US 12,494,927 B2
Scheduled-based low-latency detection for desynchronization attacks
Christopher Gutierrez, Hillsboro, OR (US); Marcio Juliato, Portland, OR (US); Manoj Sastry, Portland, OR (US); Vuk Lesi, Cornelius, OR (US); and Shabbir Ahmed, Hillsboro, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Jun. 29, 2023, as Appl. No. 18/215,951.
Prior Publication US 2025/0007738 A1, Jan. 2, 2025
Int. Cl. H04L 9/40 (2022.01); H04L 9/32 (2006.01); H04W 4/70 (2018.01); H04W 12/06 (2021.01)
CPC H04L 9/40 (2022.05) [H04L 9/3242 (2013.01); H04L 9/3297 (2013.01); H04W 4/70 (2018.02); H04W 12/06 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A method, comprising:
receiving a heartbeat message by an intrusion detection system (IDS) in a time sensitive network (TSN), the heartbeat message to comprise a heartbeat vector and a message authentication code (MAC), the heartbeat vector to comprise a set of immutable values, where each immutable value represents a timestamp associated with a network node in the TSN;
authenticating the heartbeat vector based on the message authentication code;
retrieving a pair of timestamps from the heartbeat vector;
determining an actual time difference based on the pair of timestamps;
retrieving an expected time difference associated with the pair of timestamps; and
detecting a desynchronization event for the TSN based on the actual time difference and the expected time difference using a machine learning model.