Detection of zero-day attacks via sample augmentation for the Internet of Vehicles

IF 5.8 2区计算机科学 Q1 TELECOMMUNICATIONS

Vehicular Communications Pub Date : 2025-01-21 DOI:10.1016/j.vehcom.2025.100887

Bingfeng Xu, Jincheng Zhao, Bo Wang, Gaofeng He

{"title":"Detection of zero-day attacks via sample augmentation for the Internet of Vehicles","authors":"Bingfeng Xu, Jincheng Zhao, Bo Wang, Gaofeng He","doi":"10.1016/j.vehcom.2025.100887","DOIUrl":null,"url":null,"abstract":"Detecting zero-day attacks is a critical challenge in the Internet of Vehicles (IoV). Due to the limited availability of labeled attack data, anomaly-based methods are predominantly employed. However, the variability in the driving environment and behavioral patterns of vehicles introduces significant fluctuations in normal behavior, which in turn leads to high false positive rates when using these methods. In this work, we propose a novel detection method for zero-day attacks in IoV through sample augmentation. We first analyze the similarities between known and zero-day attacks in IoV. Based on the analysis, a Few-shot Learning Conditional Generative Adversarial Network (FLCGAN) model with multiple generators and discriminators is developed. Within this framework, an attack sample augmentation algorithm is designed to enhance input data by expanding the known attack dataset, thereby reducing false positives. To address the data imbalance caused by the limited number of input attack samples, an ensemble focal loss function is incorporated into the generator to ensure diversity and dispersion of the generated samples. Additionally, a collaborative focal loss function is introduced into the discriminator to improve the classification of difficult-to-classify data. A theoretical analysis is also conducted on the coverage of samples generated by the model. Extensive experiments conducted on the IoV simulation tool Framework For Misbehavior Detection (F2MD) demonstrate that the proposed method surpasses existing approaches in both detection effect and detection delay for zero-day attacks.","PeriodicalId":54346,"journal":{"name":"Vehicular Communications","volume":"23 1","pages":""},"PeriodicalIF":5.8000,"publicationDate":"2025-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vehicular Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1016/j.vehcom.2025.100887","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

Detecting zero-day attacks is a critical challenge in the Internet of Vehicles (IoV). Due to the limited availability of labeled attack data, anomaly-based methods are predominantly employed. However, the variability in the driving environment and behavioral patterns of vehicles introduces significant fluctuations in normal behavior, which in turn leads to high false positive rates when using these methods. In this work, we propose a novel detection method for zero-day attacks in IoV through sample augmentation. We first analyze the similarities between known and zero-day attacks in IoV. Based on the analysis, a Few-shot Learning Conditional Generative Adversarial Network (FLCGAN) model with multiple generators and discriminators is developed. Within this framework, an attack sample augmentation algorithm is designed to enhance input data by expanding the known attack dataset, thereby reducing false positives. To address the data imbalance caused by the limited number of input attack samples, an ensemble focal loss function is incorporated into the generator to ensure diversity and dispersion of the generated samples. Additionally, a collaborative focal loss function is introduced into the discriminator to improve the classification of difficult-to-classify data. A theoretical analysis is also conducted on the coverage of samples generated by the model. Extensive experiments conducted on the IoV simulation tool Framework For Misbehavior Detection (F2MD) demonstrate that the proposed method surpasses existing approaches in both detection effect and detection delay for zero-day attacks.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Vehicular Communications Engineering-Electrical and Electronic Engineering

CiteScore

12.70

自引率

10.40%

发文量

审稿时长

62 days

期刊介绍： Vehicular communications is a growing area of communications between vehicles and including roadside communication infrastructure. Advances in wireless communications are making possible sharing of information through real time communications between vehicles and infrastructure. This has led to applications to increase safety of vehicles and communication between passengers and the Internet. Standardization efforts on vehicular communication are also underway to make vehicular transportation safer, greener and easier. The aim of the journal is to publish high quality peer–reviewed papers in the area of vehicular communications. The scope encompasses all types of communications involving vehicles, including vehicle–to–vehicle and vehicle–to–infrastructure. The scope includes (but not limited to) the following topics related to vehicular communications: Vehicle to vehicle and vehicle to infrastructure communications Channel modelling, modulating and coding Congestion Control and scalability issues Protocol design, testing and verification Routing in vehicular networks Security issues and countermeasures Deployment and field testing Reducing energy consumption and enhancing safety of vehicles Wireless in–car networks Data collection and dissemination methods Mobility and handover issues Safety and driver assistance applications UAV Underwater communications Autonomous cooperative driving Social networks Internet of vehicles Standardization of protocols.