Context Aware Anomaly Detection in Automotive CAN Without Decoding
Ravi Rajput
DEF CON 33 · Day 1 · Main Stage
In this DEF CON presentation, Ravi Rajput, a Principal Architect at New Tech Global, addresses the critical challenge of securing the **Controller Area Network (CAN) bus** in modern vehicles. The talk, titled "Context Aware Anomaly Detection in Automotive CAN Without Decoding," introduces an innovative approach to detect malicious activity on the CAN bus using **unsupervised machine learning**, specifically **Long Short-Term Memory (LSTM)** networks and **Variational Autoencoders (VAE)**. The core of Rajput's methodology lies in identifying deviations from normal message patterns and timing, rather than relying on traditional, often unscalable, decoding methods.
AI review
Legitimate automotive security research applying LSTM VAE to CAN anomaly detection without protocol decoding — a real problem with a reasonable solution. The core idea is sound and the no-decode framing for fleet scalability is the talk's genuine contribution, but the approach isn't novel enough to stand out at DEF CON in 2024, and the truncated demo undercuts the credibility of the claims.