CN110266717A - Information detecting method and device - Google Patents
Information detecting method and device Download PDFInfo
- Publication number
- CN110266717A CN110266717A CN201910594113.1A CN201910594113A CN110266717A CN 110266717 A CN110266717 A CN 110266717A CN 201910594113 A CN201910594113 A CN 201910594113A CN 110266717 A CN110266717 A CN 110266717A
- Authority
- CN
- China
- Prior art keywords
- message
- information
- vehicle
- detected
- control domain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40006—Architecture of a communication node
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40267—Bus for use in transportation systems
- H04L2012/40273—Bus for use in transportation systems the transportation system being a vehicle
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
Abstract
The present invention provides a kind of information detecting method and device.Wherein, information detecting method includes: to obtain information to be detected in vehicle;Information to be detected is compared with presetting message white list, determines whether information to be detected is unauthorized information;Wherein, presetting message white list is to be generated according to the CAN bus communication matrix of vehicle.Due to generating presetting message white list according to CAN bus communication matrix, the accuracy and integrality of presetting message white list are improved.Information to be detected is compared whether determining information is legal with presetting message white list, improves the accuracy of infomation detection.
Description
Technical field
The present invention relates to car networking field of information security technology more particularly to a kind of information detecting methods and device.
Background technique
With the development of Vehicular intelligent, automobile is no longer an isolated island, the disparate networks invasion that in-vehicle network faces
Risk is increasing.
Currently, attacker can be given pleasure to by onboard diagnostic system (On-Board Diagnostics, OBD), on-vehicle information
Music system (In-Vehicle Infotainment, IVI), car networking system (Telematics BOX, T-BOX), electronics of falling into enemy hands
The modes such as control unit (Electronic Control Unit, ECU) send unauthorized instruction, this kind of intrusion behavior to car
The failure that may cause automobile has very big life threat and property to threaten driver.
Therefore, how effectively to carry out detection to information security becomes urgent problem to be solved.
Summary of the invention
The present invention provides a kind of information detecting method and device, improves the accuracy of infomation detection.
In a first aspect, the present invention provides a kind of information detecting method, comprising:
Obtain information to be detected in vehicle;
The information to be detected is compared with presetting message white list, determine the information to be detected whether be
Unauthorized information;Wherein, the presetting message white list is to be generated according to the CAN bus communication matrix of the vehicle.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
Information to be detected in the acquisition vehicle, comprising:
First message is obtained by the gateway, the first message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine that the information to be detected is
No is unauthorized information, comprising:
The presetting message white list stored in the first message and the gateway is compared, determines described
Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle
The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear
Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
Information to be detected in the acquisition vehicle, comprising:
Second message is obtained by first control domain, the second message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine that the information to be detected is
No is unauthorized information, comprising:
The presetting message white list stored in the second message and first control domain is compared, is determined
Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle
Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain
The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net
Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first
The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom
Discus, automatic Pilot domain and diagnostic field.
Optionally, further includes:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm
Signal.
Second aspect, the present invention provide a kind of information detector, comprising:
Module is obtained, for obtaining information to be detected in vehicle;
Detection module determines described to be checked for the information to be detected to be compared with presetting message white list
Whether the information of survey is unauthorized information;Wherein, the presetting message white list is to communicate square according to the CAN bus of the vehicle
What battle array generated.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
The acquisition module is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines described
Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle
The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear
Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
The acquisition module is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, is determined
Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle
Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain
The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net
Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first
The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom
Discus, automatic Pilot domain and diagnostic field.
Optionally, further include logging modle, the logging modle is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm
Signal.
The third aspect, the present invention provide a kind of information detector, comprising: processor and memory;The memory is used
In store instruction;The processor, it is any to execute first aspect present invention for executing the instruction stored in the memory
The method that embodiment provides.
Fourth aspect, the present invention provide a kind of vehicle, comprising: vehicle body and any embodiment party of first aspect present invention
The information detector that formula provides.
5th aspect, the present invention provide a kind of storage medium, comprising: readable storage medium storing program for executing and computer program, the meter
The method that calculation machine program provides for realizing any embodiment of first aspect present invention.
6th aspect, the embodiment of the present application provide a kind of program product, which includes that computer program (executes
Instruction), which is stored in readable storage medium storing program for executing.At least one processor can be read from readable storage medium storing program for executing should
Computer program, at least one processor execute the computer program and equipment implementation first aspect present invention are arbitrarily implemented
The method that mode provides.
The present invention provides a kind of information detecting method and device, will be to be detected by obtaining information to be detected in vehicle
Information be compared with presetting message white list, determine whether information to be detected is unauthorized information.Due to presetting message
White list is to be generated according to the CAN bus communication matrix of vehicle, and the CAN bus communication matrix of vehicle is mark relevant to vehicle
Quasi- database file, therefore, the presetting message white list generated according to CAN bus communication matrix will be more accurate and more add
It is whole.Determine whether information to be detected is legal based on presetting message white list accurately and completely, improves the standard of infomation detection
True property.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with
It obtains other drawings based on these drawings.
Fig. 1 is the in-vehicle network schematic diagram that the embodiment of the present invention is applicable in;
Fig. 2 is the flow chart of information detecting method provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of information detector provided in an embodiment of the present invention;
Fig. 4 is another structural schematic diagram of information detector provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Specification of the invention, claims and term " first " in attached drawing, " second ", " third ", " the 4th " etc.
(if present) is to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that this
The data that sample uses are interchangeable under appropriate circumstances, so as to the embodiment of the present invention described herein, such as can in addition to
The sequence other than those of diagram or description is implemented herein.In addition, term " includes " and " having " and their any change
Shape, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, product
Or equipment those of is not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for these
The intrinsic other step or units of process, method, product or equipment.
Information detecting method provided by the invention can be applied to the detection of information in the vehicle intelligent system of vehicle, with
Determine whether information is legal.Illustratively, Fig. 1 is the in-vehicle network schematic diagram that the embodiment of the present invention is applicable in.As shown in Figure 1, vehicle
Interior network may include Web portal, gateway 100 and multiple control domains.Web portal, gateway 100 and each control domain can lead to
Cross the connection of controller local area network's (Controller Area Network, CAN) bus.Gateway 100 can be with by Web portal
Information is obtained from outside vehicle, the information is transmitted to control domain by CAN bus.Gateway 100 is also used for different controls
The cross-domain forwarding inside the vehicle of the information in domain.
Wherein, intruding detection system (Intrusion can be disposed in gateway 100 and/or at least one control domain
Detection Systems, IDS).For example, being deployed with IDS101 in gateway 100 in Fig. 1, power is deployed in domain
IDS201, chassis are deployed with IDS202 in domain.IDS to network, can be by software, hardware according to certain security strategy
The operation conditions of system is monitored, finds various attack attempts, attack or attack result, to guarantee network system resources
Confidentiality, integrity, and availability.Presetting message white list is can store in the IDS.The present invention is for presetting message
The storage form of white list is without limitation.For example, presetting message white list can store in one file.It is provided by the invention
Information detecting method, executing subject can be gateway 100 and/or processing module or processor in each control domain.
Optionally, Web portal can include but is not limited to OBD, IVI and T-BOX.
OBD is onboard diagnostic system, and real-time monitoring engine electric-controlled system and vehicle in vehicle operation may be implemented
The working conditions of other functional modules specific failure can be judged according to specific algorithm when there is work condition abnormality,
And it is stored on the memory in system in the form of diagnostic trouble code (Diagnostic Trouble Codes, DTC).System
The useful information obtained after system self diagnosis can provide help for the maintenance and maintenance of vehicle.Maintenance personal can be by vehicle
OBD interface read failure code, convenient for the repairing to vehicle, reduce and manually examine so as to quickly be positioned to failure
The disconnected time.With the various sensors of vehicle and the raising of electronic degree, OBD expands control range, can will be every
Monitoring function is all included in the compass of competency of oneself.Communication interface of the OBD interface as onboard diagnostic system can be transmitted more
Information.
IVI is vehicle-mounted information and entertainment system, is to be based on Vehicle Body Bus system and interconnection using vehicle-mounted dedicated central processing unit
The vehicle integrated information processing system that net service is formed.IVI may be implemented to include three-dimensional navigation, real-time road, Internet protocol electricity
Depending on (Internet Protocol Television, IPTV), auxiliary driving, fault detection, information of vehicles, Body Control, shifting
It moves office, wireless telecommunications, based on a series of applications such as online amusement function, is greatly improved Cartronic, networking
And intelligent level.
T-BOX is car networking system, may include four parts, including host, vehicle-mounted T-BOX, application program of mobile phone
(Application, APP) and background system.Host A PP is mainly used for interior audio-visual amusement, information of vehicles is shown.It is vehicle-mounted
T-BOX is mainly used for communicating with background system or cell phone application, realizes that the information of vehicles of cell phone application is shown and control.For example,
User can control door switch, whistle flashing light by cell phone application, open air-conditioning, starting engine, vehicle location, etc..
Optionally, control domain can include but is not limited to: power domain, vehicle body domain, chassis domain, is driven at Infotainment domain automatically
Sail domain and diagnostic field.For example, in fig. 1 it is shown that amusement domain, power domain and chassis domain.In each control domain, including it is multiple
Electronic control unit (Electronic Control Unit, ECU).
Power domain can be used for the communication transfer of vehicle driving and security information.
Infotainment domain can be used for the communication transfer of vehicle multimedia amusement and networking control information.
Vehicle body domain can be used for the communication transfer of automobile body information.
Chassis domain can be used for the communication transfer of vehicle chassis information.
Automatic Pilot domain can be used for the communication transfer of Vehicular automatic driving information.
Diagnostic field can be used for connecting diagnostic tool after sale or research and development debugging tool, realize the acquisition for whole vehicle information
And diagnosis.
It should be noted that the definition of each control domain and the function that may be implemented, it can be according to the difference of vehicle
Difference, this is not limited by the present invention.
Technical solution of the present invention is described in detail with specifically embodiment below.These specific implementations below
Example can be combined with each other, and the same or similar concept or process may be repeated no more in some embodiments.
Fig. 2 is the flow chart of information detecting method provided in an embodiment of the present invention.Infomation detection side provided in this embodiment
Method, executing subject can be information detector.According to the difference of application scenarios, information detector can be deployed in Fig. 1
Gateway and/or at least one control domain in.As shown in Fig. 2, information detecting method provided in this embodiment, may include:
S201, information to be detected in vehicle is obtained.
S202, information to be detected is compared with presetting message white list, determines whether information to be detected is not
Authorization message.Wherein, presetting message white list is to be generated according to the CAN bus communication matrix of vehicle.
Specifically, the deployed position of information detector is different, information to be detected can be different, the present embodiment to this not
It limits.Presetting message white list is previously stored in vehicle.The presetting message white list is logical according to the CAN bus of vehicle
Believe what matrix generated.CAN bus communication matrix is the database file of a standard, e.g. the file of the entitled DBC of suffix.Vehicle
There is corresponding CAN bus communication matrix, for describing each logical node information in CAN network.The present embodiment is total for CAN
The particular content that line communication matrix includes is without limitation.For example, may include: ECU ID, message class in CAN bus communication matrix
Type, message attributes, message transmission periods, message format, message length, message raw address, message destination address, etc..In general, vehicle
The quantity of middle components is limited, and the behavior of each components is limited, and car application is limited, and vehicle externally connects
It connects and is limited, these quantity for resulting in instruction message in in-vehicle network are limited.That is, vehicle is received from outside
To information and the information of vehicle interior be usually all limited and fixed.It and include these in CAN bus communication matrix
The description of limited information.Therefore, the presetting message white list generated by the CAN bus communication matrix of vehicle, presetting message are white
List is more accurate and more complete.Information to be detected is compared with presetting message white list, based on accurate complete
Presetting message white list reduces leak detection and the error detection probability of information, improves and determines whether information to be detected is not
The accuracy of authorization message.
It should be noted that the present embodiment for CAN bus communication matrix title without limitation.
It should be noted that the particular content that the present embodiment includes for presetting message white list is without limitation.Optionally,
Presetting message white list includes multiple messages record, and every Message Record includes: the sender ID, recipient ID and message of message
ID.Optionally, the sender ID and recipient ID of message can be ECU ID.Message id can uniquely distinguish different message.
For example, with reference to Fig. 1, in power domain, message id can be 0x432,0x431,0x430, etc..In the domain of chassis, message id can
Think 0x60,0x6B, 0x61, etc..
As it can be seen that information detecting method provided in this embodiment, since presetting message white list is the CAN bus according to vehicle
What communication matrix generated, presetting message white list is more accurately and completely.Information to be detected and accurate complete preset are disappeared
Breath white list is compared, and improves the accuracy of infomation detection.
Optionally, information detecting method provided in this embodiment can also include:
If it is determined that information to be detected is unauthorized information, then information to be detected is recorded, and issue alarm signal.
Specifically, determining that information to be detected is unauthorized information, then the information to be detected is recorded, in order to subsequent
Help is provided for the maintenance and repair of vehicle.Also, alarm signal is issued, carries out the whole network broadcast to prompt exception.It needs to illustrate
, the present embodiment for alarm signal implementation without limitation.For example, alarm signal can for audio signal, can be with
The image information of display or text information etc., prompting user, there may be malicious intrusions, so that user performs corresponding processing,
For example, curb parking, etc..
In the following, being illustrated in conjunction with different application scenarios to information detecting method provided in this embodiment.
It optionally, in one implementation, include gateway and multiple control domains in vehicle.Gateway and each control domain are logical
Cross CAN bus connection.Information detector can be disposed in a gateway.The white name of the presetting message is stored in the gateway of vehicle
It is single.
In S201, information to be detected in vehicle is obtained, may include:
First message is obtained by gateway, first message includes information to be detected.
In S202, information to be detected is compared with presetting message white list, determine information to be detected whether be
Unauthorized information may include:
The presetting message white list stored in first message and gateway is compared, determines whether first message is not award
Weigh information.
Specifically, this kind of implementation includes the scene of gateway suitable for vehicle.Information to be detected is to pass through gateway
The message of acquisition, the message are properly termed as first message.It is stored with the presetting message white list in the gateway of vehicle, disposes
Information detector in a gateway the presetting message white list stored in first message and gateway can be compared, thus
Determine whether first message is unauthorized information.
Optionally, first message may include at least one of following: gateway is from the received message of outside vehicle, gateway
The received message of control domain of the message and gateway from vehicle that are forwarded to the control domain of vehicle.
Below with reference to Fig. 1, first message is illustrated.First message may include: that gateway passes through OBD, IVI or T-
BOX is from the received message of outside vehicle, the message that gateway is forwarded to amusement domain, power domain or chassis domain, and gateway is from amusement domain, dynamic
The received message in power domain or chassis domain.
It optionally, in another implementation, include multiple control domains in vehicle, each control domain can pass through CAN
Bus connection.It optionally, can also include gateway in vehicle, gateway can be connected with each control domain by CAN bus.At this
In implementation, presetting message white list is stored in the first control domain of vehicle, information detector can be deployed in first
In control domain.The present embodiment for the first control domain number without limitation.In multiple control domains in addition to the first control domain
Other control domains are properly termed as the second control domain.
In S201, information to be detected in vehicle is obtained, may include:
Second message is obtained by the first control domain, second message includes information to be detected.
In S202, information to be detected is compared with presetting message white list, determine information to be detected whether be
Unauthorized information may include:
The presetting message white list stored in second message and the first control domain is compared, whether determines second message
For unauthorized information.
Specifically, this kind of implementation includes the scene of control domain suitable for vehicle.Information to be detected is by the
The message that one control domain obtains, the message are properly termed as second message.It is stored in first control domain of vehicle described default
Message white list, the information detector being deployed in the first control domain can will store in second message and the first control domain
Presetting message white list is compared, so that it is determined that whether second message is unauthorized information.
Optionally, second message may include at least one of following: second control domain of first control domain from vehicle
Message that received message, the first control domain are sent to the second control domain, the message broadcasted in the first control domain, the first control
The message that the received message of the gateway of domain from vehicle and the first control domain are sent to gateway.
Below with reference to Fig. 1, second message is illustrated.It is assumed that the first control domain is amusement domain, the second control domain is
Power domain.Second message may include: the message entertaining domain and sending from the received message in power domain, amusement domain to power domain, give pleasure to
The message that the received message of gateway of the message, amusement domain from vehicle broadcasted in happy domain and amusement domain are sent to gateway.
It should be noted that gateway can be used to implement the message between different control domains if including gateway in vehicle
Forwarding.
Optionally, presetting message white list is specially according to relevant to the first control domain interior in CAN bus communication matrix
Hold generation.
Due to being stored with the presetting message white list in the first control domain of vehicle, the white name of presetting message
List can only include content relevant to the first control domain.Presetting message white list can be according in CAN bus communication matrix
What content relevant to the first control domain generated.Simplify the content that presetting message white list includes.
It should be noted that above two implementation can be combined with each other according to the structure of vehicle.As it can be seen that information is examined
It surveys device and presetting message white list can have a variety of flexible deployment way, improve the flexibility of message detection.
The present embodiment provides a kind of information detecting methods, comprising: information to be detected in vehicle is obtained, by letter to be detected
Breath is compared with presetting message white list, determines whether information to be detected is unauthorized information.Wherein, the white name of presetting message
Single is to be generated according to the CAN bus communication matrix of vehicle.By information to be detected and accurate complete presetting message white list
It is compared whether determining information is legal, improves the accuracy of infomation detection.
Fig. 3 is a kind of structural schematic diagram of information detector provided in an embodiment of the present invention.Letter provided in this embodiment
Detection device is ceased, for executing the information detecting method of embodiment illustrated in fig. 2 offer.As shown in figure 3, letter provided in this embodiment
Detection device is ceased, may include:
Module 301 is obtained, for obtaining information to be detected in vehicle;
Detection module 302, for the information to be detected to be compared with presetting message white list, determine it is described to
Whether the information of detection is unauthorized information;Wherein, the presetting message white list is to be communicated according to the CAN bus of the vehicle
What matrix generated.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
The acquisition module 301 is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module 302 is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines described
Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle
The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear
Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
The acquisition module 301 is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module 302 is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, is determined
Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle
Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain
The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net
Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first
The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom
Discus, automatic Pilot domain and diagnostic field.
Optionally, further include logging modle, the logging modle is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm
Signal.
Information detector provided in this embodiment, for executing the information detecting method of embodiment illustrated in fig. 2 offer.Skill
Art principle is similar with technical effect, and details are not described herein again.
Fig. 4 is another structural schematic diagram of information detector provided in an embodiment of the present invention.As shown in figure 4, information
Detection device includes processor 41 and memory 42.For storing instruction, the processor 41 is for executing for the memory 42
The instruction stored in the memory 42, so that the information detector executes the infomation detection that embodiment illustrated in fig. 2 provides
Method.Technical principle is similar with technical effect, and details are not described herein again.
The present invention also provides a kind of vehicles, comprising: the infomation detection of vehicle body and any embodiment offer of the present invention
Device.Technical principle is similar with technical effect, and details are not described herein again.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above-mentioned each method embodiment can lead to
The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey
When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned include: ROM, RAM, magnetic disk or
The various media that can store program code such as person's CD.
Finally, it should be noted that the above various embodiments is only to illustrate the technical solution of the embodiment of the present invention, rather than to it
Limitation;Although the embodiment of the present invention is described in detail referring to foregoing embodiments, those skilled in the art
It is understood that it is still possible to modify the technical solutions described in the foregoing embodiments, either to part of or
All technical features are equivalently replaced;And these are modified or replaceed, it does not separate the essence of the corresponding technical solution this hair
The range of bright embodiment technical solution.
Claims (18)
1. a kind of information detecting method characterized by comprising
Obtain information to be detected in vehicle;
The information to be detected is compared with presetting message white list, determines whether the information to be detected is not award
Weigh information;Wherein, the presetting message white list is raw according to controller local area network's CAN bus communication matrix of the vehicle
At.
2. the method according to claim 1, wherein it is white to be stored with the presetting message in the gateway of the vehicle
List;
Information to be detected in the acquisition vehicle, comprising:
First message is obtained by the gateway, the first message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine the information to be detected whether be
Unauthorized information, comprising:
The presetting message white list stored in the first message and the gateway is compared, determines that described first disappears
Whether breath is unauthorized information.
3. according to the method described in claim 2, it is characterized in that, the first message includes at least one of following: institute
State the message and the gateway that gateway is forwarded from the received message of the outside vehicle, the gateway to the control domain of the vehicle
From the received message of the control domain of the vehicle.
4. the method according to claim 1, wherein being stored in the first control domain of the vehicle described default
Message white list;
Information to be detected in the acquisition vehicle, comprising:
Second message is obtained by first control domain, the second message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine the information to be detected whether be
Unauthorized information, comprising:
The presetting message white list stored in the second message and first control domain is compared, described in determination
Whether second message is unauthorized information.
5. according to the method described in claim 4, it is characterized in that, the second message includes at least one of following: institute
The first control domain is stated to send out from the received message of the second control domain of the vehicle, first control domain to second control domain
The message sent, the message broadcasted in first control domain, the first control domain from the vehicle gateway received disappear
The message that breath and first control domain are sent to the gateway.
6. according to the method described in claim 4, it is characterized in that, the presetting message white list is specially according to the CAN
Content relevant to first control domain generates in bus communication matrix.
7. according to the method described in claim 4, it is characterized in that, first control domain includes at least one of following:
Power domain, Infotainment domain, vehicle body domain, chassis domain, automatic Pilot domain and diagnostic field.
8. method according to any one of claims 1 to 7, which is characterized in that further include:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm signal.
9. a kind of information detector characterized by comprising
Module is obtained, for obtaining information to be detected in vehicle;
Detection module determines described to be detected for the information to be detected to be compared with presetting message white list
Whether information is unauthorized information;Wherein, the presetting message white list is the controller local area network CAN according to the vehicle
What bus communication matrix generated.
10. device according to claim 9, which is characterized in that be stored with the presetting message in the gateway of the vehicle
White list;
The acquisition module is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines that described first disappears
Whether breath is unauthorized information.
11. device according to claim 10, which is characterized in that the first message includes at least one of following:
The message and the net that the gateway is forwarded from the received message of the outside vehicle, the gateway to the control domain of the vehicle
Close the received message of control domain from the vehicle.
12. device according to claim 9, which is characterized in that be stored in the first control domain of the vehicle described pre-
If message white list;
The acquisition module is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, described in determination
Whether second message is unauthorized information.
13. device according to claim 12, which is characterized in that the second message includes at least one of following:
First control domain is from the received message of the second control domain of the vehicle, first control domain to second control domain
The message of transmission, the message broadcasted in first control domain, the gateway of the first control domain from the vehicle are received
The message that message and first control domain are sent to the gateway.
14. device according to claim 12, which is characterized in that the presetting message white list is specially according to
Content relevant to first control domain generates in CAN bus communication matrix.
15. according to the described in any item devices of claim 9 to 14, which is characterized in that it further include logging modle, the record mould
Block is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm signal.
16. a kind of information detector characterized by comprising processor and memory;
The memory, for storing instruction;
The processor, for executing the instruction stored in the memory, to execute as described in any one of claim 1 to 8
Method.
17. a kind of vehicle characterized by comprising vehicle body and information detector as claimed in claim 16.
18. a kind of storage medium characterized by comprising readable storage medium storing program for executing and computer program, the computer program are used
In realization method as claimed in any one of claims 1 to 8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910594113.1A CN110266717A (en) | 2019-07-03 | 2019-07-03 | Information detecting method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910594113.1A CN110266717A (en) | 2019-07-03 | 2019-07-03 | Information detecting method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110266717A true CN110266717A (en) | 2019-09-20 |
Family
ID=67924134
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910594113.1A Pending CN110266717A (en) | 2019-07-03 | 2019-07-03 | Information detecting method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110266717A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111314354A (en) * | 2020-02-19 | 2020-06-19 | 北京天融信网络安全技术有限公司 | Intelligent vehicle communication method and device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160021127A1 (en) * | 2014-07-17 | 2016-01-21 | VisualThreat Inc. | System and method for detecting obd-ii can bus message attacks |
CN105553946A (en) * | 2015-12-08 | 2016-05-04 | 严威 | Vehicle-mounted system based on CAN bus firewall and control method thereof |
CN106062847A (en) * | 2015-01-20 | 2016-10-26 | 松下电器(美国)知识产权公司 | Irregularity handling method and electronic control unit |
CN109033829A (en) * | 2018-07-27 | 2018-12-18 | 北京梆梆安全科技有限公司 | Vehicle network intrusion detection householder method, apparatus and system |
CN109344609A (en) * | 2018-08-31 | 2019-02-15 | 惠州市德赛西威汽车电子股份有限公司 | A kind of TCU module, TCU system and guard method |
CN109714344A (en) * | 2018-12-28 | 2019-05-03 | 国汽(北京)智能网联汽车研究院有限公司 | Intelligent network based on " end-pipe-cloud " joins automobile information security platform |
-
2019
- 2019-07-03 CN CN201910594113.1A patent/CN110266717A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160021127A1 (en) * | 2014-07-17 | 2016-01-21 | VisualThreat Inc. | System and method for detecting obd-ii can bus message attacks |
CN106062847A (en) * | 2015-01-20 | 2016-10-26 | 松下电器(美国)知识产权公司 | Irregularity handling method and electronic control unit |
CN105553946A (en) * | 2015-12-08 | 2016-05-04 | 严威 | Vehicle-mounted system based on CAN bus firewall and control method thereof |
CN109033829A (en) * | 2018-07-27 | 2018-12-18 | 北京梆梆安全科技有限公司 | Vehicle network intrusion detection householder method, apparatus and system |
CN109344609A (en) * | 2018-08-31 | 2019-02-15 | 惠州市德赛西威汽车电子股份有限公司 | A kind of TCU module, TCU system and guard method |
CN109714344A (en) * | 2018-12-28 | 2019-05-03 | 国汽(北京)智能网联汽车研究院有限公司 | Intelligent network based on " end-pipe-cloud " joins automobile information security platform |
Non-Patent Citations (1)
Title |
---|
曾凡: "网联汽车入侵检测***的研究与实现", 《中国优秀硕士学位论文全文数据库 工程科技II辑》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111314354A (en) * | 2020-02-19 | 2020-06-19 | 北京天融信网络安全技术有限公司 | Intelligent vehicle communication method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11748474B2 (en) | Security system and methods for identification of in-vehicle attack originator | |
JP6508631B2 (en) | Device for detection and prevention of attacks on vehicles | |
US20160306766A1 (en) | Controller area network bus | |
CN105818783B (en) | Invasion vehicle-mounted to electronics responds | |
US20120078440A1 (en) | Methods and systems for integration of vehicle systems | |
CN104980343A (en) | Sharing method and system of road condition information, automobile data recorder, and cloud server | |
CN108377260B (en) | System and method for displaying vehicle information | |
CN110659078A (en) | Remote vehicle electronics configuration | |
WO2013033686A2 (en) | Method and apparatus for social telematics | |
CN108323210A (en) | Vehicle checking method, device, equipment and readable storage medium storing program for executing | |
US9489778B2 (en) | Method and system for alerting a driver to a condition of a vehicle | |
CN105270322B (en) | Intelligent terminal safe condition identifies alarm method, system and intelligent terminal | |
CN111369798A (en) | Vehicle violation monitoring method, vehicle machine and vehicle | |
CN105100218A (en) | Vehicle evaluation method, device and system based on automobile data recorder | |
CN102130902B (en) | Data communication system, in-vehicle equipment and data communication method | |
CN109547401A (en) | Cyberspace vulnerability is prioritized and repairs | |
CN110793537A (en) | Navigation path recommendation method, vehicle machine and vehicle | |
CN105844905A (en) | Vehicle fleet management method | |
CN110266717A (en) | Information detecting method and device | |
CN105684062B (en) | For the method and apparatus for the event message for providing the event on proximate vehicle | |
CN115297461B (en) | Data interaction method and device, vehicle, readable storage medium and chip | |
CN116048055A (en) | Vehicle fault detection method, device and storage medium | |
Čabala et al. | Wireless real-time vehicle monitoring based on android mobile device | |
US20200233992A1 (en) | Vehicle traveling simulation system, vehicle traveling simulation method and activation device | |
CN111497783A (en) | In-vehicle danger early warning method, vehicle machine and vehicle |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20211025 Address after: 100176 101, floor 1, building 1, yard 7, Ruihe West 2nd Road, Beijing Economic and Technological Development Zone, Daxing District, Beijing Applicant after: Apollo Zhilian (Beijing) Technology Co.,Ltd. Address before: 2 / F, *** building, 10 Shangdi 10th Street, Haidian District, Beijing 100085 Applicant before: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY Co.,Ltd. |
|
TA01 | Transfer of patent application right | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190920 |
|
RJ01 | Rejection of invention patent application after publication |