The paper presents a framework for the systematic assessment of network anomaly detectors (NADSs) in time-sensitive automotive networks. The framework consists of four main components:
In-Car Network Scenario: This component defines the network topology, baseline traffic, protocol stack, and abnormal interactions/attack models.
Simulation Environment: The simulation environment is based on OMNeT++ and INET, providing detailed link layer simulation and labeling support for generated traffic.
Dataset Library: The simulation generates labeled PCAPNG files containing both benign and anomalous traffic, which are organized into a dataset library.
Network Anomaly Detection System: The NADS framework includes interchangeable components for stream filtering, metric recording, anomaly detection algorithms, and result logging.
The framework enables reproducible and comparable assessments of NADSs under various configurations, including different traffic patterns, anomaly types, and detection algorithms. The authors demonstrate the framework's versatility through three case study scenarios, evaluating the performance of Autoencoder and other anomaly detection algorithms in detecting packet elimination, reordering, and injection attacks in an automotive network.
The framework allows for systematic exploration of the NADS design space, facilitating the identification of promising candidates for further real-world testing and deployment.
To Another Language
from source content
arxiv.org
Önemli Bilgiler Şuradan Elde Edildi
by Phil... : arxiv.org 05-03-2024
https://arxiv.org/pdf/2405.01324.pdfDaha Derin Sorular