The amount of data generated, processed, and stored by the modern vehicle is increasing and this is creating the potential to detect abnormal and potentially dangerous situations occurring. The purpose of this thesis is to portray a lack of information in the area of intrusion detection using automotive data and to lay the foundations of research in intrusion detection using unsupervised machine learning. As vehicles continue to become more connected, there is an increased possibility of them being exploitable through a successful cyberattack. An example of a hacked Jeep Cherokee (Miller, Valasek, (2011)) and a remote exploitation strategy using multiple attack vectors (Checkoway et al, (2011)) was the prime exhibition of a situation where the vehicle can be remotely compromised. These examples demonstrate the potential to exploit aspects of the vehicle’s communication and control systems, resulting in expected behavior. This thesis is focused on detecting attacks targeting a vehicle by identifying abnormal vehicle behavior, exhibited through control data. To achieve this, synthetic vehicle data containing detectable abnormalities is generated and used for analysis and detection to help detect cyberattacks. Unsupervised machine learning techniques are used as a way to detect abnormal entries in-vehicle data. the synthetic data is generated based on datasets comparable with those generated during normal vehicle operations, before being used to insert manually insert skewness to generate abnormalities, before using and evaluating various unsupervised learning algorithms.
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Download (1MB) | Preview
Downloads
Downloads per month over past year