Detecting attacks on in-vehicle networks through a mobile app

The in-vehicle network is composed of Electronic Control Units (ECUs) that are used to control the electronic behavior of the vehicle. These components receive information from the sensors to take action if necessary. The most commonly used communication protocol in vehicles is the Controller Area Network (CAN), a broadcast system that provides efficient and economical communication. In this context, cybersecurity is essential to ensure driver safety and proper vehicle operation. An attacker could access the internal communication network of the car and read, modify, replicate, or block the data exchanged between the ECUs, leading to various issues such as providing the driver with incorrect information regarding some vehicle consumption data, or tampering with the brakes of the car by blocking the messages before they reach the ECUs. Therefore, it is necessary to detect anomalies and attacks at an early stage to protect the driver's safety and privacy. Once an attack is identified, a response is required. This article presents a prototype of a mobile application that receives notifications from the Vehicle Security Operations Center (V-SOC) if an attack is detected. An open-source data set has been used to test the attack phase. The results obtained for the attacks analyzed are about 100% for the accuracy, precision, recall, and F1 score, but since the proposed approach aims to show communication between the V-SOC and a mobile app, we do not consider the metrics. The mobile app receives data on vehicle performance from the back-end server and displays them to the user.