What problem does this paper attempt to address?

The problem that this paper attempts to solve is to detect unknown network intrusions on the Audio - Video Transport Protocol (AVTP) in real - time in in - vehicle networks based on automotive Ethernet. Specifically, the paper aims to compare the performance of different unsupervised deep - learning and machine - learning algorithms in detecting AVTP protocol anomalies in real - time to deal with evolving network attacks. ### Problem Background 1. **Security Challenges in In - vehicle Networks** - With the development of vehicle - networking technologies, the attack surface of automobiles has expanded significantly, making in - vehicle networks based on automotive Ethernet increasingly vulnerable to network attacks. - These attacks may affect the protocols (such as AVTP) running on them, thereby interrupting critical media - stream transmissions and bringing serious safety and security issues. 2. **Limitations of Existing Methods** - Signature - based intrusion detection systems (IDS) cannot effectively deal with constantly changing new - type attacks because they need to frequently update the signature database. - Therefore, researchers have turned to anomaly - detection - based IDS, especially using deep - learning models to detect unknown attack patterns. ### Paper Objectives - **Evaluating Different Unsupervised Anomaly Detection Methods**: The paper compares different unsupervised deep - learning and machine - learning algorithms to detect the effect of unknown network attacks on the AVTP protocol based on automotive Ethernet in real - time. - **Evaluating Using Public Datasets**: The experiment uses the recently released "Automotive Ethernet Intrusion Detection" dataset, which contains malicious behaviors such as replay attacks. ### Main Contributions - It compares the real - time detection performance of multiple unsupervised anomaly detection methods on the AVTP protocol. - It uses a public dataset to evaluate the performance of these methods and shows the superiority of deep - learning models under different experimental settings. ### Solutions The paper adopts two main types of deep - learning models for anomaly detection: 1. **Convolutional Autoencoder (CAE)** - By reshaping the AVTP packet sequence into a two - dimensional image, it uses convolutional layers and deconvolutional layers to learn feature representations and reconstruct input data. - It detects anomalies by calculating the reconstruction error, that is, when the reconstruction error exceeds a predefined threshold, the sequence is considered abnormal. 2. **Long - Short - Term Memory Autoencoder (LSTMAE)** - It uses LSTM layers to process time - series data and can capture long - term dependencies. - It also detects anomalies by calculating the reconstruction error. In addition, it is also compared with traditional machine - learning methods (such as One - class SVM, Local Outlier Factor, Isolation Forest). ### Experimental Results - Deep - learning models (especially CAE) are significantly superior to traditional machine - learning methods in detecting anomalies on the AVTP protocol. - CAE shows better performance under different window lengths, especially when dealing with longer sequences, it can more effectively capture correlations. - Although LSTMAE also performs well, it has the problem of vanishing or exploding gradients when dealing with long sequences, resulting in its performance being inferior to that of CAE. ### Conclusion The paper shows the potential of deep - learning models in detecting unknown attacks in in - vehicle networks in real - time, especially the advantages of the Convolutional Autoencoder (CAE) in dealing with high - dimensional data and complex patterns. This provides new directions and tools for future in - vehicle network security research.