Lightweight CNN-Based Intrusion Detection for Automotive CAN Bus in Light Commercial Vehicles
| dc.contributor.author | Tüfekcioğlu, Emre | |
| dc.contributor.author | Hanilçi, Cemal | |
| dc.contributor.author | Gürkan, Hakan | |
| dc.date.accessioned | 2026-02-08T15:04:47Z | |
| dc.date.available | 2026-02-08T15:04:47Z | |
| dc.date.issued | 2025 | |
| dc.department | Bursa Teknik Üniversitesi | |
| dc.description.abstract | With the rapid advancement of digitalization and automation, modern vehicles, especially in the light commercial segment, have evolved into complex, interconnected platforms resembling mobile computing systems. This transformation has increased the dependency on in-vehicle communication networks and, as a result, exposed them to a wider range of cybersecurity threats. A fundamental aspect of the proposed method is the use of a lightweight CNN model specific for deployment in embedded automotive environments with limited computational resources and optimized for efficiency. Operating on low-power hardware platforms such as edge ECUs, the tiny device developed in this study works effectively unlike conventional deep learning architectures seeking high processing power and memory. Despite its minimal computational footprint, the model is capable of accurately distinguishing between legitimate and spoofed communication traffic, as well as detecting a variety of attack forms that target different CAN protocol components. The performance metrics of the model further highlight its effectiveness, achieving a ROC AUC Score of 0.9887, an Accuracy of 0.9887, a Precision of 0.9825, a Recall of 0.9952, and an F1-Score of 0.9888. Particularly for real-time on-vehicle intrusion detection systems, this harmony between performance and efficiency makes the strategy especially important. Just as importantly is the introduction of a specifically produced hybrid dataset, which is fundamental for system evaluation and training. The dataset aggregates synthetic generated attack scenarios with real-world spoofing, injection, and denial-of- service (DoS) conditions using actual CAN traffic acquired from a J1939-compliant light commercial vehicle. Standard 11-bit identities combined with industrial communication protocols help the dataset to reflect real-world vehicle dynamics across several ECUs under various scenarios. The model can learn fine-grained patterns often missed by conventional rule-based or manually engineered approaches by means of the image-like transformation of CAN messages—preserving bit-level and temporal information. In intelligent transportation systems, the lightweight CNN architecture and the strong dataset combine to create a scalable and deployable IDS framework that can improve in-vehicle cybersecurity. | |
| dc.identifier.doi | 10.38088/jise.1717959 | |
| dc.identifier.endpage | 267 | |
| dc.identifier.issn | 2602-4217 | |
| dc.identifier.issue | 2 | |
| dc.identifier.startpage | 259 | |
| dc.identifier.trdizinid | 1370655 | |
| dc.identifier.uri | https://doi.org/10.38088/jise.1717959 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.12885/4178 | |
| dc.identifier.volume | 9 | |
| dc.indekslendigikaynak | TR-Dizin | |
| dc.language.iso | en | |
| dc.publisher | Bursa Teknik Üniversitesi | |
| dc.relation.ispartof | Journal of Innovative Science and Engineering | |
| dc.relation.publicationcategory | Makale - Ulusal Hakemli Dergi - Kurum Öğretim Elemanı | |
| dc.rights | info:eu-repo/semantics/openAccess | |
| dc.snmz | KA_DergiPark_20260207 | |
| dc.subject | Deep Learning | |
| dc.subject | Derin Öğrenme | |
| dc.title | Lightweight CNN-Based Intrusion Detection for Automotive CAN Bus in Light Commercial Vehicles | |
| dc.type | Article |
