A Survey of Learning-Based Intrusion Detection Systems for In-Vehicle Network
Muzun Althunayyan, Amir Javed, Omer Rana
TL;DR
This survey addresses cybersecurity challenges in in-vehicle networks, focusing on learning-based IDS approaches for CAN bus security in CAVs. It systematically categorizes IDS work into detection of known, unknown, and combined attack types, covering ML, DL, and federated learning methods, and analyzes evaluation metrics and deployment considerations. The review highlights limitations such as data labelling, non-IID data in FL, and the need for multi-metric deployable evaluations, and it provides future directions including streaming learning, adversarial robustness, and XAI for trustworthiness. Collectively, the paper offers a comprehensive roadmap to strengthen real-time, reliable protection for CAN-based vehicular networks and guides researchers toward more robust and privacy-preserving security solutions.
Abstract
Connected and Autonomous Vehicles (CAVs) enhance mobility but face cybersecurity threats, particularly through the insecure Controller Area Network (CAN) bus. Cyberattacks can have devastating consequences in connected vehicles, including the loss of control over critical systems, necessitating robust security solutions. In-vehicle Intrusion Detection Systems (IDSs) offer a promising approach by detecting malicious activities in real time. This survey provides a comprehensive review of state-of-the-art research on learning-based in-vehicle IDSs, focusing on Machine Learning (ML), Deep Learning (DL), and Federated Learning (FL) approaches. Based on the reviewed studies, we critically examine existing IDS approaches, categorising them by the types of attacks they detect - known, unknown, and combined known-unknown attacks - while identifying their limitations. We also review the evaluation metrics used in research, emphasising the need to consider multiple criteria to meet the requirements of safety-critical systems. Additionally, we analyse FL-based IDSs and highlight their limitations. By doing so, this survey helps identify effective security measures, address existing limitations, and guide future research toward more resilient and adaptive protection mechanisms, ensuring the safety and reliability of CAVs.
