An Anomaly Detection Method based on Multiple LSTM-Autoencoder Models for In-vehicle Network

preprint OA: closed CC-BY-4.0
🔓 Open OA copy View at publisher

Abstract

The CAN protocol is widely adopted for in-vehicle networks due to its cost efficiency and reliable transmission. However, despite its popularity, the protocol lacks built-in security mechanisms, making it vulnerable to various attacks such as flooding, fuzzing, and DoS. These attacks can exploit vulnerabilities and disrupt the normal behavior of the in-vehicle network. One of the main reasons for these security concerns is that the protocol relies on broadcast frames for communication between ECUs within the network. To tackle this issue, this paper presents an intrusion detection system that leverages multiple LSTM-Autoencoders. The proposed system utilizes diverse features, including transmission interval and payload value changes, to capture various characteristics of normal network behavior. By analyzing different types of features separately using the LSTM-Autoencoder model, the system effectively detects anomalies. In our evaluation, we conducted experiments using real vehicle network traffic, and the results demonstrated the system's high precision with a 99% detection rate in identifying anomalies.

My notes (saved in your browser only)

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. The paper's references may be in our DB but unresolved to ``paper_id`` (resolution happens at ingest when the cited DOI matches a row we already have). Run the cross-source citation reconcile pass to retry.

Source provenance

europepmc
last seen: 2026-05-19T01:45:01.086888+00:00
unpaywall
last seen: 2026-05-20T11:00:21.680559+00:00
License: CC-BY-4.0