Abstract:Intrusion Detection Systems (IDS) are widely employed to detect and mitigate external network security events. Vehicle ad-hoc Networks (VANETs) continue to evolve, especially with developments related to Connected Autonomous Vehicles (CAVs). In this study, we explore the detection of cyber threats in vehicle networks through ensemble-based machine learning, to strengthen the performance of the learnt model compared to relying on a single model. We propose a model that uses Random Forest and CatBoost as our main investigators, with Logistic Regression used to then reason on their outputs to make a final decision. To further aid analysis, we use SHAP (SHapley Additive exPlanations) analysis to examine feature importance towards the final decision stage. We use the Vehicular Reference Misbehavior (VeReMi) dataset for our experimentation and observe that our approach improves classification accuracy, and results in fewer misclassifications compared to previous works. Overall, this layered approach to decision-making combining teamwork among models with an explainable view of why they act as they do can help to achieve a more reliable and easy-to-understand cyber security solution for smart transportation networks.

What problem does this paper attempt to address?

The main problem that this paper attempts to solve is to improve the performance and interpretability of intrusion detection systems in software - defined vehicle ad - hoc networks (SD - VANET). Specifically, the authors propose an intrusion detection system (IDS) based on ensemble learning, aiming to enhance the performance of the model by combining Random Forest, CatBoost and Logistic Regression, and to explain the influence of features on the final decision through SHAP (SHapley Additive exPlanations) analysis. This not only improves the classification accuracy but also reduces misclassification, thus providing a more reliable and understandable network security solution for intelligent transportation networks. ### Problems Solved by the Paper: 1. **Improve Detection Accuracy**: Although traditional IDS can detect many threats, its accuracy and reliability still need to be improved in the complex and changeable VANET environment. The method proposed in this paper shows a higher classification accuracy in experiments and reduces misclassification. 2. **Enhance Model Interpretability**: Existing IDS often lack interpretability, that is, they cannot clearly explain why certain threats are marked or missed, especially in real - time environments. By integrating SHAP analysis, this paper provides transparency in the model decision - making process, enabling operators to trust and quickly respond to threats detected by the system. 3. **Deal with High - Dimensional and Categorical Data**: Data in VANET usually has high - dimensional and categorical characteristics, which pose challenges to the processing ability of the model. The Random Forest and CatBoost algorithms selected in this paper are particularly good at handling this type of data, thereby better managing the complexity and variability in VANET. ### Specific Contributions: 1. **Propose an Ensemble Learning Method**: Combine Random Forest, CatBoost and Logistic Regression to provide an intrusion detection scheme with a good balance between accuracy, interpretability and running - time requirements. 2. **Verify with VeReMi Dataset**: Verify the recognition effects of different attack categories through the VeReMi dataset, further proving the effectiveness of this method. 3. **Introduce SHAP Analysis**: Explain how each model and its integration affect the final decision through SHAP analysis, especially providing in - depth understanding for the remaining misclassification cases. In conclusion, by proposing a new ensemble learning and interpretability analysis method, this paper significantly improves the performance and reliability of intrusion detection systems in SD - VANET, providing a new solution for network security in intelligent transportation networks.

An Explainable Ensemble-based Intrusion Detection System for Software-Defined Vehicle Ad-hoc Networks

An Effective Ensemble Learning-Based Real-Time Intrusion Detection Scheme for an In-Vehicle Network

LCCDE: A Decision-Based Ensemble Framework for Intrusion Detection in The Internet of Vehicles

Multi-Classification and Tree-Based Ensemble Network for the Intrusion Detection System in the Internet of Vehicles

NIDS-VSB: Network Intrusion Detection System for VANET Using Spark-Based Big Data Optimization and Transfer Learning

Artificial Intelligence-based intrusion detection system for V2V communication in vehicular adhoc networks

Vehicular Network Intrusion Detection Using a Cascaded Deep Learning Approach with Multi-Variant Metaheuristic

Classification of Normal and Malicious Traffic Based on an Ensemble of Machine Learning for a Vehicle CAN-Network

A hybrid machine learning model for intrusion detection in VANET

Toward Open-Set Intrusion Detection in VANETs: an Efficient Meta-Recognition Approach

Intrusion Detection System for Autonomous Vehicles Using Non-Tree Based Machine Learning Algorithms

A Robust Multi-Stage Intrusion Detection System for In-Vehicle Network Security using Hierarchical Federated Learning

Ensemble Learning Based Malicious Node Detection in SDN-Based VANETs

Data-Driven Intrusion Detection for Intelligent Internet of Vehicles: A Deep Convolutional Neural Network-Based Method

Cyber Attack Detection for Self-Driving Vehicle Networks Using Deep Autoencoder Algorithms

Ensemble and Gossip Learning-Based Framework for Intrusion Detection System in Vehicle-to-Everything Communication Environment

Semi-supervised intrusion detection system for in-vehicle networks based on variational autoencoder and adversarial reinforcement learning

Deep Transfer Learning Based Intrusion Detection System for Electric Vehicular Networks

A Robust Model for Predicting Abnormal Behavior in Vehicular Networks using AdaBoost and Chi-Square