This work addresses a novel class of “time-triggered” adversarial attacks on in-vehicle networks (IVNs) of intelligent connected vehicles—where temporally controlled malicious messages progressively disrupt ECU communications and compromise safety-critical functions. To tackle this threat, we first formalize a time-triggered adversarial threat model; second, we release STEIA9, the first open-source dataset specifically designed for such attacks; third, we develop MDHP-GDS, a GPU-accelerated gradient descent solver for multidimensional Hawkes processes; and fourth, we propose MDHP-Net, a detection framework jointly modeling temporal dynamics and message-level features. Evaluated across CAN, DoIP, and SOME/IP protocols under nine Ethernet-based attack scenarios, MDHP-Net significantly outperforms three baseline methods. Empirical validation further confirms both the feasibility of these attacks on real-world ADAS and SOME/IP systems and the practical detectability of our approach.

The integration of intelligent and connected technologies in modern vehicles, while offering enhanced functionalities through Electronic Control Unit (ECU) and interfaces like OBD-II and telematics, also exposes the vehicle's in-vehicle network (IVN) to potential cyberattacks. Unlike prior work, we identify a new time-exciting threat model against IVN. These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions. We systematically analyze the characteristics of the threat: dynamism, time-exciting impact, and low prior knowledge dependency. To validate its practicality, we replicate the attack on a real Advanced Driver Assistance System via Controller Area Network (CAN), exploiting Unified Diagnostic Service vulnerabilities and proposing four attack strategies. While CAN's integrity checks mitigate attacks, Ethernet migration (e.g., DoIP/SOME/IP) introduces new surfaces. We further investigate the feasibility of time-exciting threat under SOME/IP. To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures. Meanwhile, to estimate MDHP parameters, we developed the first GPU-optimized gradient descent solver for MDHP (MDHP-GDS). These modules significantly improves the detection rate under time-exciting attacks in multi-ECU IVN system. To address data scarcity, we release STEIA9, the first open-source dataset for time-exciting attacks, covering 9 Ethernet-based attack scenarios. Extensive experiments on STEIA9 (9 attack scenarios) show MDHP-Net outperforms 3 baselines, confirming attack feasibility and detection efficacy.