Abstract
Utilizing deep learning models to detect malicious anomalies within the traffic of application layer J1939 protocol networks, found on heavy-duty commercial vehicles, is becoming a critical area of research in platform protection. At the physical layer, the controller area network (CAN) bus is the backbone network for most vehicles. The CAN bus is highly efficient and dependable, which makes it a suitable networking solution for automobiles where reaction time and speed are of the essence due to safety considerations. Much recent research has been conducted on securing the CAN bus explicitly; however, the importance of protecting the J1939 protocol is becoming apparent. Our research utilizes long short-term memory models to predict the next binary data sequence of a J1939 packet. Our primary objective is to compare the performance of our J1939 detection system trained on data sub-fields against a published CAN system trained on the full data payload. We conducted a series of experiments to evaluate both detection systems by utilizing a simulated attack representation to generate anomalies. We show that both detection systems outperform one another on a case-by-case basis and determine that there is a clear requirement for a multifaceted security approach for vehicular networks.