Campus Units

Electrical and Computer Engineering

Document Type

Conference Proceeding


AutoSec 2019

Publication Version

Accepted Manuscript

Link to Published Version

Publication Date




Conference Title

AutoSec 2019

Conference Date

March 27, 2019


Dallas, TX


The modern vehicle has transformed from a purely mechanical system to a system that embeds several electronic devices. These devices communicate through the in-vehicle network for enhanced safety and comfort but are vulnerable to cyber-physical risks and attacks. A well-known technique of detecting these attacks and unusual events is by using intrusion detection systems. Anomalies in the network occur at unknown points and produce abrupt changes in the statistical features of the message stream. In this paper, we propose an anomaly-based intrusion detection approach using the cumulative sum (CUSUM) change-point detection algorithm to detect data injection attacks on the controller area network (CAN) bus. We leverage the parameters required for the change-point algorithm to reduce false alarm rate and detection delay. Using real dataset generated from a car in normal operation, we evaluate our detection approach on three different kinds of attack scenarios.


This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. Olufowobi, Habeeb, Uchenna Ezeobi, Eric Muhati, Gaylon Robinson, Clinton Young, Joseph Zambreno, and Gedare Bloom. "Anomaly Detection Approach Using Adaptive Cumulative Sum Algorithm for Controller Area Network." (2019). DOI: 10.1145/3309171.3309178.

Copyright Owner

The Authors



File Format


Published Version


Article Location