Abstract: It is well known that controller area network (CAN) is the most widely used bus, whose advantages are low cost, strong anti-interference and supporting distributed serial communication. Unfortunately, the ineradicable security flaws have been investigated such as no authentication, no encryption and multiple remote connection ports, and thus it is the main target of hacker attack. In this paper, the recent automobile network security accidents may be reviewed at first, and relevant intrusion types are listed, in which the replay and discard are the most common attack methods.Then, the causes of CAN bus vulnerability will be analyzed, and the corresponding solutions are offered simultaneously. Finally, the information entropy and relative entropy are applied to detect the illegal intrusion, and the results have been simulated by CANoe software, showing the outstanding validity. In fact, eliminating illegal network intrusion is so tough that further research is needed under controller area network with flexible data-rate (CAN-FD) new frameworks to satisfy higher requirement such as security and real-time performance in future.

Key words: Vehicle CAN bus; Cybersecurity; Safety protection technology; Relative entropy; Machine learning

摘要： 控制器局域网（CAN）络总线因成本低、抗干扰性强及支持分布式串行通信等优点成 为应用最广泛的车载总线，相对应地 CAN 总线协议又因存在无认证、无加密及多个远程连接 端口等安全漏洞，成为黑客攻击的主要焦点。文章首先回顾了近期汽车网络安全事故，并列 举了主要的入侵类型，其中重放和丢弃为最常见的攻击方式，然后分析了 CAN 总线脆弱的原 因并给出了对应的解决策略，最后应用信息熵和相对熵进行了入侵检测，并利用 CANoe 软件 进行仿真分析，结果表明该方法较为有效，考虑到消除网络非法入侵的艰巨性，以及满足安 全性和实时性等更高要求，未来还需要在基于可变速率（CAN-FD）等新构架下进行更加深入 地研究。

关键词: 车载 CAN 总线；网络安全；安全防护技术；相对熵；机器学习