CN110266717A - Information detecting method and device - Google Patents

Information detecting method and device Download PDF

Info

Publication number
CN110266717A
CN110266717A CN201910594113.1A CN201910594113A CN110266717A CN 110266717 A CN110266717 A CN 110266717A CN 201910594113 A CN201910594113 A CN 201910594113A CN 110266717 A CN110266717 A CN 110266717A
Authority
CN
China
Prior art keywords
message
information
vehicle
detected
control domain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910594113.1A
Other languages
Chinese (zh)
Inventor
李显杰
乔旭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Apollo Zhilian Beijing Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN201910594113.1A priority Critical patent/CN110266717A/en
Publication of CN110266717A publication Critical patent/CN110266717A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L12/40006Architecture of a communication node
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40208Bus networks characterized by the use of a particular bus standard
    • H04L2012/40215Controller Area Network CAN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/40Bus networks
    • H04L2012/40267Bus for use in transportation systems
    • H04L2012/40273Bus for use in transportation systems the transportation system being a vehicle
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention provides a kind of information detecting method and device.Wherein, information detecting method includes: to obtain information to be detected in vehicle;Information to be detected is compared with presetting message white list, determines whether information to be detected is unauthorized information;Wherein, presetting message white list is to be generated according to the CAN bus communication matrix of vehicle.Due to generating presetting message white list according to CAN bus communication matrix, the accuracy and integrality of presetting message white list are improved.Information to be detected is compared whether determining information is legal with presetting message white list, improves the accuracy of infomation detection.

Description

Information detecting method and device
Technical field
The present invention relates to car networking field of information security technology more particularly to a kind of information detecting methods and device.
Background technique
With the development of Vehicular intelligent, automobile is no longer an isolated island, the disparate networks invasion that in-vehicle network faces Risk is increasing.
Currently, attacker can be given pleasure to by onboard diagnostic system (On-Board Diagnostics, OBD), on-vehicle information Music system (In-Vehicle Infotainment, IVI), car networking system (Telematics BOX, T-BOX), electronics of falling into enemy hands The modes such as control unit (Electronic Control Unit, ECU) send unauthorized instruction, this kind of intrusion behavior to car The failure that may cause automobile has very big life threat and property to threaten driver.
Therefore, how effectively to carry out detection to information security becomes urgent problem to be solved.
Summary of the invention
The present invention provides a kind of information detecting method and device, improves the accuracy of infomation detection.
In a first aspect, the present invention provides a kind of information detecting method, comprising:
Obtain information to be detected in vehicle;
The information to be detected is compared with presetting message white list, determine the information to be detected whether be Unauthorized information;Wherein, the presetting message white list is to be generated according to the CAN bus communication matrix of the vehicle.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
Information to be detected in the acquisition vehicle, comprising:
First message is obtained by the gateway, the first message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine that the information to be detected is No is unauthorized information, comprising:
The presetting message white list stored in the first message and the gateway is compared, determines described Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
Information to be detected in the acquisition vehicle, comprising:
Second message is obtained by first control domain, the second message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine that the information to be detected is No is unauthorized information, comprising:
The presetting message white list stored in the second message and first control domain is compared, is determined Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom Discus, automatic Pilot domain and diagnostic field.
Optionally, further includes:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm Signal.
Second aspect, the present invention provide a kind of information detector, comprising:
Module is obtained, for obtaining information to be detected in vehicle;
Detection module determines described to be checked for the information to be detected to be compared with presetting message white list Whether the information of survey is unauthorized information;Wherein, the presetting message white list is to communicate square according to the CAN bus of the vehicle What battle array generated.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
The acquisition module is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines described Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
The acquisition module is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, is determined Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom Discus, automatic Pilot domain and diagnostic field.
Optionally, further include logging modle, the logging modle is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm Signal.
The third aspect, the present invention provide a kind of information detector, comprising: processor and memory;The memory is used In store instruction;The processor, it is any to execute first aspect present invention for executing the instruction stored in the memory The method that embodiment provides.
Fourth aspect, the present invention provide a kind of vehicle, comprising: vehicle body and any embodiment party of first aspect present invention The information detector that formula provides.
5th aspect, the present invention provide a kind of storage medium, comprising: readable storage medium storing program for executing and computer program, the meter The method that calculation machine program provides for realizing any embodiment of first aspect present invention.
6th aspect, the embodiment of the present application provide a kind of program product, which includes that computer program (executes Instruction), which is stored in readable storage medium storing program for executing.At least one processor can be read from readable storage medium storing program for executing should Computer program, at least one processor execute the computer program and equipment implementation first aspect present invention are arbitrarily implemented The method that mode provides.
The present invention provides a kind of information detecting method and device, will be to be detected by obtaining information to be detected in vehicle Information be compared with presetting message white list, determine whether information to be detected is unauthorized information.Due to presetting message White list is to be generated according to the CAN bus communication matrix of vehicle, and the CAN bus communication matrix of vehicle is mark relevant to vehicle Quasi- database file, therefore, the presetting message white list generated according to CAN bus communication matrix will be more accurate and more add It is whole.Determine whether information to be detected is legal based on presetting message white list accurately and completely, improves the standard of infomation detection True property.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with It obtains other drawings based on these drawings.
Fig. 1 is the in-vehicle network schematic diagram that the embodiment of the present invention is applicable in;
Fig. 2 is the flow chart of information detecting method provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of information detector provided in an embodiment of the present invention;
Fig. 4 is another structural schematic diagram of information detector provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Specification of the invention, claims and term " first " in attached drawing, " second ", " third ", " the 4th " etc. (if present) is to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that this The data that sample uses are interchangeable under appropriate circumstances, so as to the embodiment of the present invention described herein, such as can in addition to The sequence other than those of diagram or description is implemented herein.In addition, term " includes " and " having " and their any change Shape, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, product Or equipment those of is not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for these The intrinsic other step or units of process, method, product or equipment.
Information detecting method provided by the invention can be applied to the detection of information in the vehicle intelligent system of vehicle, with Determine whether information is legal.Illustratively, Fig. 1 is the in-vehicle network schematic diagram that the embodiment of the present invention is applicable in.As shown in Figure 1, vehicle Interior network may include Web portal, gateway 100 and multiple control domains.Web portal, gateway 100 and each control domain can lead to Cross the connection of controller local area network's (Controller Area Network, CAN) bus.Gateway 100 can be with by Web portal Information is obtained from outside vehicle, the information is transmitted to control domain by CAN bus.Gateway 100 is also used for different controls The cross-domain forwarding inside the vehicle of the information in domain.
Wherein, intruding detection system (Intrusion can be disposed in gateway 100 and/or at least one control domain Detection Systems, IDS).For example, being deployed with IDS101 in gateway 100 in Fig. 1, power is deployed in domain IDS201, chassis are deployed with IDS202 in domain.IDS to network, can be by software, hardware according to certain security strategy The operation conditions of system is monitored, finds various attack attempts, attack or attack result, to guarantee network system resources Confidentiality, integrity, and availability.Presetting message white list is can store in the IDS.The present invention is for presetting message The storage form of white list is without limitation.For example, presetting message white list can store in one file.It is provided by the invention Information detecting method, executing subject can be gateway 100 and/or processing module or processor in each control domain.
Optionally, Web portal can include but is not limited to OBD, IVI and T-BOX.
OBD is onboard diagnostic system, and real-time monitoring engine electric-controlled system and vehicle in vehicle operation may be implemented The working conditions of other functional modules specific failure can be judged according to specific algorithm when there is work condition abnormality, And it is stored on the memory in system in the form of diagnostic trouble code (Diagnostic Trouble Codes, DTC).System The useful information obtained after system self diagnosis can provide help for the maintenance and maintenance of vehicle.Maintenance personal can be by vehicle OBD interface read failure code, convenient for the repairing to vehicle, reduce and manually examine so as to quickly be positioned to failure The disconnected time.With the various sensors of vehicle and the raising of electronic degree, OBD expands control range, can will be every Monitoring function is all included in the compass of competency of oneself.Communication interface of the OBD interface as onboard diagnostic system can be transmitted more Information.
IVI is vehicle-mounted information and entertainment system, is to be based on Vehicle Body Bus system and interconnection using vehicle-mounted dedicated central processing unit The vehicle integrated information processing system that net service is formed.IVI may be implemented to include three-dimensional navigation, real-time road, Internet protocol electricity Depending on (Internet Protocol Television, IPTV), auxiliary driving, fault detection, information of vehicles, Body Control, shifting It moves office, wireless telecommunications, based on a series of applications such as online amusement function, is greatly improved Cartronic, networking And intelligent level.
T-BOX is car networking system, may include four parts, including host, vehicle-mounted T-BOX, application program of mobile phone (Application, APP) and background system.Host A PP is mainly used for interior audio-visual amusement, information of vehicles is shown.It is vehicle-mounted T-BOX is mainly used for communicating with background system or cell phone application, realizes that the information of vehicles of cell phone application is shown and control.For example, User can control door switch, whistle flashing light by cell phone application, open air-conditioning, starting engine, vehicle location, etc..
Optionally, control domain can include but is not limited to: power domain, vehicle body domain, chassis domain, is driven at Infotainment domain automatically Sail domain and diagnostic field.For example, in fig. 1 it is shown that amusement domain, power domain and chassis domain.In each control domain, including it is multiple Electronic control unit (Electronic Control Unit, ECU).
Power domain can be used for the communication transfer of vehicle driving and security information.
Infotainment domain can be used for the communication transfer of vehicle multimedia amusement and networking control information.
Vehicle body domain can be used for the communication transfer of automobile body information.
Chassis domain can be used for the communication transfer of vehicle chassis information.
Automatic Pilot domain can be used for the communication transfer of Vehicular automatic driving information.
Diagnostic field can be used for connecting diagnostic tool after sale or research and development debugging tool, realize the acquisition for whole vehicle information And diagnosis.
It should be noted that the definition of each control domain and the function that may be implemented, it can be according to the difference of vehicle Difference, this is not limited by the present invention.
Technical solution of the present invention is described in detail with specifically embodiment below.These specific implementations below Example can be combined with each other, and the same or similar concept or process may be repeated no more in some embodiments.
Fig. 2 is the flow chart of information detecting method provided in an embodiment of the present invention.Infomation detection side provided in this embodiment Method, executing subject can be information detector.According to the difference of application scenarios, information detector can be deployed in Fig. 1 Gateway and/or at least one control domain in.As shown in Fig. 2, information detecting method provided in this embodiment, may include:
S201, information to be detected in vehicle is obtained.
S202, information to be detected is compared with presetting message white list, determines whether information to be detected is not Authorization message.Wherein, presetting message white list is to be generated according to the CAN bus communication matrix of vehicle.
Specifically, the deployed position of information detector is different, information to be detected can be different, the present embodiment to this not It limits.Presetting message white list is previously stored in vehicle.The presetting message white list is logical according to the CAN bus of vehicle Believe what matrix generated.CAN bus communication matrix is the database file of a standard, e.g. the file of the entitled DBC of suffix.Vehicle There is corresponding CAN bus communication matrix, for describing each logical node information in CAN network.The present embodiment is total for CAN The particular content that line communication matrix includes is without limitation.For example, may include: ECU ID, message class in CAN bus communication matrix Type, message attributes, message transmission periods, message format, message length, message raw address, message destination address, etc..In general, vehicle The quantity of middle components is limited, and the behavior of each components is limited, and car application is limited, and vehicle externally connects It connects and is limited, these quantity for resulting in instruction message in in-vehicle network are limited.That is, vehicle is received from outside To information and the information of vehicle interior be usually all limited and fixed.It and include these in CAN bus communication matrix The description of limited information.Therefore, the presetting message white list generated by the CAN bus communication matrix of vehicle, presetting message are white List is more accurate and more complete.Information to be detected is compared with presetting message white list, based on accurate complete Presetting message white list reduces leak detection and the error detection probability of information, improves and determines whether information to be detected is not The accuracy of authorization message.
It should be noted that the present embodiment for CAN bus communication matrix title without limitation.
It should be noted that the particular content that the present embodiment includes for presetting message white list is without limitation.Optionally, Presetting message white list includes multiple messages record, and every Message Record includes: the sender ID, recipient ID and message of message ID.Optionally, the sender ID and recipient ID of message can be ECU ID.Message id can uniquely distinguish different message. For example, with reference to Fig. 1, in power domain, message id can be 0x432,0x431,0x430, etc..In the domain of chassis, message id can Think 0x60,0x6B, 0x61, etc..
As it can be seen that information detecting method provided in this embodiment, since presetting message white list is the CAN bus according to vehicle What communication matrix generated, presetting message white list is more accurately and completely.Information to be detected and accurate complete preset are disappeared Breath white list is compared, and improves the accuracy of infomation detection.
Optionally, information detecting method provided in this embodiment can also include:
If it is determined that information to be detected is unauthorized information, then information to be detected is recorded, and issue alarm signal.
Specifically, determining that information to be detected is unauthorized information, then the information to be detected is recorded, in order to subsequent Help is provided for the maintenance and repair of vehicle.Also, alarm signal is issued, carries out the whole network broadcast to prompt exception.It needs to illustrate , the present embodiment for alarm signal implementation without limitation.For example, alarm signal can for audio signal, can be with The image information of display or text information etc., prompting user, there may be malicious intrusions, so that user performs corresponding processing, For example, curb parking, etc..
In the following, being illustrated in conjunction with different application scenarios to information detecting method provided in this embodiment.
It optionally, in one implementation, include gateway and multiple control domains in vehicle.Gateway and each control domain are logical Cross CAN bus connection.Information detector can be disposed in a gateway.The white name of the presetting message is stored in the gateway of vehicle It is single.
In S201, information to be detected in vehicle is obtained, may include:
First message is obtained by gateway, first message includes information to be detected.
In S202, information to be detected is compared with presetting message white list, determine information to be detected whether be Unauthorized information may include:
The presetting message white list stored in first message and gateway is compared, determines whether first message is not award Weigh information.
Specifically, this kind of implementation includes the scene of gateway suitable for vehicle.Information to be detected is to pass through gateway The message of acquisition, the message are properly termed as first message.It is stored with the presetting message white list in the gateway of vehicle, disposes Information detector in a gateway the presetting message white list stored in first message and gateway can be compared, thus Determine whether first message is unauthorized information.
Optionally, first message may include at least one of following: gateway is from the received message of outside vehicle, gateway The received message of control domain of the message and gateway from vehicle that are forwarded to the control domain of vehicle.
Below with reference to Fig. 1, first message is illustrated.First message may include: that gateway passes through OBD, IVI or T- BOX is from the received message of outside vehicle, the message that gateway is forwarded to amusement domain, power domain or chassis domain, and gateway is from amusement domain, dynamic The received message in power domain or chassis domain.
It optionally, in another implementation, include multiple control domains in vehicle, each control domain can pass through CAN Bus connection.It optionally, can also include gateway in vehicle, gateway can be connected with each control domain by CAN bus.At this In implementation, presetting message white list is stored in the first control domain of vehicle, information detector can be deployed in first In control domain.The present embodiment for the first control domain number without limitation.In multiple control domains in addition to the first control domain Other control domains are properly termed as the second control domain.
In S201, information to be detected in vehicle is obtained, may include:
Second message is obtained by the first control domain, second message includes information to be detected.
In S202, information to be detected is compared with presetting message white list, determine information to be detected whether be Unauthorized information may include:
The presetting message white list stored in second message and the first control domain is compared, whether determines second message For unauthorized information.
Specifically, this kind of implementation includes the scene of control domain suitable for vehicle.Information to be detected is by the The message that one control domain obtains, the message are properly termed as second message.It is stored in first control domain of vehicle described default Message white list, the information detector being deployed in the first control domain can will store in second message and the first control domain Presetting message white list is compared, so that it is determined that whether second message is unauthorized information.
Optionally, second message may include at least one of following: second control domain of first control domain from vehicle Message that received message, the first control domain are sent to the second control domain, the message broadcasted in the first control domain, the first control The message that the received message of the gateway of domain from vehicle and the first control domain are sent to gateway.
Below with reference to Fig. 1, second message is illustrated.It is assumed that the first control domain is amusement domain, the second control domain is Power domain.Second message may include: the message entertaining domain and sending from the received message in power domain, amusement domain to power domain, give pleasure to The message that the received message of gateway of the message, amusement domain from vehicle broadcasted in happy domain and amusement domain are sent to gateway.
It should be noted that gateway can be used to implement the message between different control domains if including gateway in vehicle Forwarding.
Optionally, presetting message white list is specially according to relevant to the first control domain interior in CAN bus communication matrix Hold generation.
Due to being stored with the presetting message white list in the first control domain of vehicle, the white name of presetting message List can only include content relevant to the first control domain.Presetting message white list can be according in CAN bus communication matrix What content relevant to the first control domain generated.Simplify the content that presetting message white list includes.
It should be noted that above two implementation can be combined with each other according to the structure of vehicle.As it can be seen that information is examined It surveys device and presetting message white list can have a variety of flexible deployment way, improve the flexibility of message detection.
The present embodiment provides a kind of information detecting methods, comprising: information to be detected in vehicle is obtained, by letter to be detected Breath is compared with presetting message white list, determines whether information to be detected is unauthorized information.Wherein, the white name of presetting message Single is to be generated according to the CAN bus communication matrix of vehicle.By information to be detected and accurate complete presetting message white list It is compared whether determining information is legal, improves the accuracy of infomation detection.
Fig. 3 is a kind of structural schematic diagram of information detector provided in an embodiment of the present invention.Letter provided in this embodiment Detection device is ceased, for executing the information detecting method of embodiment illustrated in fig. 2 offer.As shown in figure 3, letter provided in this embodiment Detection device is ceased, may include:
Module 301 is obtained, for obtaining information to be detected in vehicle;
Detection module 302, for the information to be detected to be compared with presetting message white list, determine it is described to Whether the information of detection is unauthorized information;Wherein, the presetting message white list is to be communicated according to the CAN bus of the vehicle What matrix generated.
Optionally, the presetting message white list is stored in the gateway of the vehicle;
The acquisition module 301 is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module 302 is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines described Whether one message is unauthorized information.
Optionally, the first message includes at least one of following: the gateway is received from the outside vehicle The control domain of message and the gateway from the vehicle that message, the gateway are forwarded to the control domain of the vehicle is received to disappear Breath.
Optionally, the presetting message white list is stored in the first control domain of the vehicle;
The acquisition module 301 is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module 302 is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, is determined Whether the second message is unauthorized information.
Optionally, the second message includes at least one of following: first control domain from the vehicle Message that the received message of two control domains, first control domain are sent to second control domain, in first control domain The message of middle broadcast, the received message of gateway of the first control domain from the vehicle and first control domain are to the net Close the message sent.
Optionally, the presetting message white list is specially to control according in the CAN bus communication matrix with described first The relevant content in domain processed generates.
Optionally, first control domain includes at least one of following: power domain, Infotainment domain, vehicle body domain, bottom Discus, automatic Pilot domain and diagnostic field.
Optionally, further include logging modle, the logging modle is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm Signal.
Information detector provided in this embodiment, for executing the information detecting method of embodiment illustrated in fig. 2 offer.Skill Art principle is similar with technical effect, and details are not described herein again.
Fig. 4 is another structural schematic diagram of information detector provided in an embodiment of the present invention.As shown in figure 4, information Detection device includes processor 41 and memory 42.For storing instruction, the processor 41 is for executing for the memory 42 The instruction stored in the memory 42, so that the information detector executes the infomation detection that embodiment illustrated in fig. 2 provides Method.Technical principle is similar with technical effect, and details are not described herein again.
The present invention also provides a kind of vehicles, comprising: the infomation detection of vehicle body and any embodiment offer of the present invention Device.Technical principle is similar with technical effect, and details are not described herein again.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above-mentioned each method embodiment can lead to The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned include: ROM, RAM, magnetic disk or The various media that can store program code such as person's CD.
Finally, it should be noted that the above various embodiments is only to illustrate the technical solution of the embodiment of the present invention, rather than to it Limitation;Although the embodiment of the present invention is described in detail referring to foregoing embodiments, those skilled in the art It is understood that it is still possible to modify the technical solutions described in the foregoing embodiments, either to part of or All technical features are equivalently replaced;And these are modified or replaceed, it does not separate the essence of the corresponding technical solution this hair The range of bright embodiment technical solution.

Claims (18)

1. a kind of information detecting method characterized by comprising
Obtain information to be detected in vehicle;
The information to be detected is compared with presetting message white list, determines whether the information to be detected is not award Weigh information;Wherein, the presetting message white list is raw according to controller local area network's CAN bus communication matrix of the vehicle At.
2. the method according to claim 1, wherein it is white to be stored with the presetting message in the gateway of the vehicle List;
Information to be detected in the acquisition vehicle, comprising:
First message is obtained by the gateway, the first message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine the information to be detected whether be Unauthorized information, comprising:
The presetting message white list stored in the first message and the gateway is compared, determines that described first disappears Whether breath is unauthorized information.
3. according to the method described in claim 2, it is characterized in that, the first message includes at least one of following: institute State the message and the gateway that gateway is forwarded from the received message of the outside vehicle, the gateway to the control domain of the vehicle From the received message of the control domain of the vehicle.
4. the method according to claim 1, wherein being stored in the first control domain of the vehicle described default Message white list;
Information to be detected in the acquisition vehicle, comprising:
Second message is obtained by first control domain, the second message includes the information to be detected;
It is described that the information to be detected is compared with presetting message white list, determine the information to be detected whether be Unauthorized information, comprising:
The presetting message white list stored in the second message and first control domain is compared, described in determination Whether second message is unauthorized information.
5. according to the method described in claim 4, it is characterized in that, the second message includes at least one of following: institute The first control domain is stated to send out from the received message of the second control domain of the vehicle, first control domain to second control domain The message sent, the message broadcasted in first control domain, the first control domain from the vehicle gateway received disappear The message that breath and first control domain are sent to the gateway.
6. according to the method described in claim 4, it is characterized in that, the presetting message white list is specially according to the CAN Content relevant to first control domain generates in bus communication matrix.
7. according to the method described in claim 4, it is characterized in that, first control domain includes at least one of following: Power domain, Infotainment domain, vehicle body domain, chassis domain, automatic Pilot domain and diagnostic field.
8. method according to any one of claims 1 to 7, which is characterized in that further include:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm signal.
9. a kind of information detector characterized by comprising
Module is obtained, for obtaining information to be detected in vehicle;
Detection module determines described to be detected for the information to be detected to be compared with presetting message white list Whether information is unauthorized information;Wherein, the presetting message white list is the controller local area network CAN according to the vehicle What bus communication matrix generated.
10. device according to claim 9, which is characterized in that be stored with the presetting message in the gateway of the vehicle White list;
The acquisition module is specifically used for:
First message is obtained by the gateway, the first message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the first message and the gateway is compared, determines that described first disappears Whether breath is unauthorized information.
11. device according to claim 10, which is characterized in that the first message includes at least one of following: The message and the net that the gateway is forwarded from the received message of the outside vehicle, the gateway to the control domain of the vehicle Close the received message of control domain from the vehicle.
12. device according to claim 9, which is characterized in that be stored in the first control domain of the vehicle described pre- If message white list;
The acquisition module is specifically used for:
Second message is obtained by first control domain, the second message includes the information to be detected;
The detection module is specifically used for:
The presetting message white list stored in the second message and first control domain is compared, described in determination Whether second message is unauthorized information.
13. device according to claim 12, which is characterized in that the second message includes at least one of following: First control domain is from the received message of the second control domain of the vehicle, first control domain to second control domain The message of transmission, the message broadcasted in first control domain, the gateway of the first control domain from the vehicle are received The message that message and first control domain are sent to the gateway.
14. device according to claim 12, which is characterized in that the presetting message white list is specially according to Content relevant to first control domain generates in CAN bus communication matrix.
15. according to the described in any item devices of claim 9 to 14, which is characterized in that it further include logging modle, the record mould Block is used for:
If it is determined that the information to be detected is unauthorized information, then the information to be detected is recorded, and issue alarm signal.
16. a kind of information detector characterized by comprising processor and memory;
The memory, for storing instruction;
The processor, for executing the instruction stored in the memory, to execute as described in any one of claim 1 to 8 Method.
17. a kind of vehicle characterized by comprising vehicle body and information detector as claimed in claim 16.
18. a kind of storage medium characterized by comprising readable storage medium storing program for executing and computer program, the computer program are used In realization method as claimed in any one of claims 1 to 8.
CN201910594113.1A 2019-07-03 2019-07-03 Information detecting method and device Pending CN110266717A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910594113.1A CN110266717A (en) 2019-07-03 2019-07-03 Information detecting method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910594113.1A CN110266717A (en) 2019-07-03 2019-07-03 Information detecting method and device

Publications (1)

Publication Number Publication Date
CN110266717A true CN110266717A (en) 2019-09-20

Family

ID=67924134

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910594113.1A Pending CN110266717A (en) 2019-07-03 2019-07-03 Information detecting method and device

Country Status (1)

Country Link
CN (1) CN110266717A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314354A (en) * 2020-02-19 2020-06-19 北京天融信网络安全技术有限公司 Intelligent vehicle communication method and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160021127A1 (en) * 2014-07-17 2016-01-21 VisualThreat Inc. System and method for detecting obd-ii can bus message attacks
CN105553946A (en) * 2015-12-08 2016-05-04 严威 Vehicle-mounted system based on CAN bus firewall and control method thereof
CN106062847A (en) * 2015-01-20 2016-10-26 松下电器(美国)知识产权公司 Irregularity handling method and electronic control unit
CN109033829A (en) * 2018-07-27 2018-12-18 北京梆梆安全科技有限公司 Vehicle network intrusion detection householder method, apparatus and system
CN109344609A (en) * 2018-08-31 2019-02-15 惠州市德赛西威汽车电子股份有限公司 A kind of TCU module, TCU system and guard method
CN109714344A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on " end-pipe-cloud " joins automobile information security platform

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160021127A1 (en) * 2014-07-17 2016-01-21 VisualThreat Inc. System and method for detecting obd-ii can bus message attacks
CN106062847A (en) * 2015-01-20 2016-10-26 松下电器(美国)知识产权公司 Irregularity handling method and electronic control unit
CN105553946A (en) * 2015-12-08 2016-05-04 严威 Vehicle-mounted system based on CAN bus firewall and control method thereof
CN109033829A (en) * 2018-07-27 2018-12-18 北京梆梆安全科技有限公司 Vehicle network intrusion detection householder method, apparatus and system
CN109344609A (en) * 2018-08-31 2019-02-15 惠州市德赛西威汽车电子股份有限公司 A kind of TCU module, TCU system and guard method
CN109714344A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on " end-pipe-cloud " joins automobile information security platform

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
曾凡: "网联汽车入侵检测***的研究与实现", 《中国优秀硕士学位论文全文数据库 工程科技II辑》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111314354A (en) * 2020-02-19 2020-06-19 北京天融信网络安全技术有限公司 Intelligent vehicle communication method and device

Similar Documents

Publication Publication Date Title
US11748474B2 (en) Security system and methods for identification of in-vehicle attack originator
JP6508631B2 (en) Device for detection and prevention of attacks on vehicles
US20160306766A1 (en) Controller area network bus
CN105818783B (en) Invasion vehicle-mounted to electronics responds
US20120078440A1 (en) Methods and systems for integration of vehicle systems
CN104980343A (en) Sharing method and system of road condition information, automobile data recorder, and cloud server
CN108377260B (en) System and method for displaying vehicle information
CN110659078A (en) Remote vehicle electronics configuration
WO2013033686A2 (en) Method and apparatus for social telematics
CN108323210A (en) Vehicle checking method, device, equipment and readable storage medium storing program for executing
US9489778B2 (en) Method and system for alerting a driver to a condition of a vehicle
CN105270322B (en) Intelligent terminal safe condition identifies alarm method, system and intelligent terminal
CN111369798A (en) Vehicle violation monitoring method, vehicle machine and vehicle
CN105100218A (en) Vehicle evaluation method, device and system based on automobile data recorder
CN102130902B (en) Data communication system, in-vehicle equipment and data communication method
CN109547401A (en) Cyberspace vulnerability is prioritized and repairs
CN110793537A (en) Navigation path recommendation method, vehicle machine and vehicle
CN105844905A (en) Vehicle fleet management method
CN110266717A (en) Information detecting method and device
CN105684062B (en) For the method and apparatus for the event message for providing the event on proximate vehicle
CN115297461B (en) Data interaction method and device, vehicle, readable storage medium and chip
CN116048055A (en) Vehicle fault detection method, device and storage medium
Čabala et al. Wireless real-time vehicle monitoring based on android mobile device
US20200233992A1 (en) Vehicle traveling simulation system, vehicle traveling simulation method and activation device
CN111497783A (en) In-vehicle danger early warning method, vehicle machine and vehicle

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20211025

Address after: 100176 101, floor 1, building 1, yard 7, Ruihe West 2nd Road, Beijing Economic and Technological Development Zone, Daxing District, Beijing

Applicant after: Apollo Zhilian (Beijing) Technology Co.,Ltd.

Address before: 2 / F, *** building, 10 Shangdi 10th Street, Haidian District, Beijing 100085

Applicant before: BEIJING BAIDU NETCOM SCIENCE AND TECHNOLOGY Co.,Ltd.

TA01 Transfer of patent application right
RJ01 Rejection of invention patent application after publication

Application publication date: 20190920

RJ01 Rejection of invention patent application after publication