Intrusion detection system for autonomous vehicles using sensor spatio-temporal information

Connected Autonomous Vehicles (CAVs) have great potential to improve driving safety and comfort, but they still face cybersecurity risks. Intrusion Detection Systems (IDS) have now become the primary means of addressing this problem. There are two weaknesses in existing studies that consider sensor correlation. First, few studies focus on the degree of correlation between sensors. Second, existing studies usually focus only on anomaly detection and ignore the precise location of attack targets. In this paper, we propose a two-stage intrusion detection system based on in-vehicle sensors spatio-temporal information. The first stage is set as a behavior predictor, which uses historical data to predict current data. Where the spatial Multi-head Graph Attention (MGAT) layer considers the degree of correlation among sensors through the attention weights in the graph structure, and the temporal Multi-head Graph Attention layer models the dependence of data at different time points of a single sensor. In the second phase, the attack detector first detects anomalies based on the deviation between predicted and observed values, after which a threshold deviation ratio is introduced to locate the attacked sensor. Experimental results in real vehicle data sets show that the proposed system can efficiently detect multiple types of attacks with an average F1 score of 98.28%, which is at least 1.45% higher than the existing methods. In various single-sensor attack scenarios, the accuracy of identifying attack targets exceeds 97.00%.