Developing SIEM and Log Management for Automotive Network in a Simulated Environment

Developing SIEM and Log Management for Automotive Network in a Simulated Environment

Modern vehicles' increasing connectivity and complexity have made them susceptible to various cyber threats. To address this, Security Information and Event Management systems (SIEM), commonly used in IT environments, are being adapted for the automotive domain. This paper presents an approach...

Full description

Saved in:
Bibliographic Details
Published in:International Symposium on Intelligent Systems & Informatics pp. 000239 - 000244
Main Authors: Saulaiman, Mera Nizam-Edden, Ivanyi, Balint Laszlo, Kail, Eszter, Pozsonyi, Tamas Gyorgy, Kovesi, Kristof Zsombor, Kail, Rajmund, Toth, Benedek Mate, Csilling, Akos, Banati, Anna
Format: Conference Proceeding
Language:English
Published: IEEE 19-09-2024
Subjects:
Automotive engineering
Automotive network
Complexity theory
Connected vehicles
cyber-security
Electric potential
IDS
Informatics
Intelligent systems
Protocols
Real-time systems
Security
SIEM
V-SOC
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Modern vehicles' increasing connectivity and complexity have made them susceptible to various cyber threats. To address this, Security Information and Event Management systems (SIEM), commonly used in IT environments, are being adapted for the automotive domain. This paper presents an approach for implementing a SIEM system within a simulated au-tomotive network. Our implementation focuses on the Controller Area Network (CAN) bus communication protocol. We simulate interactions between Electronic Control Units (ECUs) using the Unified Diagnostic Services (UDS) protocol to implement a security mechanism to protect defined services. By forwarding communication traffic to a cloud-based SIEM system, we analyze real-time data to detect anomalies and potential security breaches. This work lays the groundwork for our research in the domain of Vehicle Security Operation Center (V-SOC), and the SIEM solution for connected vehicles.
ISSN:1949-0488
DOI:10.1109/SISY62279.2024.10737536