Rec-CNN: In-vehicle networks intrusion detection using convolutional neural networks trained on recurrence plots

A controller area network (CAN) is a communication protocol for in-vehicle networks. Communication between electronic control units (ECUs) is facilitated by the CAN bus. This communication protocol provides no authentication or encryption to prevent the consequences of cyberattacks. As a security measure for this protocol, we have proposed an intrusion detection system (IDS) using a convolutional neural network (CNN). The CNN is trained on recurrence images generated from the encoded labels of CAN frame arbitration IDs, thus Rec-CNN. Using recurrence plots helps us capture the temporal dependency in the sequence of arbitration IDs unlike the state-of-art method, which does not capture this information. We have tested the proposed method on a publicly available dataset with denial of service (DoS), fuzzy, spoofing-gear, and spoofing-RPM attacks, resulting in an accuracy of 0.999. Furthermore, we have experimented with the method on our target vehicle. The proposed method can classify our simulated attacks with an accuracy of 0.999 in an attack frequency of 10 ms.