Decision Tree-Based Rule Derivation for Intrusion Detection in Safety-Critical Automotive Systems

AuthorBuschlinger, Lucas; Rieke, Roland; Sarda, Sanat; Krauß, Christoph
TypeConference Paper
AbstractIntrusion Detection Systems (IDSs) are being introduced into safety-critical systems such as connected vehicles. Since the behavior and effectiveness of measures are validated before approval, the decisions made by an IDS are required to be traceable and the IDS also needs to work efficiently on resource-constrained embedded systems. These requirements complicate the direct use of Machine Learning (ML) approaches in IDS design. In this paper, we propose an approach to using ML to generate rules for an efficient rule-based IDS like Snort. Our approach eases the time-consuming and difficult process of creating a rule set. We use decision trees to generate rules that can be used by experts as a basis for creating a rule set for a specific safety-critical use case. In addition, we use long short-term memory methods to circumvent the problem of limited training data availability, a common limitation in safety-critical systems. Our implementation and evaluation shows the feasibility of our approach to derive specific IDS rules for such systems.
ConferenceInternational Conference on Parallel, Distributed and Network-Based Processing 2022