Method for detecting fraudulent frame sent over an in-vehicle network system
First Claim
1. A fraud detection method for use in an in-vehicle network system using Controller Area Network (CAN) protocol, the fraud detection method comprising:
- receiving at least one data frame sent to a bus;
verifying a specific identifier in the received data frame only when the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state;
detecting the received data frame as an authenticated data frame when the verifying is successful; and
detecting the received data frame as a fraudulent data frame when the verifying fails,wherein the predetermined state of the vehicle is the vehicle traveling.
1 Assignment
0 Petitions
Accused Products
Abstract
A fraud detection method for use in an in-vehicle network system including a plurality of electronic control units that communicate with one another via a bus in accordance with Controller Area Network (CAN) protocol is provided. The method includes receiving at least one data frame sent to the bus, verifying a specific identifier in the received data frame only if the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state, detecting the received data frame as an authenticated data frame if the verification is successful, and detecting the received data frame as a fraudulent data frame if the verification fails.
11 Citations
17 Claims
-
1. A fraud detection method for use in an in-vehicle network system using Controller Area Network (CAN) protocol, the fraud detection method comprising:
-
receiving at least one data frame sent to a bus; verifying a specific identifier in the received data frame only when the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state; detecting the received data frame as an authenticated data frame when the verifying is successful; and detecting the received data frame as a fraudulent data frame when the verifying fails, wherein the predetermined state of the vehicle is the vehicle traveling. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for use in an in-vehicle network system using Controller Area Network (CAN) protocol, the method comprising:
-
providing a specific identifier in a data frame only when a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state and the data frame, that does not follow a predetermined rule regarding a transmission period, is to be sent; and sending, to a bus, the data frame that includes the provided specific identifier and that does not follow the predetermined rule, wherein the predetermined state of the vehicle is the vehicle traveling. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An in-vehicle network system using Controller Area Network (CAN) protocol, the in-vehicle network system comprising:
-
a first electronic controller including one or more memories and circuitry which, in operation, provides a specific identifier in at least one data frame only when a state of a vehicle having the in-vehicle network system mounted therein is a predetermined state and the data frame, that does not follow a predetermined rule regarding a transmission period, is to be sent, and sends, to a bus, the data frame that includes the provided specific identifier and that does not follow the predetermined rule; and a second electronic controller including one or more memories and circuitry which, in operation, receives the data frame sent to the bus and verifies the specific identifier in the received data frame only when the received data frame does not follow the predetermined rule and the state of the vehicle having the in-vehicle network system mounted therein is the predetermined state, wherein when the verification is successful, the second electronic controller detects the received data frame as being an authorized data frame, wherein when the verification fails, the second electronic controller detects the received data frame as being a fraudulent data frame, and wherein the predetermined state of the vehicle is the vehicle traveling.
-
-
16. An electronic controller using Controller Area Network (CAN) protocol, the electronic controller comprising:
-
one or more memories; and circuitry which, in operation; provides a specific identifier in at least one data frame only when a state of a vehicle having an in-vehicle network system mounted therein is a predetermined state and the data frame, that does not follow a predetermined rule regarding a transmission period, is to be sent; and sends, to a bus, the data frame that includes the provided specific identifier and that does not follow the predetermined rule, wherein the predetermined state of the vehicle is the vehicle traveling.
-
-
17. An electronic controller using Controller Area Network (CAN) protocol, the electronic controller comprising:
-
one or more memories; and circuitry which, in operation; receives at least one data frame sent to a bus; and verifies a specific identifier in the received data frame only when the received data frame does not follow a predetermined rule regarding a transmission period and a state of a vehicle having an in-vehicle network system mounted therein is a predetermined state, wherein when the verification is successful, the electronic controller detects the received data frame as being an authorized data frame, wherein when the verification fails, the electronic controller detects the received data frame as being a fraudulent data frame, and wherein the predetermined state of the vehicle is the vehicle traveling.
-
Specification