Abstract: A gateway that notifies a fraud detection server located outside a vehicle of information about an in-vehicle network system including an in-vehicle network includes: a priority determiner that determines a priority using at least one of: a state of the vehicle including the in-vehicle network system; an identifier of a message communicated on the in-vehicle network; and a result of fraud detection performed on the message; a frame transmitter-receiver that transmits and receives the message communicated on the in-vehicle network; a frame interpreter that extracts information about the in-vehicle network based on the message received by the frame transmitter-receiver; and a frame uploader that notifies the fraud detection server of notification information including the priority and the information about the in-vehicle network.

Abstract: A statistical information generation device that generates statistical information from Ethernet frames on a mobility network includes: a transceiver that transmits and receives the Ethernet frames; and a statistical information generator that collects a plurality of Ethernet frames transmitted or received by the transceiver within a predetermined time period, and classifies, out of the plurality of Ethernet frames collected, Ethernet frames containing the same destination IP address, source IP address, destination port number, source port number, and protocol, and containing, in payloads, same identification information related to mobility control, into the same group, generates the statistical information for each group from the Ethernet frames classified into groups, and transmits the generated statistical information from the transceiver.

Abstract: An electronic control unit (ECU) is provided. The ECU is connected to a first network in an onboard network system. The onboard network system includes the first network and a second network. In the first network, first-type frames are transmitted following a first communication protocol. In the second network, second-type frames are transmitted following a second communication protocol. The first-type frame includes first information serving as a base for the second-type frame to be transmitted to the second network, and second information indicating that the first-type frame includes information that is to be transmitted to the second network. The ECU includes a generator that generates the first-type frame following the first communication protocol, and a transmitter that transmits, to the first network, the first-type frame generated by the generator.

Abstract: An information processing method of processing data frames flowing over an onboard network includes a frame collecting step of obtaining, from each of received data frames, a payload included in the data frame and configured of at least one field, and recording in a reception log as one record, and a field extracting step of calculating, regarding each of a plurality of payload splitting pattern candidates indicating different regions within payloads of the plurality of data frames, one or more features relating to time-sequence change of values of the payload in the region, from the plurality of records, selecting a payload splitting pattern indicating a region of a field within the payload, based on the features, and outputting field extracting results indicating the region indicated by the selected payload splitting pattern candidate, and a category of the field based on the features.

Abstract: An abnormality detection method is provided. The abnormality detection method is for detecting an abnormality that may be transmitted to a bus in an on-board network system. The on-board network system includes a plurality of electronic controllers that transmit and receive messages via the bus in a mobility entity. In the abnormality detection method, for example, a gateway transmits identification information to a server and receives a response determining a unit time. An operation process is performed using feature information based on a number of messages received from the bus per the determined unit time and using a model indicating a criterion in terms of a message occurrence frequency. A judgment is made as to an abnormality according to a result of the operation process.

Abstract: In an authentication method, a first controller generates a first group key, executes first mutual authentication with devices within a group, and shares the first group key with devices that have succeeded in the first mutual authentication. When a second controller joins the group, the first controller decides which coordinator manages a group key used in common. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator when the second mutual authentication is successful. The coordinator performs encrypted communication within the group using the first group key, generates a second group key when the first group key valid time runs out and before updating the first group key, executes third mutual authentication with the devices and a third controller, and updates the first group key of the devices and the third controller that have succeeded in the third authentication.

Abstract: A method for use in a network communication system including a plurality of electronic controllers that communicate with each other via a bus in accordance with a Controller Area Network (CAN) protocol determines whether or not content of a predetermined field in a frame which has started to be transmitted meets a predetermined condition indicating fraud. In a case where the content of the predetermined field meets the predetermined condition, an error frame is transmitted before an end of the frame is transmitted. A number of times the error frame is transmitted is recorded for each identifier (ID) represented by content of an ID field included in a plurality of frames which has been transmitted. A malicious electronic controller is determined in accordance with the number of times recorded for each ID.

Abstract: An unauthorized activity detection method in an onboard network system. The detection method includes determining whether or not a message sent out onto the network is an attack message, saving information relating to the attack message in at least one memory in a case where the message is an attack message, identifying a communication pattern from information relating to the attack message, and determining whether or not the message matches a communication pattern. The determination of whether an attack message and determination of whether matching a communication pattern are executed on each of a plurality of messages received from the network. In the determining of whether an attack message executed on a message received after executing of determining of whether matching a communication pattern, results of the determination of whether an attack message that has already be executed are used.

Abstract: In a fraud-detection method for use in an in-vehicle network system including a plurality of electronic control units (ECUs) that exchange messages on a plurality of networks, a plurality of fraud-detection ECUs each connected to a different one of the networks, and a gateway device, a fraud-detection ECU determines whether a message transmitted on a network connected to the fraud-detection ECU is malicious by using rule information stored in a memory. The gateway device receives updated rule information transmitted to a first network among the networks, selects a second network different from the first network, and transfers the updated rule information only to the second network. A fraud-detection ECU connected to the second network acquires the updated rule information and updates the rule information stored therein by using the updated rule information.

Abstract: A network hub is provided for an onboard network system. The onboard network system includes first and second networks for transmission of first-type and second-type frames following first and second communication protocols. The network hub includes a receiver that receives a first-type frame. A processor determines whether or not the first-type frame received by the receiver includes first information that is a base for a second-type frame to be transmitted to the second network, to obtain a determination result, and selects a port to send a frame based on the first-type frame based on the determination result. A transmitter sends the frame based on the first-type frame to a wired transmission path connected to the port selected by the processor based on the first-type frame received by the receiver.

Abstract: An information management method collects log information of one or more home electrical apparatuses corresponding to service providers. Display screen data is generated which indicates a status of the log information. The display screen data includes groups of information which each contain information on an apparatus, a service provider corresponding to the apparatus, and log information output from the apparatus. Provision of the log information of each group is individually selectable. The display screen data is provided via a network to a display terminal that performs access to a server device. Information is received from the display terminal, which indicates that selection on whether or not provision of the log information is performed. Provision of the log information is not performed on the selected group when a determination is made that refusal of provision of the log information on the selected group is performed.

Abstract: An electronic control unit connected to a bus of a first network where first-type frames are transmitted following a first communication protocol and a second network where second-type frames are transmitted following a second communication protocol in an onboard network system. The electronic control unit sequentially receives the first-type and the second-type frames from the bus and the second network respectively, and stores in first and second reception buffers, respectively. The electronic control unit sequentially generates first-type data and second-type data by referencing the contents of the first reception buffer and the second reception buffer, and stores the first-type and second-type data in first and second transmission buffers, respectively. The first-type data is traveling control data for a vehicle, and the second-type data is other data. The first-type or second-type data that is priority type data is transmitted with priority.

Abstract: An information processing method performed by an information processing system including a storage device to process a plurality of data frames flowing in an in-vehicle network including at least one electronic control unit includes a receiving step of sequentially receiving a plurality of data frames flowing in the in-vehicle network, a frame collection step of recording, in a reception log held in the storage device, reception interval information indicating reception intervals between the plurality of data frames as frame information, a feature acquisition step of acquiring, from the reception interval information, a feature relating to distribution of the reception intervals between the plurality of data frames, and an unauthorized data presence determination step of determining the presence/absence of an unauthorized data frame among the plurality of data frames.

Abstract: An electronic control unit (ECU) is provided. The ECU is connected to a first network in an onboard network system. The onboard network system includes the first network and a second network. In the first network, first-type frames are transmitted following a first communication protocol. In the second network, second-type frames are transmitted following a second communication protocol. The ECU generates first-type frames following the first communication protocol, and transmits the generated first-type frames to the first network. The ECU receives external information indicating state information of a device on the onboard network system received from another electronic control unit connected to the first network or the second network, or receives external information indicating information received from a communication module configured to communicate with the server via an external network.

Abstract: A hub is connected to first and second networks where first-type and second-type frames are transmitted following first and second communication protocols. The hub sequentially receives each of the first-type and second-type frames, and stores data in first and second reception buffers. If the destination of data stored in the first and second reception buffers is the first network, the hub stores the data in a first transmission buffer. If the destination is the second network, the hub stores the data in a second transmission buffer. If the first transmission buffer is a priority transmission buffer, the hub transmits priority data in the first transmission buffer with priority over non-priority data in the second transmission buffer, which is a non-priority transmission buffer.

Abstract: A security apparatus includes a receiver that receives a frame front at least one network, a parameter storage that stores at least one examination parameter defining a content of an examination on a frame, and processing circuitry that performs operations. The operations include judging whether a predetermined condition is satisfied for the frame received by the receiver. When the predetermined condition is satisfied, updating the stored at least one examination parameter, and when the predetermined condition is not satisfied, not updating the stored at least one examination parameter. The operations also include executing an examination, based on the stored at least one examination parameter, as to whether the frame received by the receiver is an attack frame, and performing a process depending on a result of the execution of the examination such that an influence of an attack frame on at least one electronic control unit is suppressed.

Abstract: A misuse detection method used in an electronic control unit in a vehicle network system including multiple electronic control units that communicate with one another through networks. The misuse detection method includes receiving a target data frame at one time point, and receiving a reference data frame at another time point different than the one time point. The misuse detection method further includes performing, as misuse detection for the target data frame based on a certain rule specifying a reception interval between the one time point at which the target data frame is received and the other time point at which the reference data frame is received, and determining the target data frame received is for misuse based on a length of the reception interval.

Abstract: An information processing method of processing data frames flowing over an onboard network includes a frame collecting step of obtaining, from each of received data frames, a payload included in the data frame and configured of at least one field, and recording in a reception log as one record, and a field extracting step of calculating, regarding each of a plurality of payload splitting pattern candidates indicating different regions within payloads of the plurality of data frames, one or more features relating to time-sequence change of values of the payload in the region, from the plurality of records, selecting a payload splitting pattern indicating a region of a field within the payload, based on the features, and outputting field extracting results indicating the region indicated by the selected payload splitting pattern candidate, and a category of the field based on the features.

Abstract: A first controller generates a first group key, executes first mutual authentication with devices within a group, and shares the first group key with the devices that have succeeded in first mutual authentication. When a second controller joins the group, the first controller decides a coordinator that manages a group key used in common in the group. The first controller executes second mutual authentication with the coordinator, and shares the first group key with the coordinator when the second mutual authentication is successful. The coordinator performs encrypted communication within the group using the first group key, generates a second group key when valid time of the first group key is equal to or smaller than a predetermined value, executes third mutual authentication with the devices and a third controller, and updates the first group key of the devices and the third controller that have succeeded in the third authentication.

Abstract: An unauthorized activity detection method in an onboard network system. The detection method includes determining whether or not a message sent out onto the network is an attack message, saving information relating to the attack message in at least one memory in a case where the message is an attack message, identifying a communication pattern from information relating to the attack message, and determining whether or not the message matches a communication pattern. The determination of whether an attack message and determination of whether matching a communication pattern are executed on each of a plurality of messages received from the network. In the determining of whether an attack message executed on a message received after executing of determining of whether matching a communication pattern, results of the determination of whether an attack message that has already be executed are used.