학술논문
Closing the Security Gaps in SOME/IP Through Implementation of a Host-Based Intrusion Detection System
Document Type
Conference
Author
Source
2022 25th International Symposium on Wireless Personal Multimedia Communications (WPMC) Wireless Personal Multimedia Communications (WPMC), 2022 25th International Symposium on. :436-441 Oct, 2022
Subject
Language
ISSN
1882-5621
Abstract
Scalable service-Oriented MiddlewarE over IP (SOME/IP) is a protocol that provides services over the IP stack, targeted at the automobile industry that strive to implement Ethernet in future vehicles as a replacement of Controller Area Network (CAN). However, switching to Ethernet and SOME/IP changes the entire protocol stack and therefore security needs to be reconsidered. With the assumption that a malicious user has access to the in-vehicle network, four different attacks are identified that can be performed on SOME/IP. Knowing how the network and traffic shall behave in the vehicle, a set of features are used as the basis for an Intrusion Detection System (IDS). These attacks along with the respective defences are implemented and tested on a SOME/IP network. The results from the testbed have demonstrated that the proposed attacks can be performed and therefore, additional security outside the SOME/IP protocol is needed. A host-based IDS is proposed, where the detection is based on arrival time, payload values and packet contradictions. Furthermore, suggestions on how to move towards prevention are given. The purpose of this research is to improve overall SOME/IP security for in-vehicle networks.