GAN model using field fuzz mutation for in-vehicle CAN bus intrusion detection.

Controller area network (CAN) are widely used in smart vehicles to realize information interactions between electronic control units and other devices in vehicles. Owing to an increase in external communication interfaces, the cybersecurity of in-vehicle CAN bus networks is threatened. In-vehicle CAN intrusion detection systems with high detection rates and low false-negative rates have become important security protection measures for automotive networks. The boundary of the current machine learning-based in-vehicle CAN bus intrusion detection algorithm to determine the anomalous behavior triggered by CAN messages is unclear, and a validity check is required after the intrusion detection algorithm is designed. To solve the low coverage rate problem in the process of validating intrusion detection algorithms, an in-vehicle CAN fuzz-testing message generation model, the field-associative mutation generation adversarial network (FAMGAN), is proposed. To improve the defects of high randomness in generating messages in traditional fuzz-testing algorithms, FAMGAN adopts field division based on a conditional random field and the field association method based on the Apriori algorithm. Experiments were conducted on a real car using a code-built intrusion detection algorithm. The results demonstrate that FAMGAN can efficiently generate anomalous CAN messages and evaluate the performance of an in-vehicle CAN intrusion detection algorithm.