Philipp Meyer: Network Anomaly Detection in Cars
Network Anomaly Detection in Cars based on Time-Sensitive Ingress Control
- https://inet.haw-hamburg.de/events/inet-seminar/philipp-meyer-network-anomaly-detection-in-cars
- Philipp Meyer: Network Anomaly Detection in Cars
- 2020-09-09T16:00:00+02:00
- 2020-09-09T17:00:00+02:00
- Network Anomaly Detection in Cars based on Time-Sensitive Ingress Control
Sep 09, 2020 from 04:00 PM to 05:00 PM (Europe/Berlin / UTC200)
https://haw-hamburg.zoom.us/j/94245097118
Connected cars need robust protection against network attacks. Network anomaly detection and prevention on board will be particularly fast and reliable when situated on the lowest possible layer. Blocking traffic on a low layer, however, causes severe harm if triggered erroneously by falsely positive alarms.
In this presentation, we introduce and evaluate a concept for detecting anomalous traffic using the ingress control of Time-Sensitive Networking (TSN). We build on the idea that TSN traffic descriptors for in-car network configurations are rigorous, and hence any observed violation should not be a false positive. e use Software-Defined Networking (SDN) to evaluate anomaly reports, to identify the generating flows, and to ban them from the network. We evaluate our concept by simulating a real-world zonal network topology of a future car. Our findings confirm that abnormally behaving individual flows can indeed be reliably segregated with zero false positives.