Presented at the SERENE-RISC Workshop, 2017 October.
Detecting anomalies on the automotive control bus with machine learning. Cars are vulnerable to hacking. While automotive cyber attacks are not yet a widespread threat, learning how to detect them will be an important part of future countermeasures. Attacks must be crafted for specific models, so attack detectors must also be specifically designed for every new car. Machine learning can simplify this design, by learning the normal behaviour of a car and detecting anomalies that could correspond to cyber attacks. However, predicting performance for these detectors is a difficult problem. By analyzing published attacks, a simulation model can generate enough attack signatures to give confidence in evaluating attack detection performance. This presentation gives an overview of the car hacking threat, how anomaly detection can counter that threat, and how to evaluate the performance of those detectors using attack simulation.
About the speaker
Adrian Taylor is a scientist at Defence Research and Development (DRDC) Canada. In his 17 years at DRDC, he has worked in electronic warfare, wargaming modelling and simulation, and most recently cyber defence, where his focus has been divided between enterprise cyber analytics and platform security and resilience.
Adrian received his BASc. from Queen’s University (2000) in Math and Engineering, and his MASc. from Carleton University (2005) and PhD from the University of Ottawa (2017) in electrical engineering.
Running Time 15 Minutes.