CN116933016A - Automatic driving information safety test method and system based on vehicle-road cooperation - Google Patents
Automatic driving information safety test method and system based on vehicle-road cooperation Download PDFInfo
- Publication number
- CN116933016A CN116933016A CN202311204198.0A CN202311204198A CN116933016A CN 116933016 A CN116933016 A CN 116933016A CN 202311204198 A CN202311204198 A CN 202311204198A CN 116933016 A CN116933016 A CN 116933016A
- Authority
- CN
- China
- Prior art keywords
- data
- abnormal
- communication
- communication data
- information safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000009781 safety test method Methods 0.000 title claims abstract description 16
- 230000002159 abnormal effect Effects 0.000 claims abstract description 126
- 238000004891 communication Methods 0.000 claims abstract description 122
- 238000011076 safety test Methods 0.000 claims abstract description 28
- 238000000034 method Methods 0.000 claims abstract description 23
- 238000012216 screening Methods 0.000 claims abstract description 13
- 238000007781 pre-processing Methods 0.000 claims abstract description 11
- 238000012360 testing method Methods 0.000 claims description 35
- 238000006243 chemical reaction Methods 0.000 claims description 20
- 239000011159 matrix material Substances 0.000 claims description 15
- 238000012549 training Methods 0.000 claims description 12
- 230000005856 abnormality Effects 0.000 claims description 9
- 238000013507 mapping Methods 0.000 claims description 9
- 238000000513 principal component analysis Methods 0.000 claims description 9
- 238000000605 extraction Methods 0.000 claims description 7
- 238000000354 decomposition reaction Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 3
- 238000007635 classification algorithm Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 238000010998 test method Methods 0.000 claims 1
- 238000011156 evaluation Methods 0.000 description 6
- 238000013528 artificial neural network Methods 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 4
- 125000004122 cyclic group Chemical group 0.000 description 4
- 238000002347 injection Methods 0.000 description 4
- 239000007924 injection Substances 0.000 description 4
- 230000001133 acceleration Effects 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/10—Pre-processing; Data cleansing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/213—Feature extraction, e.g. by transforming the feature space; Summarisation; Mappings, e.g. subspace methods
- G06F18/2135—Feature extraction, e.g. by transforming the feature space; Summarisation; Mappings, e.g. subspace methods based on approximation criteria, e.g. principal component analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/044—Recurrent networks, e.g. Hopfield networks
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Computation (AREA)
- Life Sciences & Earth Sciences (AREA)
- General Physics & Mathematics (AREA)
- Artificial Intelligence (AREA)
- Bioinformatics & Computational Biology (AREA)
- Evolutionary Biology (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an automatic driving information safety test method and system based on vehicle-road cooperation, comprising the steps of simulating an attack scene, obtaining communication data, preprocessing the communication data, extracting communication characteristics of the communication data, screening according to the correlation degree of the communication characteristics to obtain abnormal characteristics, classifying the communication data according to the abnormal characteristics to obtain abnormal classification data, carrying out abnormal recognition on the abnormal classification data to obtain abnormal data, constructing an information safety test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information safety test model, and outputting an information safety test result. The method not only can improve the precision of the automatic driving information safety test method, but also has better interpretability, and can be directly applied to an automatic driving information safety test system based on vehicle-road cooperation.
Description
Technical Field
The invention relates to the field of automatic driving, in particular to an automatic driving information safety test method and system based on vehicle-road cooperation.
Background
The information security test technology is widely applied in the field of automatic driving, and can help managers of the automatic driving system with the cooperation of the vehicle and the road to timely and efficiently acquire the result of the automatic driving information security test with the cooperation of the vehicle and the road, thereby realizing intelligent acquisition of the automatic driving information security test with the cooperation of the vehicle and the road. At present, the automatic driving information safety test has the characteristics of huge user information quantity, various data types, high information density and the like, and the information safety test method has more uncertain factors, so that the automatic driving information safety test method for vehicle-road coordination has larger uncertainty. Although some automatic driving information safety testing methods and systems based on vehicle-road coordination have been invented, the problem of uncertainty of the automatic driving information safety testing methods based on vehicle-road coordination cannot be effectively solved.
Disclosure of Invention
The invention aims to provide an automatic driving information safety test method and system based on vehicle-road cooperation.
In order to achieve the above purpose, the invention is implemented according to the following technical scheme:
the invention comprises the following steps:
a, simulating an attack scene, acquiring communication data, and preprocessing the communication data;
b, extracting communication characteristics of the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
classifying the communication data according to the abnormal characteristics to obtain abnormal classification data, and performing abnormal recognition on the abnormal classification data to obtain abnormal data;
and D, constructing an information security test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information security test model, and outputting an information security test result.
Further, the method of preprocessing in step a includes removing duplicate data, deleting missing values and outliers, data conversion and data reduction.
Further, the method for extracting the communication characteristics of the communication data comprises the following steps:
the dimensionality of the initial spatial communication data is randomly planned, an initial dimensionality is provided for data conversion and processing, the communication data is converted into a training test data set, and a covariance matrix of the subspace communication data is calculated:
wherein the mean vector of all training test data sets in the subspace isThe ith communication data is +.>The transpose of the difference between the communication data and the mean vector is +.>The number of the communication data is n;
performing eigenvalue decomposition on the covariance matrix to obtain eigenvalues and corresponding eigenvectors, arranging the eigenvectors in descending order according to the corresponding eigenvalues, selecting the eigenvectors to form a component analysis conversion matrix, and performing principal component analysis conversion on communication data:
wherein the test data after conversion is Q, the principal component analysis conversion matrix is D, and the transpose of the principal component analysis conversion matrix isAccording to the magnitude of the characteristic value, selecting the characteristic vector as a main component, and projecting communication data onto the selected main component to obtain the initial characteristic of the communication data;
extracting trend features and mean features according to the low-frequency signals after wavelet decomposition of the initial features:
wherein the low frequency signal isTrend is characterized by->Mean value specialThe sign is->The mean value of the low frequency signal is +.>And (3) setting the time as E and the time length as E, and establishing a regression model:
wherein the scale parameter isMinimum error is->Wavelet variance is calculated:
wherein the domain is b and the wavelet coefficient isExtracting high-frequency signal characteristics according to wavelet coefficients:
wherein the high frequency signal of the ith layer at time e isThe mean value of the high-frequency signal of the i-th layer is +.>High-frequency signal of the i-th layer +.>Characterized by->Outputting the high-frequency signal characteristics as onAnd (5) information characteristics.
Further, the method for classifying the communication data according to the abnormal characteristics to obtain abnormal classification data comprises the following steps:
inputting the abnormal features into a classification algorithm, and calculating the distance between the features and the hyperplane:
wherein the ith anomaly featureDistance to the hyperplane is +.>The hyperplane is A, B, C, vector coordinates of the anomaly feature +.>Slope m, selecting a kernel function:
wherein the ith anomaly is characterized byThe j-th abnormality is +>The mapping function of the abnormal feature is +.>The transpose of the mapping function is +.>High-dimensional mapping is performed by using a kernel function, and the maximum interval is calculated:
wherein the x-axis position of the jth anomaly isThe j-axis position of the j-th abnormal feature is +.>The number of the abnormal features is r, a hyperplane with the maximum interval is obtained according to the maximum interval, and communication data are selected according to the hyperplane to be classified, so that abnormal classification data are obtained.
Further, the method for obtaining the abnormal data by carrying out the abnormal recognition on the abnormal classification data comprises the following steps:
calculating the distance of the abnormal classification data:
wherein the data is p, the c-th data isThe number of data is s, the c-th data nearest to data p is +.>The data closest to data p is +.>The k distance of the data p is +.>Calculating the data reachable distance:
wherein data p andthe distance of the data o isCalculating the local reachable density of the data p:
wherein the set of all data of the abnormality classification data having a distance from the point p of not more than the k distance of the point p isCalculating local outlier factors of the data:
wherein the local reachable density of data o isJudging whether the data is abnormal or not according to the abnormal proportion threshold value and the local outlier factor, correlating the abnormal characteristics of the corresponding abnormal classified data with the classified data after the abnormal recognition, and outputting the abnormal data.
Further, the method for constructing the information security test model according to the abnormal characteristics and the abnormal classification data comprises a cyclic neural network algorithm, wherein the abnormal classification data is divided into a test set and a training set according to a ratio of 4:1, the test set is input into the information security test model for training, the accuracy and the efficiency are higher than 0.9 and are used as optimization targets, the attention mechanism is increased, the information security test model is optimized, and the training set is input into a trained cyclic neural network algorithm to predict the information security test result.
In a second aspect, an automatic driving information safety test system based on vehicle-road cooperation includes:
and a data acquisition module: the method comprises the steps of simulating an attack scene, acquiring communication data and preprocessing the communication data;
and the feature extraction module is used for: for performing a communication feature extraction on the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
an anomaly identification module: the communication data are classified according to the abnormal characteristics to obtain abnormal classification data, and the abnormal classification data are subjected to abnormal recognition to obtain abnormal data;
and a result output module: and the information safety test module is used for constructing an information safety test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information safety test model and outputting an information safety test result.
The beneficial effects of the invention are as follows:
compared with the prior art, the invention has the following technical effects:
the method can improve the accuracy of the information safety test through the steps of preprocessing, abnormal feature extraction, abnormal data identification and prediction result, thereby realizing the information safety test, the resource and labor cost can be greatly saved, the working efficiency can be improved, the information safety test can be realized for the automatic driving of the vehicle-road cooperation, the information safety test is carried out for the automatic driving of the vehicle-road cooperation in real time, the method has important significance for the information safety test of the automatic driving of the vehicle-road cooperation, and the method can adapt to the information safety test requirements of the automatic driving information safety test systems of different vehicle-road cooperation and the automatic driving information safety test systems of different users based on the vehicle-road cooperation, and has certain universality.
Drawings
Fig. 1 is a flow chart of steps of an automatic driving information safety test method based on vehicle-road cooperation.
Detailed Description
The invention is further described by the following specific examples, which are presented to illustrate, but not to limit, the invention.
The invention discloses an automatic driving information safety test method based on vehicle-road cooperation, which comprises the following steps:
as shown in fig. 1, in this embodiment, the steps include:
a, simulating an attack scene, acquiring communication data, and preprocessing the communication data;
in actual evaluation, taking a certain middle-end automobile as an example, an information security test environment is built, and fake vehicle control instructions, fake road side equipment information, malicious code injection, abnormal network flow and eavesdropping data are performed, wherein the generated communication data are as follows:
the communication data generated by the data 1 and the fake vehicle control instruction are false acceleration, braking or steering commands, and the running state and track of the vehicle are affected;
the communication data generated by the data 2 and the fake vehicle control instruction are false acceleration, braking or steering commands, and the running state and track of the vehicle cannot be influenced;
the communication data generated by the data 3 and the fake road side equipment information is used for transmitting fake road conditions and traffic signals to the road side equipment, so that the running and the track of the vehicle are affected;
the communication data generated by the data 4 and the fake road side equipment information is that fake road conditions and traffic signals are sent to the road side equipment, and the running and the track of the vehicle cannot be influenced;
the data 5 and communication data generated by malicious code injection are the malicious code injection to an operating system or an application program of the vehicle or the road side equipment, and the behavior of the vehicle or the road side equipment is controlled;
the data 6 and communication data generated by malicious code injection are the malicious code injected into an operating system or an application program of the vehicle or the road side equipment, and the behavior of the vehicle or the road side equipment cannot be controlled;
the data 7 and communication data generated by the abnormal network flow are communication data which are used for transmitting a large amount of or repeated network flow to the vehicle or the road side equipment, and the communication and the normal operation of the vehicle and the road side equipment are affected;
the data 8 and communication data generated by the abnormal network flow are large or repeated network flows sent to the vehicle or the road side equipment, so that the communication and normal operation of the vehicle and the road side equipment cannot be influenced;
the data 9 and communication data generated by the interception data are communication data between the interception vehicle and road side equipment, and the position, the speed, the driving route and the like of the vehicle are obtained;
the data 10 and communication data generated by interception data are communication data between an intercepted vehicle and road side equipment, and the position, the speed, the driving route and the like of the vehicle cannot be acquired;
b, extracting communication characteristics of the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
in practical evaluation, the common characteristics of the communication data are data integrity, data confidentiality, data flow and behavior, data source identity authentication, data content security, value density, timeliness, interactivity, diversity, traceability, the extracted communication characteristics are data integrity, data confidentiality, data flow and behavior, data source identity authentication, data content security, value density, interactivity, diversity, the correlation degree of the data integrity and the data confidentiality, data flow and behavior, data source identity authentication, data content security, value density, interactivity, diversity is 0.12, 0.24, 0.19, 0.17, 0.58, 0.69, 0.74, the correlation degree of the data confidentiality and the data flow and behavior, data source identity authentication, data content security, value density, interactivity, diversity is 0.16, 0.27, 0.13, 0.79, 0.81, 0.65 respectively, the correlation degree of the data flow and the behavior and the data source identity authentication, the data content security, the value density, the interactivity and the diversity is 0.25, 0.11, 0.57, 0.82 and 0.67, the correlation degree of the data flow and the behavior and the data source identity authentication, the value density, the interactivity and the diversity is 0.29, 0.85, 0.64 and 0.87, the correlation degree of the data content security and the value density, the interactivity and the diversity is 0.54, 0.87 and 0.68, the correlation degree of the value density and the interactivity and the diversity is 0.71 and 0.73, the correlation degree of the interactivity and the diversity is 0.77, and abnormal characteristics such as data integrity, data confidentiality, data flow and behavior, the data source identity authentication and the data content security are screened.
Classifying the communication data according to the abnormal characteristics to obtain abnormal classification data, and performing abnormal recognition on the abnormal classification data to obtain abnormal data;
d, constructing an information security test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information security test model, and outputting an information security test result;
in the actual evaluation, the security test results of the data 9 and the data 10 are predicted to be unsafe data confidentiality and unsafe respectively.
In this embodiment, the method of preprocessing in step a includes removing duplicate data, deleting missing values and outliers, data conversion, and data specifications.
In this embodiment, the method for extracting communication characteristics of the communication data includes:
the dimensionality of the initial spatial communication data is randomly planned, an initial dimensionality is provided for data conversion and processing, the communication data is converted into a training test data set, and a covariance matrix of the subspace communication data is calculated:
wherein the mean vector of all training test data sets in the subspace isThe ith communication data is +.>The transpose of the difference between the communication data and the mean vector is +.>The number of the communication data is n;
performing eigenvalue decomposition on the covariance matrix to obtain eigenvalues and corresponding eigenvectors, arranging the eigenvectors in descending order according to the corresponding eigenvalues, selecting the eigenvectors to form a component analysis conversion matrix, and performing principal component analysis conversion on communication data:
wherein test data after conversionThe principal component analysis conversion matrix is Q, D, and the transpose of the principal component analysis conversion matrix isAccording to the magnitude of the characteristic value, selecting the characteristic vector as a main component, and projecting communication data onto the selected main component to obtain the initial characteristic of the communication data;
extracting trend features and mean features according to the low-frequency signals after wavelet decomposition of the initial features:
wherein the low frequency signal isTrend is characterized by->The mean value is characterized by->The mean value of the low frequency signal is +.>And (3) setting the time as E and the time length as E, and establishing a regression model:
wherein the scale parameter isMinimum error is->Wavelet variance is calculated:
wherein the domain is b and the wavelet coefficient isExtracting high-frequency signal characteristics according to wavelet coefficients:
wherein the high frequency signal of the ith layer at time e isThe mean value of the high-frequency signal of the i-th layer is +.>High-frequency signal of the i-th layer +.>Characterized by->Outputting the high-frequency signal characteristic as a communication characteristic;
in practical evaluation, common characteristics of communication data are data integrity, data confidentiality, data flow and behavior, data source identity authentication, data content security, value density, timeliness, interactivity, diversity and traceability, and extracted communication characteristics are data integrity, data confidentiality, data flow and behavior, data source identity authentication, data content security, value density, interactivity and diversity.
In this embodiment, the method for classifying the communication data according to the abnormal feature to obtain abnormal classification data includes:
inputting the abnormal features into a classification algorithm, and calculating the distance between the features and the hyperplane:
wherein the ith exceptionFeatures (e.g. a character)Distance to the hyperplane is +.>The hyperplane is A, B, C, vector coordinates of the anomaly feature +.>Slope m, selecting a kernel function:
wherein the ith anomaly is characterized byThe j-th abnormality is +>The mapping function of the abnormal feature is +.>The transpose of the mapping function is +.>High-dimensional mapping is performed by using a kernel function, and the maximum interval is calculated:
wherein the x-axis position of the jth anomaly isJ-axis position of jth abnormal featurePut into->The number of the abnormal features is r, a hyperplane with the maximum interval is obtained according to the maximum interval, and communication data are selected according to the hyperplane to be classified to obtain abnormal classification data;
in actual evaluation, data are classified into a complete class, an encryption class, a flow direction and a behavior class according to abnormal characteristics, wherein data 2, data 4, data 6 and data 8 are the complete class, data 10 and data 9 are the encryption class, and data 1, data 3, data 5 and data 7 are the flow direction and the behavior class.
In this embodiment, the method for obtaining the abnormal data by performing the abnormal recognition on the abnormal classification data includes:
inputting the abnormal classification data, and calculating the distance of the abnormal classification data:
wherein the data is p, the c-th data isThe number of data is s, the c-th data nearest to data p is +.>The data closest to data p is +.>The k distance of the data p is +.>Calculating the data reachable distance:
wherein the distance between data p and data o isLocal availability of the calculation data pThe density is reached:
wherein the set of all data of the abnormality classification data having a distance from the point p of not more than the k distance of the point p isCalculating local outlier factors of the data:
wherein the local reachable density of data o isJudging whether the data is abnormal or not according to the abnormal proportion threshold value and the local outlier factor, correlating the abnormal characteristics of the corresponding abnormal classified data with the classified data after the abnormal recognition, and outputting the abnormal data;
in the actual evaluation, the local outliers of data 1, data 2, data 3, data 4, data 5, data 6, data 7, data 9, and data 10 were 2.7, 0.7, 1.8, 0.96, 5.31, 0.39, 3.47, 0.54, 4.67, and 0.73, respectively, and the identified outliers were data 1, data 3, data 5, data 7, and data 9.
Further, the method for constructing the information security test model according to the abnormal characteristics and the abnormal classification data comprises a cyclic neural network algorithm, wherein the abnormal classification data is divided into a test set and a training set according to a ratio of 4:1, the test set is input into the information security test model for training, the accuracy and the efficiency are higher than 0.9 and are used as optimization targets, the attention mechanism is increased, the information security test model is optimized, and the training set is input into a trained cyclic neural network algorithm to predict the information security test result.
In a second aspect, an automatic driving information safety test system based on vehicle-road cooperation includes:
and a data acquisition module: the method comprises the steps of simulating an attack scene, acquiring communication data and preprocessing the communication data;
and the feature extraction module is used for: for performing a communication feature extraction on the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
an anomaly identification module: the communication data are classified according to the abnormal characteristics to obtain abnormal classification data, and the abnormal classification data are subjected to abnormal recognition to obtain abnormal data;
and a result output module: and the information safety test module is used for constructing an information safety test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information safety test model and outputting an information safety test result.
The foregoing description of the preferred embodiments of the invention is not intended to limit the invention to the precise form disclosed, and any such modifications, equivalents, and alternatives falling within the spirit and scope of the invention are intended to be included within the scope of the invention.
Claims (6)
1. The automatic driving information safety test method based on the vehicle-road cooperation is characterized by comprising the following steps of:
a, simulating an attack scene, acquiring communication data, and preprocessing the communication data;
b, extracting communication characteristics of the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
classifying the communication data according to the abnormal characteristics to obtain abnormal classification data, and performing abnormal recognition on the abnormal classification data to obtain abnormal data;
and D, constructing an information security test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information security test model, and outputting an information security test result.
2. The vehicle-road-collaboration-based automatic driving information security test method according to claim 1, wherein the preprocessing method in step a includes removing duplicate data, deleting missing values and abnormal values, data conversion, and data specifications.
3. The vehicle-road-collaboration-based automatic driving information safety test method according to claim 1, wherein the method for extracting communication characteristics of the communication data comprises the steps of:
the dimensionality of the initial spatial communication data is randomly planned, an initial dimensionality is provided for data conversion and processing, the communication data is converted into a training test data set, and a covariance matrix of the subspace communication data is calculated:
wherein the mean vector of all training test data sets in the subspace isThe ith communication data is +.>The transpose of the difference between the communication data and the mean vector is +.>The number of the communication data is n;
performing eigenvalue decomposition on the covariance matrix to obtain eigenvalues and corresponding eigenvectors, arranging the eigenvectors in descending order according to the corresponding eigenvalues, selecting the eigenvectors to form a component analysis conversion matrix, and performing principal component analysis conversion on communication data:
wherein the test data after conversion is Q, the principal component analysis conversion matrix is D, and the transpose of the principal component analysis conversion matrix isAccording to the magnitude of the characteristic value, selecting the characteristic vector as a main component, and projecting communication data onto the selected main component to obtain the initial characteristic of the communication data;
extracting trend features and mean features according to the low-frequency signals after wavelet decomposition of the initial features:
wherein the low frequency signal isTrend is characterized by->The mean value is characterized by->The mean value of the low frequency signal is +.>And (3) setting the time as E and the time length as E, and establishing a regression model:
wherein the scale parameter isMinimum error is->Wavelet variance is calculated:
wherein the domain is b and the wavelet coefficient isExtracting high-frequency signal characteristics according to wavelet coefficients:
wherein the high frequency signal of the ith layer at time e isThe mean value of the high-frequency signal of the i-th layer is +.>High-frequency signal of the i-th layer +.>Characterized by->The high frequency signal characteristic is output as a communication characteristic.
4. The vehicle-road-collaboration-based automatic driving information safety test method according to claim 1, wherein the method for classifying the communication data according to the abnormality feature to obtain abnormality classification data comprises:
inputting the abnormal features into a classification algorithm, and calculating the distance between the features and the hyperplane:
wherein the ith anomaly featureDistance to the hyperplane is +.>The hyperplane is A, B, C, the vector coordinates of the abnormal featuresSlope m, selecting a kernel function:
wherein the ith anomaly is characterized byThe j-th abnormality is +>The mapping function of the abnormal feature is +.>The transpose of the mapping function is +.>High-dimensional mapping is performed by using a kernel function, and the maximum interval is calculated:
wherein the x-axis position of the jth anomaly isThe j-axis position of the j-th abnormal feature is +.>The number of the abnormal features is r, a hyperplane with the maximum interval is obtained according to the maximum interval, and communication data are selected according to the hyperplane to be classified, so that abnormal classification data are obtained.
5. The vehicle-road-collaboration-based automatic driving information safety test method according to claim 1, wherein the method for acquiring the abnormal data by performing abnormality identification on the abnormal classification data comprises the following steps:
calculating the distance of the abnormal classification data:
wherein the data is p, the c-th data isThe number of data is s, the c-th data nearest to data p is +.>The data closest to data p is +.>The k distance of the data p is +.>Calculating the data reachable distance:
wherein the distance between data p and data o isCalculating the local reachable density of the data p:
wherein the set of all data of the abnormality classification data having a distance from the point p of not more than the k distance of the point p isCalculating local outlier factors of the data:
wherein the local reachable density of data o isJudging whether the data is abnormal or not according to the abnormal proportion threshold value and the local outlier factor, correlating the abnormal characteristics of the corresponding abnormal classified data with the classified data after the abnormal recognition, and outputting the abnormal data.
6. An automatic driving information safety test system based on vehicle-road cooperation is characterized by comprising:
and a data acquisition module: the method comprises the steps of simulating an attack scene, acquiring communication data and preprocessing the communication data;
and the feature extraction module is used for: for performing a communication feature extraction on the communication data,
and screening and obtaining abnormal characteristics according to the relevance of the communication characteristics:
calculating the correlation between the communication features:
wherein the characteristic is g, and the average value of the characteristic isThe number of features is n, the ith feature is +.>The j-th feature is->The relevance of the ith feature to the jth feature is +.>Screening out communication characteristics with correlation degree between 0 and 0.3 as abnormal characteristics;
an anomaly identification module: the communication data are classified according to the abnormal characteristics to obtain abnormal classification data, and the abnormal classification data are subjected to abnormal recognition to obtain abnormal data;
and a result output module: and the information safety test module is used for constructing an information safety test model according to the abnormal characteristics and the abnormal classification data, inputting the communication data into the information safety test model and outputting an information safety test result.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311204198.0A CN116933016B (en) | 2023-09-19 | 2023-09-19 | Automatic driving information safety test method and system based on vehicle-road cooperation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311204198.0A CN116933016B (en) | 2023-09-19 | 2023-09-19 | Automatic driving information safety test method and system based on vehicle-road cooperation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116933016A true CN116933016A (en) | 2023-10-24 |
CN116933016B CN116933016B (en) | 2023-11-24 |
Family
ID=88384725
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311204198.0A Active CN116933016B (en) | 2023-09-19 | 2023-09-19 | Automatic driving information safety test method and system based on vehicle-road cooperation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116933016B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111312A (en) * | 2011-03-28 | 2011-06-29 | 钱叶魁 | Multi-scale principle component analysis-based network abnormity detection method |
CN110149345A (en) * | 2019-06-11 | 2019-08-20 | 北京航空航天大学 | A kind of In-vehicle networking intrusion detection method based on sequence of message prediction |
CN111459816A (en) * | 2020-03-31 | 2020-07-28 | 北京百度网讯科技有限公司 | Fault injection test method, device, system and storage medium |
CN113098853A (en) * | 2020-12-14 | 2021-07-09 | 北京航空航天大学合肥创新研究院 | Vehicle-mounted network false information injection abnormal behavior detection method |
KR20210115991A (en) * | 2020-03-17 | 2021-09-27 | 한국전자통신연구원 | Method and apparatus for detecting network anomaly using analyzing time-series data |
CN115374851A (en) * | 2022-08-19 | 2022-11-22 | 北京市燃气集团有限责任公司 | Gas data anomaly detection method and device |
-
2023
- 2023-09-19 CN CN202311204198.0A patent/CN116933016B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102111312A (en) * | 2011-03-28 | 2011-06-29 | 钱叶魁 | Multi-scale principle component analysis-based network abnormity detection method |
CN110149345A (en) * | 2019-06-11 | 2019-08-20 | 北京航空航天大学 | A kind of In-vehicle networking intrusion detection method based on sequence of message prediction |
KR20210115991A (en) * | 2020-03-17 | 2021-09-27 | 한국전자통신연구원 | Method and apparatus for detecting network anomaly using analyzing time-series data |
CN111459816A (en) * | 2020-03-31 | 2020-07-28 | 北京百度网讯科技有限公司 | Fault injection test method, device, system and storage medium |
CN113098853A (en) * | 2020-12-14 | 2021-07-09 | 北京航空航天大学合肥创新研究院 | Vehicle-mounted network false information injection abnormal behavior detection method |
CN115374851A (en) * | 2022-08-19 | 2022-11-22 | 北京市燃气集团有限责任公司 | Gas data anomaly detection method and device |
Also Published As
Publication number | Publication date |
---|---|
CN116933016B (en) | 2023-11-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Song et al. | In-vehicle network intrusion detection using deep convolutional neural network | |
Kwak et al. | Driver identification based on wavelet transform using driving patterns | |
CN109962909B (en) | Network intrusion anomaly detection method based on machine learning | |
Li et al. | Detecting anomalies in intelligent vehicle charging and station power supply systems with multi-head attention models | |
Boddupalli et al. | Resilient cooperative adaptive cruise control for autonomous vehicles using machine learning | |
CN113392932A (en) | Anti-attack system for deep intrusion detection | |
CN113139536B (en) | Text verification code identification method and equipment based on cross-domain meta learning and storage medium | |
CN111144522A (en) | Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference | |
CN112019529B (en) | New forms of energy electric power network intrusion detection system | |
Abu-Gellban et al. | Livedi: An anti-theft model based on driving behavior | |
CN110677437A (en) | User disguised attack detection method and system based on potential space countermeasure clustering | |
Yu et al. | TCE-IDS: Time interval conditional entropy-based intrusion detection system for automotive controller area networks | |
Moore et al. | Anomaly detection of cyber physical network data using 2D images | |
Zhu et al. | Improving transportation mode identification with limited GPS trajectories | |
Sun et al. | Intrusion detection system based on in-depth understandings of industrial control logic | |
CN116933016B (en) | Automatic driving information safety test method and system based on vehicle-road cooperation | |
Paul et al. | An artificial neural network based anomaly detection method in can bus messages in vehicles | |
CN116312513A (en) | Intelligent voice control system | |
Minjie et al. | Abnormal Traffic Detection Technology of Power IOT Terminal Based on PCA and OCSVM | |
Gao et al. | Attack Detection for Intelligent Vehicles via CAN-Bus: A Lightweight Image Network Approach | |
CN112822191B (en) | Method for multi-dimensional data security detection in networked cooperative system | |
CN115730751A (en) | Generation method of police patrol route, electronic device and readable storage medium | |
CN113887633A (en) | IL-based malicious behavior identification method and system for closed-source power engineering control system | |
Li et al. | Robustness of vehicle identification via trajectory dynamics to noisy measurements and malicious attacks | |
CN116647374B (en) | Network flow intrusion detection method based on big data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |