Real-Time Zero-Day Intrusion Detection System for Automotive Controller Area Network on FPGAs

TL;DR

This work addresses real-time zero-day intrusion detection in automotive CAN networks by introducing a quantised convolutional autoencoder (QCAE) trained solely on benign CAN messages. Implemented on an FPGA-based ECU, accelerated by a DPU via Vitis-AI, the system detects unseen DoS, fuzzing, and spoofing attacks with a 99.6% F1 score and processes 100-CAN-message windows in 0.43 ms, while consuming about 2 mJ per inference. The tightly integrated hardware-software design achieves near-line-rate detection with significant energy and latency advantages over CPU/GPU baselines, demonstrating strong suitability for critical CAN networks. The approach lays groundwork for robust zero-day detection on emerging vehicular networks and points to future enhancements such as including payload features and extending to Automotive Ethernet.

Abstract

Increasing automation in vehicles enabled by increased connectivity to the outside world has exposed vulnerabilities in previously siloed automotive networks like controller area networks (CAN). Attributes of CAN such as broadcast-based communication among electronic control units (ECUs) that lowered deployment costs are now being exploited to carry out active injection attacks like denial of service (DoS), fuzzing, and spoofing attacks. Research literature has proposed multiple supervised machine learning models deployed as Intrusion detection systems (IDSs) to detect such malicious activity; however, these are largely limited to identifying previously known attack vectors. With the ever-increasing complexity of active injection attacks, detecting zero-day (novel) attacks in these networks in real-time (to prevent propagation) becomes a problem of particular interest. This paper presents an unsupervised-learning-based convolutional autoencoder architecture for detecting zero-day attacks, which is trained only on benign (attack-free) CAN messages. We quantise the model using Vitis-AI tools from AMD/Xilinx targeting a resource-constrained Zynq Ultrascale platform as our IDS-ECU system for integration. The proposed model successfully achieves equal or higher classification accuracy (> 99.5%) on unseen DoS, fuzzing, and spoofing attacks from a publicly available attack dataset when compared to the state-of-the-art unsupervised learning-based IDSs. Additionally, by cleverly overlapping IDS operation on a window of CAN messages with the reception, the model is able to meet line-rate detection (0.43 ms per window) of high-speed CAN, which when coupled with the low energy consumption per inference, makes this architecture ideally suited for detecting zero-day attacks on critical CAN networks.

Figures (6)

• Figure 1: An illustration of an zero-day attack launched through a compromised ECU left undetected by an IDS. Top figure shows a supervised learning (SL) based IDS flagging the known DoS attack on CAN bus, while in bottom figure, the IDS is unable to flag the attack on the CAN bus as the compromised ECU uses zero-day attack techniques.
• Figure 2: Frame format of an extended frame CAN message. In the case of a standard CAN message, the ID field contains the 11-bit identifier.
• Figure 3: The proposed convolutional autoencoder model as a zero-day attack detection IDS.
• Figure 4: Hamming distances of the reconstructed messages on the benign (attack-free) dataset. 1000 blocks of CAN messages were used in testing for this dataset.
• Figure 5: Hamming distances of the reconstructed messages on the DoS, fuzzing and spoofing attack datasets. 2000 blocks of CAN messages were used in testing for each attack dataset.