公开(公告)号：US09787677B2

公开(公告)日：2017-10-10

申请号：US14632467

申请日：2015-02-26

申请人： Hyundai Motor Company ,  Kia Motors Corporation ,  Industry-Academic Cooperation Foundation, Chosun University ,  SNU R&DB Foundation

发明人： Ho Jin Jung ,  Chung Hi Lee ,  Ho Yoo ,  Byoung Wook Lee ,  Hyun Soo Ahn ,  Ho Youn Kim ,  Young Sik Moon ,  Jun Young Woo ,  Young Sik Kim ,  Kang Seok Lee ,  Jong Seon No

IPC分类号： H04L29/06 ,  H04L29/08 ,  B60R16/023 ,  H04L9/32 ,  H04W80/02

CPC分类号： H04L63/0876 ,  H04L63/061 ,  H04L63/08 ,  H04L63/162 ,  H04W80/02

摘要： A method and apparatus for authenticating packets in a controller area network (CAN) are disclosed. The method includes transmitting messages using a mixture of message authentication codes (MACs) in a controller area network (CAN). In addition, a first MAC is generated using a first message and the first MAC is divided into a first MAC part and a second MAC part. A second MAC is generated using a second message and the second MAC is divided into a third MAC part and a fourth MAC part. A linear operation is performed between the second MAC part and the third MAC part to generate a first authentication MAC. The first message is transmitted with the first MAC part and the second message is transmitted with the first authentication MAC.

公开(公告)号：US09729535B2

公开(公告)日：2017-08-08

申请号：US14669301

申请日：2015-03-26

申请人： Hyundai Motor Company ,  Kia Motors Corporation ,  Industry-Academic Cooperation Foundation, Chosun University ,  SNU R&DB Foundation

发明人： Byoung Wook Lee ,  Chung Hi Lee ,  Ho Yoo ,  Ho Jin Jung ,  Hyun Soo Ahn ,  Ho Youn Kim ,  Young Sik Moon ,  Jun Young Woo ,  Young Sik Kim ,  Kang Seok Lee ,  Jong Seon No

IPC分类号： H04L9/32 ,  H04L29/06 ,  B60R16/023 ,  H04L29/08 ,  H04L12/40

CPC分类号： H04L63/08 ,  H04L63/123 ,  H04L63/162 ,  H04L67/12

摘要： A method of transmitting K messages using divided message authentication codes (MACs) in a controller area network (CAN) includes: generating a MAC using a first message and a specific MAC, performing a first operation with respect to j using j-th messages subsequent to the first message and a second MAC part of the generated MAC, performing a second operation with respect to j using a result of the performed first operation and a j-th subblock subsequent to a first MAC subblock among K MAC subblocks obtained by dividing a first MAC part of the generated MAC, transmitting the first message along with the first MAC subblock, and transmitting K-1 j-th messages in an order of j, each of the j-th messages being transmitted along with a j-th result of the performed second operation.

公开(公告)号：US20160099926A1

公开(公告)日：2016-04-07

申请号：US14669301

申请日：2015-03-26

申请人： Hyundai Motor Company ,  Kia Motors Corporation ,  Industry-Academic Cooperation Foundation Chosun University ,  SNU R&DB Foundation

发明人： Byoung Wook Lee ,  Chung Hi Lee ,  Ho Yoo ,  Ho Jin Jung ,  Hyun Soo Ahn ,  Ho Youn Kim ,  Young Sik Moon ,  Jun Young Woo ,  Young Sik Kim ,  Kang Seok Lee ,  Jong Seon No

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/08 ,  H04L63/123 ,  H04L63/162 ,  H04L67/12

摘要： A method of transmitting K messages using divided message authentication codes (MACs) in a controller area network (CAN) includes: generating a MAC using a first message and a specific MAC, performing a first operation with respect to j using j-th messages subsequent to the first message and a second MAC part of the generated MAC, performing a second operation with respect to j using a result of the performed first operation and a j-th subblock subsequent to a first MAC subblock among K MAC subblocks obtained by dividing a first MAC part of the generated MAC, transmitting the first message along with the first MAC subblock, and transmitting K-1 j-th messages in an order of j, each of the j-th messages being transmitted along with a j-th result of the performed second operation.

摘要翻译： 在控制器区域网络（CAN）中使用分割消息认证码（MAC）发送K个消息的方法包括：使用第一消息和特定MAC生成MAC，使用第j个消息执行关于j的第一操作 对所述第一消息和所生成的MAC的第二MAC部分，使用所执行的第一操作的结果执行关于j的第二操作，以及通过划分所获得的K个MAC子块中的第一MAC子块之后的第j个子块 生成的MAC的第一MAC部分，与第一MAC子块一起发送第一消息，并以j的顺序发送K-1个第j个消息，第j个消息中的每一个与第j个结果一起发送 的执行的第二操作。

公开(公告)号：US20160308887A1

公开(公告)日：2016-10-20

申请号：US14959740

申请日：2015-12-04

申请人： Hyundai Motor Company ,  Kia Motors Corporation ,  Industry-Academic Cooperation Foundation, Chosun University ,  SNU R&DB Foundation

发明人： Ho Jin Jung ,  Chung Hi Lee ,  Ho Yoo ,  Byoung Wook Lee ,  Hyun Soo Ahn ,  Ho Youn Kim ,  Young Sik Moon ,  Jun Young Woo ,  Young Sik Kim ,  Kang Seok Lee ,  Jong Seon No

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/1416 ,  G06F21/552 ,  H04L12/40006 ,  H04L63/1425 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

摘要： A method for detecting intrusion into an in-vehicle network using an intrusion detection system (IDS) of a vehicle includes: receiving messages of the in-vehicle network in a preset cycle, calculating a current count value per message of the received messages, receiving operation state information of the vehicle when the cycle starts, determining a normal count value per message corresponding to the operation state information, calculating a linearly approximated relative distance function per message using the current count value and the normal count value, and determining whether an intrusion state occurs by comparing the calculated linearly approximated relative distance function per message to a preset threshold value.

摘要翻译： 一种使用车辆入侵检测系统（IDS）检测入车入网的方法，包括：以预设的周期接收车内网络的消息，计算接收到的消息的每个消息的当前计数值，接收 确定每个消息对应于操作状态信息的正常计数值，使用当前计数值和正常计数值计算每个消息的线性近似相对距离函数，以及确定是否存在入侵 通过将计算出的每个消息的线性近似相对距离函数与预设阈值进行比较来发生状态。

公开(公告)号：US20160099939A1

公开(公告)日：2016-04-07

申请号：US14632467

申请日：2015-02-26

申请人： Hyundai Motor Company ,  Kia Motors Corporation ,  Industry-Academic Cooperation Foundation, Chosun University ,  SNU R&DB Foundation

发明人： Ho Jin Jung ,  Chung Hi Lee ,  Ho Yoo ,  Byoung Wook Lee ,  Hyun Soo Ahn ,  Ho Youn Kim ,  Young Sik Moon ,  Jun Young Woo ,  Young Sik Kim ,  Kang Seok Lee ,  Jong Seon No

IPC分类号： H04L29/06

CPC分类号： H04L63/0876 ,  H04L63/061 ,  H04L63/08 ,  H04L63/162 ,  H04W80/02

摘要： A method and apparatus for authenticating packets in a controller area network (CAN) are disclosed. The method includes transmitting messages using a mixture of message authentication codes (MACs) in a controller area network (CAN). In addition, a first MAC is generated using a first message and the first MAC is divided into a first MAC part and a second MAC part. A second MAC is generated using a second message and the second MAC is divided into a third MAC part and a fourth MAC part. A linear operation is performed between the second MAC part and the third MAC part to generate a first authentication MAC. The first message is transmitted with the first MAC part and the second message is transmitted with the first authentication MAC.

摘要翻译： 公开了一种用于在控制器区域网络（CAN）中认证分组的方法和装置。 该方法包括使用控制器区域网络（CAN）中的消息认证码（MAC）的混合来发送消息。 此外，使用第一消息生成第一MAC，并且将第一MAC划分为第一MAC部分和第二MAC部分。 使用第二消息生成第二MAC，并且将第二MAC划分为第三MAC部分和第四MAC部分。 在第二MAC部分和第三MAC部分之间执行线性操作以产生第一认证MAC。 第一个消息与第一个MAC部分一起发送，第二个消息与第一个认证MAC一起发送。

公开(公告)号：US09231967B2

公开(公告)日：2016-01-05

申请号：US13919940

申请日：2013-06-17

申请人： Hyundai Motor Company ,  SNU R&DB FOUNDATION ,  Industry-Academic Cooperation Foundation, Chosun University

发明人： Hyun Soo Ahn ,  Chung Hi Lee ,  Byoung Wook Lee ,  Hyun Cheol Bae ,  Jong Seon No ,  Ji Youp Kim ,  Jun Young Woo ,  Chang Min Cho ,  Young Sik Kim ,  Young Sik Moon

IPC分类号： G06F11/00 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L63/1425 ,  H04L67/12

摘要： An apparatus for detecting an in-vehicle network attack, is configured to cumulatively count packets for each device that has a respective ID and is connected to an in-vehicle network bus. The apparatus is configured to cumulate a check value every time the packets are cumulatively counted to calculate a cumulated value, and determine that an attack is conducted when an average cumulated value obtained by dividing the cumulated value by a cumulative counted value does not exceed a first threshold value.

摘要翻译： 一种用于检测车载网络攻击的装置被配置为对具有相应ID并且连接到车载网络总线的每个设备累积计数分组。 该装置被配置为在每次分组被累积计数时累积校验值以计算累积值，并且当通过将累积值除以累积计数值获得的平均累积值不超过第一个时，确定进行攻击 阈值。