102706B CN 115102706 B CN115102706 B CN 115102706B CN 202210454243 A CN202210454243 A CN 202210454243A CN 115102706 B CN115102706 B CN 115102706B
- Authority
- CN
- China
- Prior art keywords
- ids
- host
- ecu
- safety
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/3024—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a central processing unit [CPU]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/3037—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a memory, e.g. virtual memory, cache
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3051—Monitoring arrangements for monitoring the configuration of the computing system or of the computing system component, e.g. monitoring the presence of processing resources, peripherals, I/O links, software programs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
Abstract
The invention relates to a HOST-IDS safety detection system and method of a vehicle ECU, comprising a HOST-IDS safety component, wherein the HOST-IDS safety component comprises a system file monitoring module, a process monitoring module, a resource monitoring module and a network safety module, the output end of the system file monitoring module is connected with the process monitoring module, the output end of the process monitoring module is connected with the resource monitoring module, and the output end of the resource monitoring module is connected with the network safety module; the system file monitoring module is used for monitoring the integrity of the ECU system file, the process monitoring module is used for monitoring the security of the ECU system process, the resource monitoring module is used for monitoring the resource occupancy of the CPU, and the network security module is used for monitoring the security of the ECU system network; compared with the prior art, the invention helps the vehicle enterprise to carry out safety monitoring on the safety state of the vehicle system, and reduces immeasurable loss caused by information safety events.
Description
[ technical field ]
The invention relates to the technical field of vehicle-mounted Electronic Control Units (ECU), in particular to a HOST-IDS safety detection system and method of a vehicle ECU.
[ background Art ]
Current vehicle ECU systems include android, linux, QNX, and RTOS systems. Because the system lacks some safety mechanisms to monitor, the system is easy to attack by hackers, and the system data in the ECU in the vehicle is stolen or subjected to safety attack, so that the safety of the vehicle and the privacy of a driver are damaged. Therefore, it is desirable to incorporate HOST IDS safety components to safely monitor the safe operating state of the vehicle ECU system. The security monitoring is mainly based on the following dimensions: and (3) security monitoring of system file integrity, resource security monitoring, process security monitoring and network security monitoring.
Because the operating system of the ECU does not have a safety monitoring mechanism to monitor the running environment and the modules, a hacker can invade the ECU system in a remote mode, and upgrade the system and root copyright raising operation are performed in a program refreshing and updating mode. In this way, during the process of hacking the ECU system, the ECU's system files and system processes and resources may change significantly. The system files of the ECU can be changed, the memory and CPU utilization rate of the system can be changed, the number of system processes can be increased or reduced, and the network port breakthrough is destroyed.
Therefore, the HOST IDS security component needs to perform security monitoring on the system environment, and when the system is running, the HOST IDS security component periodically detects the number and entry of system files, and if a change occurs, it indicates that the system is being hacked. For example: in the running process of the ECU system, the utilization rate of the CPU and the memory of the ECU is greatly changed, which indicates that the ECU system has the upgrade operation of upgrading the copyright and is hacked; the processes of the ECU system all have fixed serial number PID, after the system is invaded and the system is in the process of taking authority, the new system can generate a plurality of new processes, so that new process serial number PID is generated, and the ECU system is hacked; after the network port of the ECU system is invaded by a hacker, the vehicle-mounted firewall of the ECU records the hacking behavior, which is the protection of the first layer network dimension of the hacking system.
[ summary of the invention ]
The invention aims to solve the defects and provide a HOST-IDS safety detection system of a vehicle ECU, which aims at safety monitoring of the integrity of an ECU system file, the legality of an operating thread and the utilization rate of a CPU and a memory, and reduces the immeasurable loss caused by an information safety event.
The HOST-IDS safety detection system comprises a HOST-IDS safety component, wherein the HOST-IDS safety component is integrated into the system of the ECU in the form of an SDK or a library file, and when the system of the ECU operates, data of the system operating state of the ECU is fed back to the HOST-IDS safety component in real time; the HOST-IDS security component comprises a system file monitoring module, a process monitoring module, a resource monitoring module and a network security module, wherein the output end of the system file monitoring module is connected with the process monitoring module, the output end of the process monitoring module is connected with the resource monitoring module, and the output end of the resource monitoring module is connected with the network security module; the system file monitoring module is used for monitoring the integrity of the ECU system file, the process monitoring module is used for monitoring the security of the ECU system process, the resource monitoring module is used for monitoring the resource occupancy of the CPU, and the network security module is used for monitoring the security of the ECU system network.
Further, the system file monitoring module monitors the operation behavior of the monitoring directory file, and if the system file monitoring module detects that the system file is destroyed, the system file monitoring module performs security log recording; and monitoring the behavior of the file abnormal operation, and if the file abnormal operation is detected to be tampered, performing security log recording.
Further, the process monitoring module monitors an abnormal system process, and if the abnormal system process is detected to be destroyed, the process monitoring module performs security log recording; and monitoring an abnormal output event of the system process, and if the abnormal output event is detected to be tampered, performing security log recording.
Further, the resource monitoring module monitors whether the CPU occupation ratio of the HOST-IDS security component is smaller than 10%, if not smaller than 10%, the HOST-IDS security component is attacked, and security log recording is carried out.
Further, the network security module monitors IP white list setting, attack defense setting, session connection number setting and network port scanning prevention setting of the ECU system.
Further, the system also comprises a safety log file management module, wherein the safety log file management module is connected with the network safety module and records the safety events in a log form, and the safety log file management module classifies, stores and uploads the safety logs.
The invention also provides a HOST-IDS safety detection method of the vehicle ECU, which comprises the following steps:
1) The HOST-IDS safety component is integrated into the system of the ECU in the form of an SDK or in the form of a library file, and when the system of the ECU operates, data of the system operating state of the ECU is fed back to the HOST-IDS safety component in real time;
2) After the ECU system is started, the HOST-IDS security component regularly checks the integrity of the system files, the system regularly feeds back all the system file number lists and the file list stored by the HOST IDS for comparison, and if the system number lists and the file list are inconsistent, the HOST IDS security log is recorded;
3) If the file lists are consistent, checking the system threads at any time, namely comparing the thread number list of the instant monitoring system with the thread number list stored by the HOST IDS, and if the file lists are inconsistent, recording the HOST IDS security log;
4) If the thread number list is consistent, checking the utilization rate of the system memory and the CPU at any time, if the CPU occupancy rate is less than 10%, no attack is performed, if the CPU occupancy rate exceeds 10%, the system memory and the CPU are attacked, and recording HOST IDS security logs;
5) And finally, checking the network port of the system at any time, namely monitoring the network port of the ECU in a network detection mode at any time, and preventing hackers from invading the ECU system in a port scanning or illegal IP mode.
Compared with the prior art, the invention has the following advantages:
(1) The invention is convenient for the safety monitoring and tracking of the vehicle ECU system by a vehicle factory;
(2) The HOST IDS safety detection assembly has the detection success rate of more than 97 percent and the false alarm rate of less than 1 percent;
(3) The RAM of the HOST IDS security component occupies 4MB, and the ROM occupies 400KB, so that the occupied hardware resources are very small;
(4) The invention can play the role of advanced technology reserve for the authentication of the vehicle factory passing WP 29R 155;
(5) The vehicle-mounted ECU is safely protected from two dimensions of the system and the network port, and the occupation of hardware resources is small;
(6) Compared with the CAN IDS safety products, the HOST IDS has different protection dimensions, so that the dimension CAN be increased for the safety protection of the vehicle ECU, and the safety of the vehicle information safety protection is increased to a certain extent;
in summary, the invention can perform safety monitoring on the integrity of the system file configuration file of the vehicle ECU, the legality of the running thread and the utilization rate of the CPU and the memory, and help the vehicle enterprise to perform safety monitoring on the safety state of the vehicle system, thereby reducing the immeasurable loss of the vehicle enterprise caused by information safety events.
[ description of the drawings ]
FIG. 1 is a functional logic diagram of the present invention;
fig. 2 is a detection flow chart of the present invention.
Detailed description of the preferred embodiments
The invention provides a HOST-IDS safety detection system of a vehicle ECU, which comprises a HOST-IDS safety component, wherein the HOST-IDS safety component is integrated into the system of the ECU in the form of an SDK (software development kit) or a library file, and when the system of the ECU operates, data of the system operation state of the ECU is fed back to the HOST-IDS safety component in real time; the HOST-IDS security component comprises a system file monitoring module, a process monitoring module, a resource monitoring module and a network security module, wherein the output end of the system file monitoring module is connected with the process monitoring module, the output end of the process monitoring module is connected with the resource monitoring module, and the output end of the resource monitoring module is connected with the network security module; the system file monitoring module is used for monitoring the integrity of the ECU system file, the process monitoring module is used for monitoring the security of the ECU system process, the resource monitoring module is used for monitoring the resource occupancy of the CPU, and the network security module is used for monitoring the security of the ECU system network.
The system file monitoring module monitors the operation behavior of the monitoring directory file, and if the system file monitoring module detects that the system file is destroyed, the system file monitoring module performs security log recording; and monitoring the behavior of the file abnormal operation, and if the file abnormal operation is detected to be tampered, performing security log recording. The process monitoring module monitors an abnormal system process, and if the abnormal system process is detected to be damaged, the process monitoring module carries out security log recording; and monitoring an abnormal output event of the system process, and if the abnormal output event is detected to be tampered, performing security log recording. The resource monitoring module monitors whether the CPU occupation ratio of the HOST-IDS security component is smaller than 10%, if not smaller than 10%, the HOST-IDS security component is attacked, and security log recording is carried out. The network security module monitors the IP white list setting, attack defense setting, session connection number setting, and network port scanning prevention setting of the ECU system. The system also comprises a safety log file management module, wherein the safety log file management module is connected with the network safety module, records the safety events in a log form, and classifies, stores and uploads the safety logs.
The invention also provides a HOST-IDS safety detection method of the vehicle ECU, which comprises the following steps:
1) The HOST-IDS safety component is integrated into the system of the ECU in the form of an SDK or in the form of a library file, and when the system of the ECU operates, data of the system operating state of the ECU is fed back to the HOST-IDS safety component in real time;
2) After the ECU system is started, the HOST-IDS security component regularly checks the integrity of the system files, the system regularly feeds back all the system file number lists and the file list stored by the HOST IDS for comparison, and if the system number lists and the file list are inconsistent, the HOST IDS security log is recorded;
3) If the file lists are consistent, checking the system threads at any time, namely comparing the thread number list of the instant monitoring system with the thread number list stored by the HOST IDS, and if the file lists are inconsistent, recording the HOST IDS security log;
4) If the thread number list is consistent, checking the utilization rate of the system memory and the CPU at any time, if the CPU occupancy rate is less than 10%, no attack is performed, if the CPU occupancy rate exceeds 10%, the system memory and the CPU are attacked, and recording HOST IDS security logs;
5) And finally, checking the network port of the system at any time, namely monitoring the network port of the ECU in a network detection mode at any time, and preventing hackers from invading the ECU system in a port scanning or illegal IP mode.
The invention is further described below with reference to the accompanying drawings:
as shown in fig. 1, a functional logic diagram of the HOST IDS security component is shown. The HOST IDS is integrated into the ECU's system in the form of an SDK or library file. When the system of the ECU operates, the data of the system operating state of the ECU is fed back to the components of the HOST IDS in real time, and whether the ECU system is invaded by a hacker is further judged. If an intrusion is detected by the ECU, then the HOST IDS security component logs the security event.
Specifically, system security profile importation performs HOST IDS rule set design, and security components of the HOST IDS rule set are implanted into the ECU system in the form of an SDK. The HOST IDS safety component carries out safety monitoring on the safety running state of the ECU, and stores, sorts and uploads the detected safety events in a log form, so that the safety monitoring of the vehicle produced by the vehicle enterprise OEM on the safety of the vehicle produced by the vehicle enterprise OEM is facilitated, and hacking is prevented.
The main detection functions of this HOST IDS security component include: (1) integrity of system files: monitoring the operation behavior of the monitoring directory file, and if the operation behavior is destroyed, performing security log recording; and monitoring the behavior of the file abnormal operation, and if tampered, performing security log recording. (2) security monitoring of processes: monitoring abnormal system processes (processes other than white list), and if damaged, performing security log recording; monitoring abnormal output events of a system process (a process other than a white list), and if tampered, performing security log record. (3) safety monitoring of resources: the HOST IDS component has a CPU occupation ratio of less than 10% under no attack, and if the HOST IDS component is attacked, the HOST IDS component performs security log recording. (4) security monitoring of the network: IP whitelist settings, attack defense settings, session connection number settings, and network port prevention scan settings. (5) secure log file management: security log classification, security log storage and security log uploading.
As shown in fig. 2, a flow chart of HOST IDS detection is shown. After the ECU system is started, the HOST IDS starts to monitor the system periodically. The method comprises the following specific steps: (1) The integrity of the system files is checked regularly, and the general design logic is that the system feeds back all the system file number lists regularly to compare with the file list stored by the HOST IDS, and if the system file number lists are inconsistent with the file list stored by the HOST IDS, the HOST IDS security log is recorded. (2) The system thread is checked at the moment, and the general design logic is that a thread number list of the moment monitoring system is compared with a thread number list stored by the HOST IDS, and if the thread number list is inconsistent with the thread number list stored by the HOST IDS, a HOST IDS security log is recorded. (3) The usage rate of the system memory and the CPU is checked at any time, and the general design logic is that HOST IDS pays attention to the usage rate of the system memory and the CPU at any time, and if the usage rate is out of a defined range, HOST IDS security log is recorded. (4) The system network port is checked at any time, and the general design logic is to monitor the ECU network port at any time in a network detection mode, so as to prevent hackers from invading the ECU system in a port scanning or illegal IP mode.
Compared with the singleness of the protection dimension of other vehicle-mounted IDS information safety products, the vehicle-mounted ECU safety protection method and device disclosed by the invention are used for carrying out safety protection on the vehicle-mounted ECU from two dimensions of a system and a network port. Meanwhile, compared with other vehicle-mounted IDS information security products, the vehicle-mounted ECU information security system has the advantages that the occupation of hardware resources is small, and the vehicle-mounted ECU information security system has great advantages for the characteristic of small hardware resources of the vehicle-mounted ECU; the HOST IDS is first proposed and is in the leading position in the market, and compared with a CAN IDS safety product, the HOST IDS has different protection dimensions, so that the dimension CAN be increased for the safety protection of a vehicle ECU, and the safety protection of vehicle information is increased to a certain extent.
In addition, the HOST IDS information safety component can help a vehicle manufacturer to pass the WP 29R 155 information safety standard to a certain extent, permit the vehicle to be sold abroad, and store the technology for the export of the vehicle abroad after 2022, and if the vehicle enterprise does not deploy IDS related components in the vehicle before 2022 and 7 months, the production and sales of the novel vehicle can be affected. Meanwhile, the HOST IDS information security product can help the vehicle enterprise to carry out security monitoring on the security state of the vehicle system, so that immeasurable losses of the vehicle enterprise due to information security events are reduced.
The present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications that do not depart from the spirit and principles of the invention are intended to be equivalent substitutes and are included in the scope of the invention.
Claims (7)
1. A HOST-IDS safety detection system for a vehicle ECU, characterized by: the system comprises a HOST-IDS safety component, wherein the HOST-IDS safety component is integrated into a system of the ECU in the form of an SDK or in the form of a library file, and when the system of the ECU operates, data of the system operating state of the ECU is fed back to the HOST-IDS safety component in real time; the HOST-IDS security component comprises a system file monitoring module, a process monitoring module, a resource monitoring module and a network security module, wherein the output end of the system file monitoring module is connected with the process monitoring module, the output end of the process monitoring module is connected with the resource monitoring module, and the output end of the resource monitoring module is connected with the network security module; the system file monitoring module is used for monitoring the integrity of the ECU system file, the process monitoring module is used for monitoring the security of the ECU system process, the resource monitoring module is used for monitoring the resource occupancy of the CPU, and the network security module is used for monitoring the security of the ECU system network.
2. The HOST-IDS safety detection system of a vehicle ECU as set forth in claim 1, wherein: the system file monitoring module monitors the operation behavior of the monitoring directory file, and if the system file monitoring module detects that the system file is destroyed, the system file monitoring module performs security log recording; and monitoring the behavior of the file abnormal operation, and if the file abnormal operation is detected to be tampered, performing security log recording.
3. The HOST-IDS safety detection system of a vehicle ECU as set forth in claim 1, wherein: the process monitoring module monitors an abnormal system process, and if the abnormal system process is detected to be damaged, the process monitoring module performs security log recording; and monitoring an abnormal output event of the system process, and if the abnormal output event is detected to be tampered, performing security log recording.
4. The HOST-IDS safety detection system of a vehicle ECU as set forth in claim 1, wherein: and the resource monitoring module monitors whether the CPU occupation ratio of the HOST-IDS safety component is smaller than 10 percent, if not smaller than 10 percent, the HOST-IDS safety component is attacked, and safety log recording is carried out.
5. The HOST-IDS safety detection system of a vehicle ECU as set forth in claim 1, wherein: the network security module monitors IP white list setting, attack defense setting, session connection number setting, and network port scanning prevention setting of the ECU system.
6. The HOST-IDS safety detection system of a vehicle ECU as set forth in claim 1, wherein: the system also comprises a safety log file management module, wherein the safety log file management module is connected with the network safety module, records the safety events in a log form, and classifies, stores and uploads the safety logs.
7. A HOST-IDS safety detection method for a vehicle ECU, comprising the steps of:
1) The HOST-IDS safety component is integrated into the system of the ECU in the form of an SDK or in the form of a library file, and when the system of the ECU operates, data of the system operating state of the ECU is fed back to the HOST-IDS safety component in real time;
2) After the ECU system is started, the HOST-IDS security component regularly checks the integrity of the system files, the system regularly feeds back all the system file number lists and the file list stored by the HOST IDS for comparison, and if the system number lists and the file list are inconsistent, the HOST IDS security log is recorded;
3) If the file lists are consistent, checking the system threads at any time, namely comparing the thread number list of the instant monitoring system with the thread number list stored by the HOST IDS, and if the file lists are inconsistent, recording the HOST IDS security log;
4) If the thread number list is consistent, checking the utilization rate of the CPU at any time, if the CPU occupancy rate is less than 10%, no attack is performed, if the CPU occupancy rate exceeds 10%, the attack is performed, and HOST IDS security log is recorded;
5) And finally, checking the network port of the system at any time, namely monitoring the network port of the ECU in a network detection mode at any time, and preventing hackers from invading the ECU system in a port scanning or illegal IP mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210454243.7A CN115102706B (en) | 2022-04-27 | 2022-04-27 | HOST-IDS safety detection system and method of vehicle ECU |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210454243.7A CN115102706B (en) | 2022-04-27 | 2022-04-27 | HOST-IDS safety detection system and method of vehicle ECU |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115102706A CN115102706A (en) | 2022-09-23 |
| CN115102706B true CN115102706B (en) | 2023-10-20 |
Family
ID=83287179
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210454243.7A Active CN115102706B (en) | 2022-04-27 | 2022-04-27 | HOST-IDS safety detection system and method of vehicle ECU |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115102706B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794645A (en) * | 2005-08-24 | 2006-06-28 | 上海浦东软件园信息技术有限公司 | Invading detection method and system based on procedure action |
| CN101068168A (en) * | 2007-04-23 | 2007-11-07 | 北京启明星辰信息技术有限公司 | Main machine invading detecting method and system |
| CN109344609A (en) * | 2018-08-31 | 2019-02-15 | 惠州市德赛西威汽车电子股份有限公司 | A kind of TCU module, TCU system and guard method |
| CN111434090A (en) * | 2018-01-23 | 2020-07-17 | 现代自动车株式会社 | System and method for providing security to an in-vehicle network |
| CN112543195A (en) * | 2020-12-03 | 2021-03-23 | 北京梆梆安全科技有限公司 | Information security assessment method and device for intelligent networked automobile and electronic equipment |
| CN112769851A (en) * | 2021-01-19 | 2021-05-07 | 汉纳森(厦门)数据股份有限公司 | Mimicry defense system based on Internet of vehicles |
| CN113325825A (en) * | 2021-06-07 | 2021-08-31 | 深圳市金城保密技术有限公司 | Intelligent networking automobile data and information safety evaluation system |
| CN114095522A (en) * | 2020-07-30 | 2022-02-25 | 阿波罗智联(北京)科技有限公司 | Vehicle monitoring method, service system, management terminal, vehicle and storage medium |
| CN114374565A (en) * | 2022-01-30 | 2022-04-19 | 中国第一汽车股份有限公司 | Intrusion detection method and device for vehicle CAN network, electronic equipment and medium |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7152242B2 (en) * | 2002-09-11 | 2006-12-19 | Enterasys Networks, Inc. | Modular system for detecting, filtering and providing notice about attack events associated with network security |
| US9776597B2 (en) * | 2006-05-16 | 2017-10-03 | Lear Corporation | Vehicle with electronic system intrusion detection |
| US10665040B2 (en) * | 2010-08-27 | 2020-05-26 | Zonar Systems, Inc. | Method and apparatus for remote vehicle diagnosis |
| US10931635B2 (en) * | 2017-09-29 | 2021-02-23 | Nec Corporation | Host behavior and network analytics based automotive secure gateway |
| US11535267B2 (en) * | 2020-03-18 | 2022-12-27 | Toyota Motor Engineering & Manufacturing North America, Inc. | User alert systems, apparatus, and related methods for use with vehicles |
-
2022
- 2022-04-27 CN CN202210454243.7A patent/CN115102706B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1794645A (en) * | 2005-08-24 | 2006-06-28 | 上海浦东软件园信息技术有限公司 | Invading detection method and system based on procedure action |
| CN101068168A (en) * | 2007-04-23 | 2007-11-07 | 北京启明星辰信息技术有限公司 | Main machine invading detecting method and system |
| CN111434090A (en) * | 2018-01-23 | 2020-07-17 | 现代自动车株式会社 | System and method for providing security to an in-vehicle network |
| CN109344609A (en) * | 2018-08-31 | 2019-02-15 | 惠州市德赛西威汽车电子股份有限公司 | A kind of TCU module, TCU system and guard method |
| CN114095522A (en) * | 2020-07-30 | 2022-02-25 | 阿波罗智联(北京)科技有限公司 | Vehicle monitoring method, service system, management terminal, vehicle and storage medium |
| CN112543195A (en) * | 2020-12-03 | 2021-03-23 | 北京梆梆安全科技有限公司 | Information security assessment method and device for intelligent networked automobile and electronic equipment |
| CN112769851A (en) * | 2021-01-19 | 2021-05-07 | 汉纳森(厦门)数据股份有限公司 | Mimicry defense system based on Internet of vehicles |
| CN113325825A (en) * | 2021-06-07 | 2021-08-31 | 深圳市金城保密技术有限公司 | Intelligent networking automobile data and information safety evaluation system |
| CN114374565A (en) * | 2022-01-30 | 2022-04-19 | 中国第一汽车股份有限公司 | Intrusion detection method and device for vehicle CAN network, electronic equipment and medium |
Non-Patent Citations (7)
| Title |
|---|
| Anyu Cheng ; Yibo Peng ; Hao Yan ; Xiaona Shen ; .An intrusion detection method for the in-vehicle network.2021 33rd Chinese Control and Decision Conference (CCDC).2021,4893-4899. * |
| Arsalan Ali Shaikh ; Heng Qi ; Wei Jiang ; Muhammad Tahir ; .A novel HIDS and log collection based system for digital forensics in cloud environment. 2017 3rd IEEE International Conference on Computer and Communications (ICCC).2018,1434-1438. * |
| Christopher Gutierrez ; Marcio Juliato ; Shabbir Ahmed ; Manoj Sastry.Detecting Attacks Against Safety-Critical ADAS Based on In-Vehicle Network Message Patterns.2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks – Industry Track.2019,9-12. * |
| Identifying ECUs Using Inimitable Characteristics of Signals in Controller Area Networks;Wonsuk Choi; Hyo Jin Jo; Samuel Woo; Ji Young Chun; Jooyoung Park; Dong Hoon Lee;;IEEE Transactions on Vehicular Technology;第67卷(第6期);4757 - 4770 * |
| 一种车载网络安全防护机制的研究;覃周;硕士电子期刊;第3章-第5章 * |
| 邓世坤.计算机网络.2018,298-300. * |
| 面向车联网的共谋攻击安全检测机制研究;杨婧泽;中国优秀硕士学位论文全文数据库信息科技辑(第6期);第三章-第四章 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115102706A (en) | 2022-09-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109871691B (en) | Authority-based process management method, system, device and readable storage medium | |
| US9854442B2 (en) | Electronic control unit network security | |
| CN109344609B (en) | TCU module, TCU system and protection method | |
| RU2693188C1 (en) | Control method and unit for portable storage devices and storage medium | |
| CN106339629A (en) | Application management method and device | |
| CN112653655A (en) | Automobile safety communication control method and device, computer equipment and storage medium | |
| CN106997435B (en) | Method, device and system for safety prevention and control of operating system | |
| CN115102706B (en) | HOST-IDS safety detection system and method of vehicle ECU | |
| EP3772838A1 (en) | Computer-implemented method of security-related control or configuration of a digital system | |
| WO2021121382A1 (en) | Security management of an autonomous vehicle | |
| CN110750779B (en) | Terminal maintenance management method, device, equipment and storage medium | |
| CN109145536B (en) | Webpage tamper-proofing method and device | |
| CN108573153B (en) | Vehicle-mounted operating system and using method thereof | |
| US20220019669A1 (en) | Information processing device | |
| CN111258615A (en) | Industrial control host, method and device for upgrading software of industrial control host and mobile storage medium | |
| CN108334788A (en) | File tamper resistant method and device | |
| CN114546420A (en) | Software remote installation protection uninstalling method | |
| CN109145587A (en) | A kind of data Anti-theft method, apparatus, terminal and readable medium | |
| CN111556024B (en) | Reverse access control system and method | |
| CN113297628A (en) | Modification behavior auditing method, device, equipment and readable storage medium | |
| CN111079123A (en) | System and method for limiting unauthorized camera shooting by computer | |
| CN116910768B (en) | Attack defending method, system, device and medium | |
| CN110866245B (en) | Detection method and detection system for maintaining file security of virtual machine | |
| CN113297121B (en) | Interface management method, device, equipment and readable storage medium | |
| CN110490010B (en) | Automatic data destruction method based on multi-factor environmental perception |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |