基于样本熵的车载 CAN 网络入侵检测

The intelligent and unmanned development of automobiles has increased the dependence on the automobile bus network，such as the real-time power control of the automobile，the automobile steering control，etc.，which require the automobile CAN network as the carrier of information transmission. However，unlike the industrial Internet，which has sound mechanism of information identification and identity authentication，the on-board CAN network lacks sufficient security protection measures and is easy to be invaded by criminals. Therefore，in order to enhance the secure communication capability of the vehicle CAN network，an intrusion detection system based on sample entropy is proposed in this paper. Specifically，the sample entropy test set is constructed by sampling the bus data of the car in real time，and the sample entropy value is counted by using the sample entropy calculation method，the sudden change of which is observed to determine whether there is an attack at this moment. In addition，this paper uses the actual automotive ECU to conduct a hardware-in-the-loop test to verify the detection capabilities of the proposed method for DOS attacks，fuzzy attacks，and bus-off attacks. The test results show that DOS attack，fuzzy attack，and bus-off attack will make the stable sample entropy value appear non-conductive point，which can be used as an abnormal sign of communication data to determine the intrusion behavior of CAN network. In addition，the online detection of embedded devices also verifies the real-time execution ability of this method on actual ECUs.