Method and system for reflectometry based communication network monitoring, intrusion detection, and message authentication
First Claim
1. A method of monitoring and detecting intrusions on an communications network, comprising:
- monitoring, with a reflectometer, a plurality of communication channels on the communication network, the communication channels each transmitting a plurality of signals between an electronic control module and a remote electronic control module;
extracting a reflectometry feature set from each of the plurality of signals transmitted over each of the communication channels;
comparing the extracted reflectometry feature sets to a repository of predetermined communication network feature sets to generate a mismatch value;
determining that an authenticated event has occurred when the mismatch value is within a predetermined threshold range and continuing to monitor the plurality of communication channels;
determining that a flagged event has occurred when the mismatch value is outside the predetermined threshold range; and
recording the flagged event in a memory module.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for monitoring and detecting intrusions and authenticating messages on a communication network of a vehicle. A plurality of signals transmitted over communications network between an electronic control module and a remote electronic module are monitored. Reflectometry feature sets are extracted from the plurality of signals and compared to a repository of predetermined communication network feature sets to generate a mismatch value. The mismatch value is compared to a predetermined threshold range and an authenticated event occurs when the mismatch value is within the predetermined threshold range. When the mismatch value is outside the predetermined threshold range, a flagged event occurs and is recorded.
-
Citations
20 Claims
-
1. A method of monitoring and detecting intrusions on an communications network, comprising:
-
monitoring, with a reflectometer, a plurality of communication channels on the communication network, the communication channels each transmitting a plurality of signals between an electronic control module and a remote electronic control module; extracting a reflectometry feature set from each of the plurality of signals transmitted over each of the communication channels; comparing the extracted reflectometry feature sets to a repository of predetermined communication network feature sets to generate a mismatch value; determining that an authenticated event has occurred when the mismatch value is within a predetermined threshold range and continuing to monitor the plurality of communication channels; determining that a flagged event has occurred when the mismatch value is outside the predetermined threshold range; and recording the flagged event in a memory module. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for monitoring and detecting intrusions on a communications network, comprising:
-
an electronic control module having a first processor module and a first memory module, the electronic control module configured to send and receive a plurality of signals on a plurality of communication channels of the communications network; a remote electronic control module configured to send and receive the plurality of signals from the electronic control module over the communication channels; a repository of predetermined communication network feature sets; and a reflectometer having a second processor module and a second memory module, the reflectometer configured to extract a reflectometry feature set from each of the plurality of signals transmitted over the communication channels and calculate a mismatch value corresponding to the difference between the reflectometry feature set and the corresponding communication network feature set, wherein an authenticated event occurs when the mismatch value is within a predetermined threshold range and a flagged event occurs when the mismatch value is outside the predetermined threshold range, the flagged event recorded in at least one of the first memory module and the second memory module. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A vehicle, comprising:
-
a communications network; and a system for monitoring and detecting intrusions on the communications network, the system comprising; an electronic control module having a first processor module and a first memory module, the electronic control module configured to send and receive a plurality of signals on a plurality of communication channels of the communications network; a remote electronic control module configured to send and receive the plurality of signals from the electronic control module over the communication channels; a repository of predetermined communication network feature sets; and a reflectometer having a second processor module and a second memory module, the reflectometer configured to extract a reflectometry feature set from each of the plurality of signals transmitted over the communication channels and calculate a mismatch value corresponding to the difference between the reflectometry feature set and the corresponding communication network feature set, wherein an authenticated event occurs when the mismatch value is within a predetermined threshold range and a flagged event occurs when the mismatch value is outside the predetermined threshold range, the flagged event recorded in at least one of the first memory module and the second memory module. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification