面向总线网络攻击的快速响应熵分析与入侵检测系统

To improve the response time and detection accuracy of traditional information intrusion detection system with information entropy in vehicle bus network, a new intrusion detection scheme with fast response was proposed based on overlapping sliding window optimization and Renyi entropy analysis. Firstly, based on the message dataset collected from bus network, the intrusion detection system was trained offline with simulated annealing optimization algorithm to obtain the optimal system configuration parameters. Then, based on the message ID sequence of bus network communication data, a Renyi entropy curve was constructed and analyzed in real time to monitor the abnormalities of the bus message data online. Finally, using real vehicle ECUs (electronic control units) and attack data sets, the hardware experiments were conducted to verify the effectiveness of the proposed scheme. The experimental results show that, compared with the traditional intrusion detection system based on Shannon entropy, the proposed scheme can effectively identify typical attack types to vehicle bus network and improve the detection accuracy of illegal intrusion, shortening the detection response time up to 52%.