【摘要】：隨著物聯(lián)網(wǎng)信息產(chǎn)業(yè)的發(fā)展,各項(xiàng)關(guān)鍵技術(shù)的突破,基于多網(wǎng)融合的智能網(wǎng)聯(lián)汽車(chē)開(kāi)始進(jìn)入人們的生活,車(chē)與人,車(chē)與車(chē),車(chē)與移動(dòng)設(shè)備,車(chē)與基礎(chǔ)設(shè)施,通過(guò)云服務(wù)、大數(shù)據(jù)交換互聯(lián)在一起。物聯(lián)網(wǎng)技術(shù)極大的提高了人們的駕乘體驗(yàn),引發(fā)了生活方式的變革,是未來(lái)汽車(chē)的發(fā)展方向。目前隨著越來(lái)越多的電子控制設(shè)備應(yīng)用到汽車(chē)當(dāng)中,各個(gè)電子設(shè)備模塊在汽車(chē)運(yùn)行過(guò)程中需要相互配合,電子設(shè)備模塊之間交流被架構(gòu)成復(fù)雜的通信網(wǎng)絡(luò)。隨著車(chē)載網(wǎng)絡(luò)規(guī)模的增大、車(chē)用電子設(shè)備數(shù)量增多,汽車(chē)上軟件運(yùn)行的種類(lèi)和數(shù)量也隨之加大,網(wǎng)絡(luò)信息安全問(wèn)題隨之而來(lái)。攻擊者可以經(jīng)由汽車(chē)內(nèi)外通信通路攻擊車(chē)載軟件的漏洞,向CAN總線(xiàn)下發(fā)異常報(bào)文,從而影響車(chē)輛的控制系統(tǒng)。這些潛在的隱患不再是盜取信息、錢(qián)財(cái)那么簡(jiǎn)單,而是實(shí)實(shí)在在地威脅到了我們的生命安全。通過(guò)異常檢測(cè)、安全防護(hù)等技術(shù),保護(hù)車(chē)載CAN總線(xiàn)信息安全具有十分重要的意義。本文針對(duì)目前智能網(wǎng)聯(lián)汽車(chē)中采用的車(chē)載CAN網(wǎng)絡(luò),對(duì)其存在的可重放、易篡改等安全問(wèn)題進(jìn)行深入的分析和解剖,分析車(chē)載CAN總線(xiàn)所存在的安全漏洞,設(shè)計(jì)了針對(duì)車(chē)載CAN總線(xiàn)的攻擊方法,闡述了如何逆向破解總線(xiàn)報(bào)文信息,以達(dá)到控制汽車(chē)的目的。之后在分析攻擊手段和總線(xiàn)報(bào)文結(jié)構(gòu)的基礎(chǔ)上,提出了針對(duì)車(chē)載CAN總線(xiàn)的異常檢測(cè)模型。主要取得的成果如下:1)在研究分析車(chē)載CAN網(wǎng)絡(luò)通信協(xié)議的基礎(chǔ)上,利用CAN網(wǎng)絡(luò)存在的安全漏洞設(shè)計(jì)有效的攻擊方法。利用逆向技術(shù)分析CAN報(bào)文數(shù)據(jù)包,破解車(chē)載報(bào)文指令信息,以達(dá)到控制汽車(chē)的目的。車(chē)載CAN網(wǎng)絡(luò)不同于傳統(tǒng)的計(jì)算機(jī)網(wǎng)絡(luò),其數(shù)據(jù)包沒(méi)有計(jì)算機(jī)網(wǎng)絡(luò)IP數(shù)據(jù)包那樣的源地址和目的地址。本文根據(jù)CAN報(bào)文數(shù)據(jù)包結(jié)構(gòu)的特點(diǎn),提出了異常檢測(cè)模型框架,分別從報(bào)文標(biāo)識(shí)位ID和報(bào)文數(shù)據(jù)位進(jìn)行異常檢測(cè),能夠較為全面的檢測(cè)針對(duì)車(chē)載CAN網(wǎng)絡(luò)的攻擊。2)針對(duì)CAN報(bào)文標(biāo)識(shí)位ID,提出了基于特征和信息熵的異常檢測(cè)系統(tǒng)。通過(guò)檢測(cè)CAN總線(xiàn)中不同報(bào)文ID的概率分布,計(jì)算車(chē)載CAN總線(xiàn)的信息熵,以正常CAN總線(xiàn)的信息熵值作為異常檢測(cè)閾值標(biāo)準(zhǔn)。同時(shí)將正�？偩�(xiàn)中的CAN ID列為白名單,識(shí)別總線(xiàn)中非正常出現(xiàn)CAN ID的特征。仿真實(shí)驗(yàn)結(jié)果顯示,基于信息熵和特征結(jié)合的異常檢測(cè)策略能有效的檢測(cè)洪泛攻擊、大量重放攻擊以及少數(shù)高優(yōu)先級(jí)報(bào)文攻擊。3)針對(duì)車(chē)載總線(xiàn)CAN報(bào)文數(shù)據(jù)位,提出了基于支持向量機(jī)的異常檢測(cè)系統(tǒng)。根據(jù)數(shù)據(jù)位的特點(diǎn),將車(chē)載總線(xiàn)報(bào)文數(shù)據(jù)位劃分為8個(gè)特征,結(jié)合支持向量機(jī)的檢測(cè)方法,將正常數(shù)據(jù)報(bào)文與異常數(shù)據(jù)報(bào)文區(qū)分開(kāi)來(lái)。仿真實(shí)驗(yàn)結(jié)果顯示,基于支持向量機(jī)的異常檢測(cè)系統(tǒng)對(duì)總線(xiàn)報(bào)文數(shù)據(jù)的篡改攻擊有很好的檢測(cè)效果。作為新興研究領(lǐng)域,本文在CAN總線(xiàn)漏洞挖掘、入侵攻擊、異常檢測(cè)、安全防護(hù)等方面做了一些初步探索,其成果為車(chē)載CAN總線(xiàn)安全防護(hù)的進(jìn)一步深入研究和應(yīng)用提供了重要的參考。
[Abstract]:With the development of the information industry of the Internet of Things and the breakthrough of various key technologies, the intelligent network vehicle based on multi-network convergence has begun to enter people's lives. Vehicles and people, vehicles and vehicles, vehicles and mobile devices, vehicles and infrastructure are interconnected through cloud services and large data exchange. At present, with more and more electronic control devices applied to automobiles, each electronic device module needs to cooperate with each other in the running process of automobiles, and the communication between electronic device modules is structured into a complex communication network. With the increase of the number of sub-devices, the types and numbers of software running on automobiles are increasing, and the problem of network information security follows. Attackers can attack the vulnerabilities of on-board software through communication channels inside and outside automobiles and send abnormal messages to CAN bus, thus affecting the control system of automobiles. Money is so simple, but it really threatens our lives. It is of great significance to protect the safety of CAN bus information by anomaly detection, security protection and other technologies. This paper analyzes and dissects the security vulnerabilities of vehicle-borne CAN bus, designs an attack method against vehicle-borne CAN bus, and expounds how to reverse-crack bus message information in order to achieve the purpose of controlling vehicle. After analyzing the attack means and bus message structure, an anomaly detection module for vehicle-borne CAN bus is proposed. The main achievements are as follows: 1) Based on the research and analysis of vehicle CAN network communication protocol, an effective attack method is designed by using the security vulnerabilities of CAN network. The CAN packet is analyzed by using the reverse technology, and the instructions of vehicle message are cracked to control the vehicle. The vehicle CAN network is different from the traditional calculation. According to the characteristics of CAN packet structure, this paper proposes an anomaly detection model framework, which detects anomaly from message ID and message data bits respectively. It can detect attacks on vehicle-borne CAN network comprehensively. 2) Aiming at CAN An anomaly detection system based on feature and information entropy is proposed. By detecting the probability distribution of different message IDs in CAN bus, the information entropy of vehicle CAN bus is calculated, and the information entropy of normal CAN bus is taken as the threshold of anomaly detection. The simulation results show that the anomaly detection strategy based on the combination of information entropy and feature can effectively detect flooding attacks, massive replay attacks and a few high priority message attacks.3) Aiming at the data bits of CAN messages on vehicle bus, an anomaly detection system based on support vector machine is proposed. The simulation results show that the anomaly detection system based on support vector machine has a good detection effect on the tamper attack of bus message data. As a new research field, this paper proposes a new method to detect the tamper attack of bus message data. This paper makes some preliminary explorations in the aspects of CAN bus vulnerability mining, intrusion attack, anomaly detection, security protection and so on. The results provide an important reference for further research and application of vehicle-borne CAN bus security protection.
【學(xué)位授予單位】：天津理工大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類(lèi)號(hào)】：U463.6;TP391.44;TN915.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 雒智奇;;地鐵列車(chē)總線(xiàn)通信控制網(wǎng)絡(luò)探討[J];科技與企業(yè);2012年10期

2 ;總線(xiàn)與總線(xiàn)結(jié)構(gòu)[J];電子科技文摘;2006年07期

3 陳佳桂;曾岳南;羅彬;;基于TMS320F2812 DSP的CAN總線(xiàn)通信系統(tǒng)設(shè)計(jì)[J];工業(yè)控制計(jì)算機(jī);2007年05期

4 徐紅舉;;總線(xiàn)通信錯(cuò)誤引發(fā)的故障[J];汽車(chē)維修與保養(yǎng);2008年02期

5 王津津;張培仁;崔軍輝;楊一敏;許波;;基于CAN總線(xiàn)通信系統(tǒng)實(shí)驗(yàn)的設(shè)計(jì)[J];自動(dòng)化與儀表;2008年05期

6 馬納吉;;實(shí)施CAN總線(xiàn)通信提高煤礦安全生產(chǎn)[J];煤炭技術(shù);2010年05期

7 趙瑞;楊維翰;仲兆準(zhǔn);;直流充電站系統(tǒng)CAN總線(xiàn)通信協(xié)議的制定與實(shí)現(xiàn)[J];電工電氣;2012年11期

8 張雪松;胡天友;劉倩;王海;;CAN總線(xiàn)通信在組合式三相光伏逆變器中的應(yīng)用[J];實(shí)驗(yàn)室研究與探索;2013年06期

9 張華良;;CAN總線(xiàn)通信系統(tǒng)設(shè)計(jì)應(yīng)用[J];福建電腦;2013年06期

10 龍衛(wèi)紅;;總線(xiàn)通信系統(tǒng)的開(kāi)發(fā)支持工具[J];工業(yè)控制計(jì)算機(jī);1991年05期

相關(guān)會(huì)議論文 前10條

1 張雪林;孔峰;;基于TMS320F2812的CAN總線(xiàn)通信研究[A];中南六�。▍^(qū)）自動(dòng)化學(xué)會(huì)第24屆學(xué)術(shù)年會(huì)會(huì)議論文集[C];2006年

2 徐芳萍;;基于C8051F040的CAN總線(xiàn)通信系統(tǒng)[A];河南省通信學(xué)會(huì)2005年學(xué)術(shù)年會(huì)論文集[C];2005年

3 金浩;韓江洪;史久根;;基于LPC2119的CAN總線(xiàn)通信系統(tǒng)研究[A];2005年“數(shù)字安徽”博士科技論壇論文集[C];2005年

4 廖磊;余立建;;競(jìng)爭(zhēng)式總線(xiàn)通信的實(shí)現(xiàn)[A];四川省通信學(xué)會(huì)2000年學(xué)術(shù)年會(huì)論文集[C];2000年

5 龔靜康;麻曉永;;1553B總線(xiàn)模塊設(shè)計(jì)與實(shí)現(xiàn)[A];中國(guó)聲學(xué)學(xué)會(huì)水聲學(xué)分會(huì)2011年全國(guó)水聲學(xué)學(xué)術(shù)會(huì)議論文集[C];2011年

6 李治中;張s，

本文編號(hào)：2234861