{"title":"STC-GraphFormer:用于车载网络入侵检测系统的图时空关联变换器","authors":"Gaber A. Al-Absi, Yong Fang, Adnan A. Qaseem","doi":"10.1016/j.vehcom.2024.100865","DOIUrl":null,"url":null,"abstract":"The integration of several developing technologies and their applications with Internet of Vehicles (IoVs) techniques has been improved. Utilizing these emerging technologies renders the in-vehicle network more susceptible to intrusions. Furthermore, the utilization of Electronic Control Units (ECUs) in current vehicles has experienced a significant increase, establishing the Controller Area Network (CAN) as the widely used standard in the automotive field. The CAN protocol provides an efficient and broadcast-based protocol for facilitating serial data exchange between ECUs. However, it lacks provisions for security measures such as authentication and encryption. The attackers have exploited these weaknesses to launch various attacks on CAN-based IVN. This paper proposes STC-GraphFormer, an innovative spatial-temporal model that utilizes a Graph Convolutional Network (GCN) and a transformer. The spatial GCN layers are utilized to construct and acquire local spatial features, while the temporal transformer layers are employed to capture the long-term global temporal dependencies. By employing this integrated approach, STC-GraphFormer can learn complex spatial-temporal correlations within the IVN data, enabling it to detect and classify malicious intrusions. The proposed STC-GraphFormer has been validated using five real in-vehicle CAN datasets that cover a wide range of attacks that have not been previously investigated together. The finding results indicate that the STC-GraphFormer is more efficient than the SOTA approaches. It demonstrates excellent performance, with Car-hacking (0.99983), IVN intrusion detection (0.9991), CAN Dataset for intrusion detection “OTIDS” (0.9992), CAR hacking: attack & defense challenge (0.9901), and Survival analysis (0.9982), with a minimal false alarm rate and the highest achievable F1 scores for various types of attacks.","PeriodicalId":54346,"journal":{"name":"Vehicular Communications","volume":"30 1","pages":""},"PeriodicalIF":5.8000,"publicationDate":"2024-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"STC-GraphFormer: Graph spatial-temporal correlation transformer for in-vehicle network intrusion detection system\",\"authors\":\"Gaber A. Al-Absi, Yong Fang, Adnan A. Qaseem\",\"doi\":\"10.1016/j.vehcom.2024.100865\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The integration of several developing technologies and their applications with Internet of Vehicles (IoVs) techniques has been improved. Utilizing these emerging technologies renders the in-vehicle network more susceptible to intrusions. Furthermore, the utilization of Electronic Control Units (ECUs) in current vehicles has experienced a significant increase, establishing the Controller Area Network (CAN) as the widely used standard in the automotive field. The CAN protocol provides an efficient and broadcast-based protocol for facilitating serial data exchange between ECUs. However, it lacks provisions for security measures such as authentication and encryption. The attackers have exploited these weaknesses to launch various attacks on CAN-based IVN. This paper proposes STC-GraphFormer, an innovative spatial-temporal model that utilizes a Graph Convolutional Network (GCN) and a transformer. The spatial GCN layers are utilized to construct and acquire local spatial features, while the temporal transformer layers are employed to capture the long-term global temporal dependencies. By employing this integrated approach, STC-GraphFormer can learn complex spatial-temporal correlations within the IVN data, enabling it to detect and classify malicious intrusions. The proposed STC-GraphFormer has been validated using five real in-vehicle CAN datasets that cover a wide range of attacks that have not been previously investigated together. The finding results indicate that the STC-GraphFormer is more efficient than the SOTA approaches. It demonstrates excellent performance, with Car-hacking (0.99983), IVN intrusion detection (0.9991), CAN Dataset for intrusion detection “OTIDS” (0.9992), CAR hacking: attack & defense challenge (0.9901), and Survival analysis (0.9982), with a minimal false alarm rate and the highest achievable F1 scores for various types of attacks.\",\"PeriodicalId\":54346,\"journal\":{\"name\":\"Vehicular Communications\",\"volume\":\"30 1\",\"pages\":\"\"},\"PeriodicalIF\":5.8000,\"publicationDate\":\"2024-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Vehicular Communications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1016/j.vehcom.2024.100865\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"TELECOMMUNICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vehicular Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1016/j.vehcom.2024.100865","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0
摘要
一些新兴技术及其应用与车联网(IoVs)技术的整合已得到改进。利用这些新兴技术使车载网络更容易受到入侵。此外,电子控制单元(ECU)在当前车辆中的使用率大幅提高,使控制器局域网(CAN)成为汽车领域广泛使用的标准。CAN 协议为促进 ECU 之间的串行数据交换提供了一个基于广播的高效协议。然而,它缺乏认证和加密等安全措施。攻击者利用这些弱点对基于 CAN 的 IVN 发起了各种攻击。本文提出的 STC-GraphFormer 是一种创新的时空模型,它利用了图形卷积网络(GCN)和转换器。空间 GCN 层用于构建和获取局部空间特征,而时间转换器层则用于捕捉长期的全局时间依赖关系。通过采用这种集成方法,STC-GraphFormer 可以学习 IVN 数据中复杂的时空相关性,从而对恶意入侵进行检测和分类。提议的 STC-GraphFormer 已通过五个真实的车载 CAN 数据集进行了验证,这些数据集涵盖了以前未曾一起研究过的各种攻击。结果表明,STC-GraphFormer 比 SOTA 方法更有效。它表现出卓越的性能,在 Car-hacking(0.99983)、IVN 入侵检测(0.9991)、用于入侵检测的 CAN 数据集 "OTIDS"(0.9992)、CAR hacking:attack & defense challenge(0.9901)和 Survival analysis(0.9982)中,误报率最低,各种类型攻击的 F1 分数最高。
STC-GraphFormer: Graph spatial-temporal correlation transformer for in-vehicle network intrusion detection system
The integration of several developing technologies and their applications with Internet of Vehicles (IoVs) techniques has been improved. Utilizing these emerging technologies renders the in-vehicle network more susceptible to intrusions. Furthermore, the utilization of Electronic Control Units (ECUs) in current vehicles has experienced a significant increase, establishing the Controller Area Network (CAN) as the widely used standard in the automotive field. The CAN protocol provides an efficient and broadcast-based protocol for facilitating serial data exchange between ECUs. However, it lacks provisions for security measures such as authentication and encryption. The attackers have exploited these weaknesses to launch various attacks on CAN-based IVN. This paper proposes STC-GraphFormer, an innovative spatial-temporal model that utilizes a Graph Convolutional Network (GCN) and a transformer. The spatial GCN layers are utilized to construct and acquire local spatial features, while the temporal transformer layers are employed to capture the long-term global temporal dependencies. By employing this integrated approach, STC-GraphFormer can learn complex spatial-temporal correlations within the IVN data, enabling it to detect and classify malicious intrusions. The proposed STC-GraphFormer has been validated using five real in-vehicle CAN datasets that cover a wide range of attacks that have not been previously investigated together. The finding results indicate that the STC-GraphFormer is more efficient than the SOTA approaches. It demonstrates excellent performance, with Car-hacking (0.99983), IVN intrusion detection (0.9991), CAN Dataset for intrusion detection “OTIDS” (0.9992), CAR hacking: attack & defense challenge (0.9901), and Survival analysis (0.9982), with a minimal false alarm rate and the highest achievable F1 scores for various types of attacks.
期刊介绍:
Vehicular communications is a growing area of communications between vehicles and including roadside communication infrastructure. Advances in wireless communications are making possible sharing of information through real time communications between vehicles and infrastructure. This has led to applications to increase safety of vehicles and communication between passengers and the Internet. Standardization efforts on vehicular communication are also underway to make vehicular transportation safer, greener and easier.
The aim of the journal is to publish high quality peer–reviewed papers in the area of vehicular communications. The scope encompasses all types of communications involving vehicles, including vehicle–to–vehicle and vehicle–to–infrastructure. The scope includes (but not limited to) the following topics related to vehicular communications:
Vehicle to vehicle and vehicle to infrastructure communications
Channel modelling, modulating and coding
Congestion Control and scalability issues
Protocol design, testing and verification
Routing in vehicular networks
Security issues and countermeasures
Deployment and field testing
Reducing energy consumption and enhancing safety of vehicles
Wireless in–car networks
Data collection and dissemination methods
Mobility and handover issues
Safety and driver assistance applications
UAV
Underwater communications
Autonomous cooperative driving
Social networks
Internet of vehicles
Standardization of protocols.