Affiliation:
1. Computer Science Department, University of Idaho, Moscow, ID, USA
Abstract
The emergence of Cooperative Intelligent Transportation Systems (cITS) simplifies the exchange of traffic situational information among vehicles within "close" proximity, which facilitates smooth traffic flow, reduces the congestion and saves energy. However, with such advantages come challenges represented by attackers who would compromise the vehicle system components, spoof false telemetry and/or control signals causing serious problems such as congestion and/or accidents. There is need for security mechanism that can identify and detect such misbehavior in cITSs more dependably. Several studies have proposed Intrusion Detection Systems (IDS) for cITS depending on the contextual data exchanged between neighboring nodes. Those solutions rely on classifiers trained and readjusted online to reflect the dynamic nature of the cITS environment. These models are usually trained with a set of features selected based on insufficient data. This makes the feature significance estimation inaccurate due to data insufficiency collected from the online systems immediately after the model was updated. In this paper we address this issue by introducing a Proportional Conditional Redundancy Coefficient (PCRC) technique. The technique is used in the Enhanced Joint Mutual Information (EJMI) feature selection for better feature significance estimation. At each iteration, the PCRC increases the redundancy of the candidate feature proportional to the number of already-selected features while taking into consideration the class label. Such conditional redundancy is estimated for the individual features, which gives the feature selection technique the ability to perceive the attack characteristics regardless of the common characteristics of the attack. Unlike existing works, the proposed technique increases the weight of the redundancy term proportional to the size of the selected set. Consequently, the likelihood that a feature is redundant, given the class label, increases when more features are added to the selected set. By applying the proposed EJMI to select the features from the Next Generation Simulation (NGSIM) dataset of cITS, more accurate IDS has been trained as shown by the evaluation results. This helps to better protect the nodes in cITS against the cyberattacks (e.g., falsified data).