Towards Secure In-Vehicle Communication: Surveying CAN and Automotive Ethernet Threats, Standards, and Detection Techniques

As modern vehicles evolve into increasingly connected and autonomous systems, the security of in-vehicle networks (IVNs) has become a critical concern. The Controller Area Network (CAN) bus and automotive Ethernet are the two dominant communication protocols used within vehicles, each with distinct data structures and associated threat models. This survey provides a comprehensive overview of these two networks, detailing their data characteristics, known vulnerabilities, and publicly available datasets. Furthermore, we summarize the global landscape of automotive cybersecurity standards and regulations, highlighting efforts to standardize security practices across the industry. Building upon this foundation, we systematically review existing intrusion detection system (IDS) for CAN, including voltage-based physical-layer methods, rule-based and AI-driven detection techniques, and emerging cloud-vehicle collaborative frameworks. Meanwhile, we also examine state-of-the-art intrusion detection strategies tailored for automotive Ethernet. A key innovation of this review lies in its integrated perspective that bridges physical-layer analysis, intelligent detection algorithms, and cloud-based architectures across both CAN and Ethernet domains. By aligning technological insights with regulatory trends, this work aims to inform future research and development of robust, real-world-deployable in-vehicle IDSs.