Autonomous vehicles (AVs) are more vulnerable to network attacks due to the high connectivity and diverse communication modes between vehicles and external networks. Deep learning-based Intrusion detection, an effective method for detecting network attacks, can provide functional safety as well as a real-time communication guarantee for vehicles, thereby being widely used for AVs. Existing works well for cyber-attacks such as simple-mode but become a higher false alarm with a resource-limited environment required when the attack is concealed within a contextual feature. In this paper, we present a novel automotive intrusion detection model with lightweight attribution and semantic fusion, named LSF-IDM. Our motivation is based on the observation that, when injected the malicious packets to the in-vehicle networks (IVNs), the packet log presents a strict order of context feature because of the periodicity and broadcast nature of the CAN bus. Therefore, this model first captures the context as the semantic feature of messages by the BERT language framework. Thereafter, the lightweight model (e.g., BiLSTM) learns the fused feature from an input packet's classification and its output distribution in BERT based on knowledge distillation. Experiment results demonstrate the effectiveness of our methods in defending against several representative attacks from IVNs. We also perform the difference analysis of the proposed method with lightweight models and Bert to attain a deeper understanding of how the model balance detection performance and model complexity.

翻译：自动驾驶汽车因与外部网络的高度连通性和多样化通信模式，更易遭受网络攻击。基于深度学习的入侵检测作为检测网络攻击的有效方法，可为车辆提供功能安全及实时通信保障，因而被广泛应用于自动驾驶汽车。现有方法能有效检测简单模式网络攻击，但当攻击隐藏在上下文特征中时，在资源受限环境下会导致较高的误报率。本文提出一种新颖的汽车入侵检测模型——LSF-IDM，其特色在于轻量级归因与语义融合。我们的动机源于如下观察：当恶意数据包被注入车载网络（IVNs）时，由于CAN总线的周期性与广播特性，数据包日志呈现出严格的上下文特征顺序。因此，该模型首先通过BERT语言框架捕获消息的上下文作为语义特征；随后，基于知识蒸馏，轻量级模型（如BiLSTM）从输入数据包的分类结果及其在BERT中的输出分布中学习融合特征。实验结果表明，该方法在防御数种典型车载网络攻击方面具有有效性。我们还对提出的方法、轻量级模型及BERT进行了差异分析，以更深入地理解模型如何平衡检测性能与模型复杂度。