Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

ADVENT: Attack/Anomaly Detection in VANETs

Hamideh Baharlouei, Adetokunbo Makanju, Nur Zincir-Heywood

TL;DR

This work tackles securing VANETs by addressing the dual challenge of real-time attack-onset detection and attribution of malicious nodes. It proposes ADVENT, a three-layer framework that fuses statistical (MAD) and machine-learning (XGBoost/CNN) techniques with Federated Learning to preserve privacy while enabling collaborative detection. The key contributions include a novel data preprocessing pipeline that yields compact yet informative features, a multi-stage detection pipeline that rapidly identifies attack onsets and then malicious actors, and the integration of SMOTE to counter data imbalance, all evaluated on realistic, city-scale VANET simulations. The results demonstrate high detection rates (DR) and low false negatives, with average onset detection within one second and substantial privacy-preserving improvements over centralized baselines, underscoring ADVENT’s potential for real-world deployment in safe, scalable VANET security systems.

Abstract

In the domain of Vehicular Ad hoc Networks (VANETs), where the imperative of having a real-world malicious detector capable of detecting attacks in real-time and unveiling their perpetrators is crucial, our study introduces a system with this goal. This system is designed for real-time detection of malicious behavior, addressing the critical need to first identify the onset of attacks and subsequently the responsible actors. Prior work in this area have never addressed both requirements, which we believe are necessary for real world deployment, simultaneously. By seamlessly integrating statistical and machine learning techniques, the proposed system prioritizes simplicity and efficiency. It excels in swiftly detecting attack onsets with a remarkable F1-score of 99.66%, subsequently identifying malicious vehicles with an average F1-score of approximately 97.85%. Incorporating federated learning in both stages enhances privacy and improves the efficiency of malicious node detection, effectively reducing the false negative rate.

ADVENT: Attack/Anomaly Detection in VANETs

TL;DR

This work tackles securing VANETs by addressing the dual challenge of real-time attack-onset detection and attribution of malicious nodes. It proposes ADVENT, a three-layer framework that fuses statistical (MAD) and machine-learning (XGBoost/CNN) techniques with Federated Learning to preserve privacy while enabling collaborative detection. The key contributions include a novel data preprocessing pipeline that yields compact yet informative features, a multi-stage detection pipeline that rapidly identifies attack onsets and then malicious actors, and the integration of SMOTE to counter data imbalance, all evaluated on realistic, city-scale VANET simulations. The results demonstrate high detection rates (DR) and low false negatives, with average onset detection within one second and substantial privacy-preserving improvements over centralized baselines, underscoring ADVENT’s potential for real-world deployment in safe, scalable VANET security systems.

Abstract

In the domain of Vehicular Ad hoc Networks (VANETs), where the imperative of having a real-world malicious detector capable of detecting attacks in real-time and unveiling their perpetrators is crucial, our study introduces a system with this goal. This system is designed for real-time detection of malicious behavior, addressing the critical need to first identify the onset of attacks and subsequently the responsible actors. Prior work in this area have never addressed both requirements, which we believe are necessary for real world deployment, simultaneously. By seamlessly integrating statistical and machine learning techniques, the proposed system prioritizes simplicity and efficiency. It excels in swiftly detecting attack onsets with a remarkable F1-score of 99.66%, subsequently identifying malicious vehicles with an average F1-score of approximately 97.85%. Incorporating federated learning in both stages enhances privacy and improves the efficiency of malicious node detection, effectively reducing the false negative rate.
Paper Structure (29 sections, 8 equations, 19 figures, 5 tables)

This paper contains 29 sections, 8 equations, 19 figures, 5 tables.

Table of Contents

  1. Introduction
  2. Related work
  3. VANETs
  4. Using Statistical Techniques for Malicious Node Detection
  5. Using Machine learning for Attack Detection
  6. Federated Learning
  7. Drawbacks of Prior Work
  8. Methodology/System Overview
  9. Components of the System
  10. Nodes (Vehicles)
  11. Central Server in the Cloud
  12. Communication Links
  13. Cold Start Phase
  14. Data Processing
  15. System's Regular Operation
  16. ...and 14 more sections

Figures (19)

  • Figure 1: Proposed system: Attack/Anomaly Detection in Vehicular NeTworks (ADVENT)
  • Figure 2: The Attack Onset Detection system
  • Figure 3: The Malicious Node Detection system
  • Figure 4: The Federated Learning-Attack Onset Detection system
  • Figure 5: The Federated Learning-Malicious Node Detection system
  • ...and 14 more figures