A Lightweight Intrusion Detection System with Dynamic Feature Fusion Federated Learning for Vehicular Network Security

A Lightweight Intrusion Detection System with Dynamic Feature Fusion Federated Learning for Vehicular Network Security

The rapid integration of complex sensors and electronic control units (ECUs) in autonomous vehicles significantly increases cybersecurity risks in vehicular networks. Although the Controller Area Network (CAN) is efficient, it lacks inherent security mechanisms and is vulnerable to various network a...

Full description

Saved in:
Bibliographic Details
Main Authors: Junjun Li, Yanyan Ma, Jiahui Bai, Congming Chen, Tingting Xu, Chi Ding
Format: Article
Language:English
Published: MDPI AG 2025-07-01
Series:Sensors
Subjects:
CAN
intrusion detection
federated learning
autoencoder
CNN
LSTM
Online Access:https://www.mdpi.com/1424-8220/25/15/4622
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The rapid integration of complex sensors and electronic control units (ECUs) in autonomous vehicles significantly increases cybersecurity risks in vehicular networks. Although the Controller Area Network (CAN) is efficient, it lacks inherent security mechanisms and is vulnerable to various network attacks. The traditional Intrusion Detection System (IDS) makes it difficult to effectively deal with the dynamics and complexity of emerging threats. To solve these problems, a lightweight vehicular network intrusion detection framework based on Dynamic Feature Fusion Federated Learning (DFF-FL) is proposed. The proposed framework employs a two-stream architecture, including a transformer-augmented autoencoder for abstract feature extraction and a lightweight CNN-LSTM–Attention model for preserving temporal and local patterns. Compared with the traditional theoretical framework of the federated learning, DFF-FL first dynamically fuses the deep feature representation of each node through the transformer attention module to realize the fine-grained cross-node feature interaction in a heterogeneous data environment, thereby eliminating the performance degradation caused by the difference in feature distribution. Secondly, based on the final loss <inline-formula><math xmlns="http://www.w3.org/1998/Math/MathML" display="inline"><semantics><mrow><msub><mrow><mi>L</mi></mrow><mrow><mi>A</mi><mi>E</mi></mrow></msub><mfenced open="(" close=")" separators="|"><mrow><mi>X</mi><mo>,</mo><mover accent="true"><mrow><mi>X</mi></mrow><mo>^</mo></mover></mrow></mfenced></mrow></semantics></math></inline-formula> index of each node, an adaptive weight adjustment mechanism is used to make the nodes with excellent performance dominate the global model update, which significantly improves robustness against complex attacks. Experimental evaluation on the CAN-Hacking dataset shows that the proposed intrusion detection system achieves more than 99% F1 score with only 1.11 MB of memory and 81,863 trainable parameters, while maintaining low computational overheads and ensuring data privacy, which is very suitable for edge device deployment.
ISSN:1424-8220

Similar Items