Efficient Intrusion Detection in CAN Bus Networks

Electric Vehicles (EVs) rely on electric motors powered by complex battery systems to ensure efficient propulsion. A critical element in their performance is the Controller Area Network (CAN) protocol, widely adopted in the automotive industry for seamless communication among vehicle components, including Electronic Control Units (ECUs). Originally designed with minimal security considerations, the CAN protocol exposes modern connected vehicles to various cyber threats. Attacks such as Denial of Service (DoS), Fuzzy, and Impersonation pose significant risks to vehicle safety and operational integrity, highlighting the urgent need for robust Intrusion Detection Systems (IDS) tailored to CAN networks. In this study, an advanced hybrid detection model, named RL-RF Guard, is proposed, integrating Recurrent Neural Networks (RNNs), Long Short-Term Memory (LSTM) units, and Random Forest (RF) classifiers to enhance intrusion detection in EV CAN systems. The approach begins with an RNN extracting initial features from CAN traffic, which are further refined by the LSTM network to capture temporal attack patterns. Finally, a Random Forest classifier leverages these deep features to achieve more precise classification between normal and malicious CAN messages. Evaluation on a comprehensive dataset reveals that the RL-RF Guard model attains an accuracy of 98%, significantly enhancing detection capability compared to prior models. This research presents a novel and effective strategy for vehicular network security, combining the temporal learning strengths of RNN and LSTM with the robust classification capabilities of RF The findings underscore the potential of such hybrid architectures to form the backbone of next-generation IDS solutions, ensuring the resilience and trustworthiness of connected vehicles against evolving cyber threats.