Multi-Classification and Tree-Based Ensemble Network for the Intrusion Detection System in the Internet of Vehicles
Author:
Gou Wanting1, Zhang Haodi1, Zhang Ronghui2
Affiliation:
1. China Telecom Research Institute, Guangzhou 510630, China 2. Guangdong Provincial Key Laboratory of Intelligent Transport System, School of Intelligent Systems Engineering, Sun Yat-sen University, Guangzhou 510275, China
Abstract
The Internet of Vehicles(IoV) employs vehicle-to-everything (V2X) technology to establish intricate interconnections among the Internet, the IoT network, and the Vehicle Networks (IVNs), forming a complex vehicle communication network. However, the vehicle communication network is very vulnerable to attacks. The implementation of an intrusion detection system (IDS) emerges as an essential requisite to ensure the security of in-vehicle/inter-vehicle communication in IoV. Within this context, the imbalanced nature of network traffic data and the diversity of network attacks stand as pivotal factors in IDS performance. On the one hand, network traffic data often heavily suffer from data imbalance, which impairs the detection performance. To address this issue, this paper employs a hybrid approach combining the Synthetic Minority Over-sampling Technique (SMOTE) and RandomUnderSampler to achieve a balanced class distribution. On the other hand, the diversity of network attacks constitutes another significant factor contributing to poor intrusion detection model performance. Most current machine learning-based IDSs mainly perform binary classification, while poorly dealing with multiclass classification. This paper proposes an adaptive tree-based ensemble network as the intrusion detection engine for the IDS in IoV. This engine employs a deep-layer structure, wherein diverse ML models are stacked as layers and are interconnected in a cascading manner, which enables accurate and efficient multiclass classification, facilitating the precise identification of diverse network attacks. Moreover, a machine learning-based approach is used for feature selection to reduce feature dimensionality, substantially alleviating the computational overhead. Finally, we evaluate the proposed IDS performance on various cyber-attacks from the in-vehicle and external networks in IoV by using the network intrusion detection dataset CICIDS2017 and the vehicle security dataset Car-Hacking. The experimental results demonstrate remarkable performance, with an F1-score of 0.965 on the CICIDS2017 dataset and an F1-score of 0.9999 on the Car-Hacking dataset. These scores demonstrate that our IDS can achieve efficient and precise multiclass classification. This research provides a valuable reference for ensuring the cybersecurity of IoV.
Funder
Guangdong Basic and Applied Research Foundation
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference52 articles.
1. Cho, K.-T., and Shin, K.G. (2016, January 10–12). Fingerprinting Electronic Control Units for Vehicle Intrusion Detection. Proceedings of the 25th USENIX Security Symposium (USENIX Security 16), Austin, TX, USA. 2. A Practical Wireless Attack on the Connected Car and Security Protocol for In-Vehicle CAN;Woo;IEEE Trans. Intell. Transp. Syst.,2015 3. A Survey of Remote Automotive Attack Surfaces;Miller;Black Hat USA,2014 4. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., and Shacham, H. (2010, January 16–19). Experimental Security Analysis of a Modern Automobile. Proceedings of the 2010 IEEE Symposium on Security and Privacy, Washington, DC, USA. 5. Remote exploitation of an unaltered passenger vehicle;Miller;Black Hat USA,2015
Cited by
5 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|