A method and system for intrusion detection and defense based on doip protocol

A technology of intrusion detection and protocol, which is applied in the field of vehicle security, can solve problems such as inability to meet the security requirements of vehicle network communication, and achieve the effects of improving security legality, reducing transmission frequency, and high detection efficiency

Active Publication Date: 2022-03-15
ZHENGZHOU XINDA JIEAN INFORMATION TECH
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the problem that the existing IDPS scheme cannot meet the communication security requirements of the DoIP protocol in the vehicle network, the present invention provides an intrusion detection and defense method and system based on the DoIP protocol, which can add the IDPS function to the DoIP protocol to realize the detection of illegal DoIP packets. Identify, detect and block to protect vehicles from various attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for intrusion detection and defense based on doip protocol
  • A method and system for intrusion detection and defense based on doip protocol
  • A method and system for intrusion detection and defense based on doip protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0060] Such as figure 1 As shown, the embodiment of the present invention proposes an intrusion detection and defense method based on the DoIP protocol, and the intrusion detection and defense method includes:

[0061] S101: setting the DoIP protocol module in the external test equipment, and setting the DoIP protocol module and the DoIP intrusion detection module in the DoIP entity in the vehicle;

[0062] S102: Set the DoIP message format, DoIP message scene and DoIP message interval detection strategy in the DoIP entity in the vehicle;

[0063] Specifically, the detection strategy of the DoIP packet format includes: a packet header format detection strategy, and a packet type, packet length, and packet transport layer protocol detection strategy;

[0064] The packet header format detection strategy is the detection strategy of the legal value domain of the packet header parameter, and the packet header parameter includes protocol version information, protocol version bitwi...

Embodiment 2

[0083] On the basis of the above-mentioned embodiment 1, in the embodiment of the present invention, the method further includes: the in-vehicle DoIP entity detects the packet header format, the packet type, and the In the process of the message length, after detecting and learning that the DoIP message is an illegal message, notify its DoIP protocol module to send a negative response, and the DoIP intrusion detection module records the error log of the DoIP message and finishes exiting; In the process of detecting the message transport layer protocol, the working scene of the message and the message interval through its DoIP intrusion detection module, the internal DoIP entity detects that the DoIP message is an illegal message, and intrudes through the DoIP The detection module records the error log of the DoIP message and exits.

[0084] The DoIP entity in the vehicle also includes before detecting the packet header format by its DoIP intrusion detection module: the DoIP en...

Embodiment 3

[0095] On the basis of the above-mentioned embodiment 1 or embodiment 2, in the embodiment of the present invention, the DoIP intrusion detection module is also set in the external test equipment; DoIP message format, DoIP message scene and DoIP message are set in the external test equipment The detection strategy of the message interval; when the external test equipment receives the diagnostic communication response of the DoIP entity in the vehicle, the external test equipment performs the DoIP message format, DoIP message scene and DoIP message sequentially according to the detection strategy. Text gap detection.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intrusion detection and defense method and system based on the DoIP protocol. The method includes setting the DoIP protocol module in the external test equipment, setting the DoIP protocol module and the DoIP intrusion detection module in the DoIP entity in the car; setting the DoIP message format, the DoIP message scene and the DoIP report in the DoIP entity in the car. A detection strategy for text intervals; when the external test equipment performs diagnostic communication on the DoIP entity in the vehicle, the DoIP entity in the vehicle performs DoIP message format, DoIP message scene and DoIP message sequentially according to the detection strategy interval detection. The present invention can first detect the DoIP message through the DoIP intrusion detection module, and identify the message header format, message type, message length, message request interval, message transport layer protocol type, and message request in different working scenarios Anomalies such as response intervals are used to filter abnormal illegal packets and improve the security and legitimacy of DoIP packets.

Description

technical field [0001] The invention relates to the technical field of vehicle safety, in particular to an intrusion detection and defense method and system based on the DoIP protocol. Background technique [0002] With the development of the mobile Internet and the improvement of the performance of embedded processors, intelligent connected vehicles have become a research hotspot and a new driving force for industrial growth in the fields of global automobiles and the Internet. At present, functions such as remote upgrade (Over The Air, OTA), remote diagnosis (On Board Diagnostics, OBD / Unified Diagnostic Services, UDS), ADAS (Advanced Driving Assistance System), V2X (Vehicle to everything), and automatic driving have begun to be gradually realized. , the application prospects of communication protocols based on vehicle Ethernet are becoming more and more broad, especially the DoIP (Diagnostic communication over Internet Protocol) protocol is more and more widely used, and t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1441
Inventor 王建伟李华领庞旭东吉喆袁朝阳李鑫
Owner ZHENGZHOU XINDA JIEAN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap