Philipp Meyer: Systematic Assessment of Anomaly Detectors
- http://www.inet.haw-hamburg.de/events/inet-seminar/philipp-meyer-systematic-assessment-of-anomaly-detectors
- Philipp Meyer: Systematic Assessment of Anomaly Detectors
- 2024-05-14T11:30:00+02:00
- 2024-05-14T12:30:00+02:00
- A Framework for the Systematic Assessment of Anomaly Detectors in Time-Sensitive Automotive Networks
- When May 14, 2024 from 11:30 AM to 12:30 PM (Europe/Berlin / UTC200)
- Where R 460
- Contact Name Thomas Schmidt
-
Add event to calendar
iCal
Connected cars are susceptible to cyberattacks. Security and safety of future vehicles highly depend on a holistic protection of automotive core components, of which the time sensitive backbone network takes a central role. These onboard TSN require monitoring for safety and -- as versatile platforms to host NADS -- for security. Still a thorough evaluation of anomaly detection methods in the context of hard real-time operations, automotive protocol stacks, and domain specific attack vectors are missing along with appropriate input datasets.
In this paper, we present an assessment framework that allows for reproducible, comparable, and rapid evaluation of detection algorithms. It is based on a simulation toolchain, which contributes configurable topologies, traffic streams, anomalies, attacks, and detection metrics. We demonstrate the monitoring of a comprehensive in-vehicular network with its communication flows, on which we model traffic anomalies. We evaluate detection mechanisms in a case study and reveal how the detection performance is influenced by different combinations of TSN traffic flows and anomaly types. Our approach translates to other hard real-time Ethernet domains, such as industrial facilities, airplanes, and UAVs.