A Scalable Hierarchical Intrusion Detection System for Internet of Vehicles

• URL: http://arxiv.org/abs/2505.16215v1
• Date: Thu, 22 May 2025 04:30:26 GMT
• Title: A Scalable Hierarchical Intrusion Detection System for Internet of Vehicles
• Authors: Md Ashraf Uddin, Nam H. Chu, Reza Rafeh, Mutaz Barika,
• Abstract summary: Internet of Vehicles (IoV) is prone to various cyber threats, ranging from spoofing and Distributed Denial of Services (DDoS) attacks to malware.<n>To safeguard the IoV ecosystem from intrusions, malicious activities, policy violations, intrusion detection systems (IDS) play a critical role by continuously monitoring and analyzing network traffic to identify and mitigate potential threats in real-time.<n>This paper proposes an effective hierarchical classification framework tailored for IoV networks.
• Score: 1.6017263994482716
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Due to its nature of dynamic, mobility, and wireless data transfer, the Internet of Vehicles (IoV) is prone to various cyber threats, ranging from spoofing and Distributed Denial of Services (DDoS) attacks to malware. To safeguard the IoV ecosystem from intrusions, malicious activities, policy violations, intrusion detection systems (IDS) play a critical role by continuously monitoring and analyzing network traffic to identify and mitigate potential threats in real-time. However, most existing research has focused on developing centralized, machine learning-based IDS systems for IoV without accounting for its inherently distributed nature. Due to intensive computing requirements, these centralized systems often rely on the cloud to detect cyber threats, increasing delay of system response. On the other hand, edge nodes typically lack the necessary resources to train and deploy complex machine learning algorithms. To address this issue, this paper proposes an effective hierarchical classification framework tailored for IoV networks. Hierarchical classification allows classifiers to be trained and tested at different levels, enabling edge nodes to detect specific types of attacks independently. With this approach, edge nodes can conduct targeted attack detection while leveraging cloud nodes for comprehensive threat analysis and support. Given the resource constraints of edge nodes, we have employed the Boruta feature selection method to reduce data dimensionality, optimizing processing efficiency. To evaluate our proposed framework, we utilize the latest IoV security dataset CIC-IoV2024, achieving promising results that demonstrate the feasibility and effectiveness of our models in securing IoV networks.

Related papers

• CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
  This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
  arXiv  Detail & Related papers  (2025-07-19T20:09:52Z)
• A Joint Reconstruction-Triplet Loss Autoencoder Approach Towards Unseen Attack Detection in IoV Networks [6.229535970620059]
  We present an unsupervised autoencoder method trained entirely on benign network data for unseen attack detection in IoV networks.<n>We show that our method performs robustly for all unseen attack types, with roughly 99% accuracy on benign data and between 97% and 100% performance on anomaly data.
  arXiv  Detail & Related papers  (2025-05-27T19:40:57Z)
• Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
  This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.<n>We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.<n>This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
  arXiv  Detail & Related papers  (2025-04-22T09:40:05Z)
• Feature Selection via GANs (GANFS): Enhancing Machine Learning Models for DDoS Mitigation [0.0]
  We introduce a novel Generative Adversarial Network-based Feature Selection (GANFS) method for detecting Distributed Denial of Service (DDoS) attacks.<n>By training a GAN exclusively on attack traffic, GANFS effectively ranks feature importance without relying on full supervision.<n>Results point to the potential of integrating generative learning models into cybersecurity pipelines to build more adaptive and scalable detection systems.
  arXiv  Detail & Related papers  (2025-04-21T20:27:33Z)
• MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN [42.74889568823579]
  We identify a new time-exciting threat model against in-vehicle network (IVN)<n>These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions.<n>To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures.
  arXiv  Detail & Related papers  (2025-04-16T08:41:24Z)
• Intrusion Detection in IoT Networks Using Hyperdimensional Computing: A Case Study on the NSL-KDD Dataset [0.2399911126932527]
  The rapid expansion of Internet of Things (IoT) networks has introduced new security challenges.<n>In this study, a detection framework based on hyperdimensional computing (HDC) is proposed to identify and classify network intrusions.<n>The proposed approach effectively distinguishes various attack categories such as DoS, probe, R2L, and U2R, while accurately identifying normal traffic patterns.
  arXiv  Detail & Related papers  (2025-03-04T22:33:37Z)
• Federated Learning-Driven Cybersecurity Framework for IoT Networks with Privacy-Preserving and Real-Time Threat Detection Capabilities [0.0]
  Traditional centralized security methods often struggle to balance privacy preservation and real-time threat detection in IoT networks.<n>This study proposes a Federated Learning-Driven Cybersecurity Framework designed specifically for IoT environments.<n>Secure aggregation of locally trained models is achieved using homomorphic encryption, allowing collaborative learning without exposing sensitive information.
  arXiv  Detail & Related papers  (2025-02-14T23:11:51Z)
• MDHP-Net: Detecting an Emerging Time-exciting Threat in IVN [42.74889568823579]
  We identify a new time-exciting threat model against in-vehicle network (IVN)<n>These attacks inject malicious messages that exhibit a time-exciting effect, gradually manipulating network traffic to disrupt vehicle operations and compromise safety-critical functions.<n>To detect time-exciting threat, we introduce MDHP-Net, leveraging Multi-Dimentional Hawkes Process (MDHP) and temporal and message-wise feature extracting structures.
  arXiv  Detail & Related papers  (2024-11-15T15:05:01Z)
• Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
  We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
  arXiv  Detail & Related papers  (2024-01-22T14:16:37Z)
• Detecting Unknown Attacks in IoT Environments: An Open Set Classifier for Enhanced Network Intrusion Detection [5.787704156827843]
  In this paper, we introduce a framework aimed at mitigating the open set recognition (OSR) problem in the realm of Network Intrusion Detection Systems (NIDS) tailored for IoT environments. Our framework capitalizes on image-based representations of packet-level data, extracting spatial and temporal patterns from network traffic. The empirical results prominently underscore the framework's efficacy, boasting an impressive 88% detection rate for previously unseen attacks.
  arXiv  Detail & Related papers  (2023-09-14T06:41:45Z)
• Measurement-driven Security Analysis of Imperceptible Impersonation Attacks [54.727945432381716]
  We study the exploitability of Deep Neural Network-based Face Recognition systems. We show that factors such as skin color, gender, and age, impact the ability to carry out an attack on a specific target victim. We also study the feasibility of constructing universal attacks that are robust to different poses or views of the attacker's face.
  arXiv  Detail & Related papers  (2020-08-26T19:27:27Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.