Rasmussen, 2023 - Google Patents
Targeted Detection for Attacks on the MIL− STD− 1553 BusRasmussen, 2023
View PDF- Document ID
- 6684670573695400510
- Author
- Rasmussen K
- Publication year
- Publication venue
- IEEE Transactions on Aerospace and Electronic Systems
External Links
Snippet
Over the last decade we have observed a renewed focus on weapon systems security. Particularly the MIL-STD-1553 protocol, which was designed for military aircraft. In it, computers known as remote terminals (RTs) share information across a common serial data …
- 238000001514 detection method 0 title abstract description 57
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
- H04L12/40—Bus networks
- H04L12/40006—Architecture of a communication node
- H04L12/40013—Details regarding a bus controller
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2016185514A1 (en) | Attack detection device | |
| Ueda et al. | Security authentication system for in-vehicle network | |
| CN112347022B (en) | Security module for CAN nodes | |
| EP3772841B1 (en) | A security module for a can node | |
| JPH03190446A (en) | Safety repeater | |
| Longari et al. | Copycan: An error-handling protocol based intrusion detection system for controller area network | |
| US12052371B2 (en) | Method for monitoring a network | |
| Wang et al. | A delay based plug-in-monitor for intrusion detection in controller area network | |
| Olufowobi et al. | Controller area network intrusion prevention system leveraging fault recovery | |
| WO2021234499A1 (en) | System and method for detection and prevention of cyber attacks at in-vehicle networks | |
| JP2014236248A (en) | Electronic control device and electronic control system | |
| CN113226858A (en) | Information processing apparatus | |
| Lee et al. | TTIDS: Transmission-resuming time-based intrusion detection system for controller area network (CAN) | |
| Kwon et al. | Mitigation mechanism against in-vehicle network intrusion by reconfiguring ECU and disabling attack packet | |
| Campo et al. | Real-time network defense of SAE J1939 address claim attacks | |
| Lee et al. | CAN Signal Extinction‐based DoS Attack on In‐Vehicle Network | |
| US11528284B2 (en) | Method for detecting an attack on a control device of a vehicle | |
| US20220321576A1 (en) | Apparatus for electronic control of vehicle, apparatus for gateway and vehicle including the same | |
| CN114760085A (en) | System and method for detecting malicious CAN controller behavior from hostile clock control | |
| Rasmussen | Targeted Detection for Attacks on the MIL− STD− 1553 Bus | |
| Rogers et al. | Targeted Detection for Attacks on the MIL-STD-1553 Bus | |
| US20240202330A1 (en) | Secure mil-std-1553 data bus | |
| CN108206826A (en) | A kind of lightweight intrusion detection method towards Integrated Electronic System | |
| Longari et al. | CANter: data-link layer detection of drop-and-spoof attacks on CAN and CAN FD | |
| CN102404161B (en) | Method and universal serial bus (USB) equipment for detecting secret leakage |