 |
English
|
正體中文
|
简体中文
|
全文筆數/總筆數 : 83776/83776 (100%)
造訪人次 : 59280120
線上人數 : 902
|
|
|
資料載入中.....
|
請使用永久網址來引用或連結此文件:
https://ir.lib.ncu.edu.tw/handle/987654321/98240
|
| 題名: | Scarlet : 一種偵測系統,偵測惡意碰撞行為於 CAN 總線上;Scarlet:A System for Detection of Malicious Collisions on the CAN Bus |
| 作者: | 王郁翔;Wang, Yu-Shiang |
| 貢獻者: | 資訊工程學系 |
| 關鍵詞: | 車載網路(控制區域網路);入侵偵測;CAN;Bus-off;IDS |
| 日期: | 2025-07-15 |
| 上傳時間: | 2025-10-17 12:31:54 (UTC+8) |
| 出版者: | 國立中央大學 |
| 摘要: | 隨著智慧車輛技術的快速發展與車載系統的高度連網,車輛的安全面臨日益嚴峻的威脅。其中,Controller Area Network(CAN)作為車輛內部最為核心的通訊協定之一,雖具備高效率與實時性,但卻缺乏必要的認證與授權機制,使其容易受到惡意攻擊的影響[1]。特別是 Bus-Off 攻擊[2][3]這類阻斷式攻擊,透過設計精密的錯誤碰撞,可導致任意ECU永久斷線,進而使關鍵車輛功能失效,造成極大風險[4]。
本研究提出一套針對CAN惡意碰撞行為的偵測系統,命名為 Scarlet。Scarlet系統設計基於訊號物理層特徵的分析,透過觀察訊號特徵進行碰撞偵測,再由輕量級分類模型進行決策判斷。
本研究在實體測試平台下驗證Scarlet系統的效能,系統能於 CAN資料幀中準確辨識出被碰撞的訊框,實驗結果證明其具備良好的準確率。此外Scarlet 無需修改CAN協定或增加額外硬體,即可佈署於現有嵌入式設備,具備低成本、高擴充性與實用價值。雖然本系統目前尚無法針對如假冒(spoofing)和重播(replay)等進階攻擊進行防禦,但可作為車載網路安全架構中針對碰撞攻擊的第一道防線,未來亦可整合進更全面的多層式入侵偵測系統中,提升整體車載資安的防護能力。
;With the rapid development of intelligent vehicle technologies and the increasing connectivity of in-vehicle systems, automotive cybersecurity is facing growing and complex threats. The Controller Area Network (CAN), as one of the most fundamental communication protocols in modern vehicles, provides high efficiency and real-time performance but lacks built-in authentication and access control mechanisms, leaving it vulnerable to malicious interference. Among these threats, bus-off attacks, a type of denial-of-service (DoS) attack, can deliberately induce bit-level collisions to disconnect any target ECU, potentially disabling critical vehicle functions and posing serious safety risks.
This study proposes Scarlet, a lightweight detection system specifically designed to identify malicious collisions on the CAN bus. Scarlet operates at the physical signal layer, extracting collision-related features from raw digital waveforms and applying a Naive Bayes classifier to determine abnormal behavior in real time.
The system is validated on a physical simulation platform, where it demonstrates strong performance in accurately detecting corrupted CAN frames caused by bit-level collisions. Experimental results show that Scarlet achieves high detection accuracy while maintaining minimal inference latency. Moreover, the system can be deployed on existing embedded platforms without requiring modifications to the CAN protocol or additional hardware, making it cost-effective, scalable, and suitable for real-world applications.
Although Scarlet does not currently defend against more sophisticated attacks such as spoofing or replay, it provides an effective first line of defense against physical-layer collision attacks. In the future, it can be integrated into a multi-layer intrusion detection framework to enhance the overall resilience of in-vehicle network security. |
| 顯示於類別: | [資訊工程研究所] 博碩士論文
|
文件中的檔案:
| 檔案 |
描述 |
大小 | 格式 | 瀏覽次數 |
|---|
| index.html | | 0Kb | HTML | 12 | 檢視/開啟 |
|
在NCUIR中所有的資料項目都受到原著作權保護.
|
::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
