An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion
The Controller Area Network (CAN) bus has been implemented in most modern Vehicles. Various attacks can be launched against the CAN bus protocol because it is designed without security mechanisms. It is essential to develop a highly accurate intrusion detection system (IDS) for CAN bus attacks. We d...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-06-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/12/6869 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849521424179396608 |
|---|---|
| author | Easa Alalwany Imad Mahgoub Bader Alsharif Abdullah Alfahaid |
| author_facet | Easa Alalwany Imad Mahgoub Bader Alsharif Abdullah Alfahaid |
| author_sort | Easa Alalwany |
| collection | DOAJ |
| description | The Controller Area Network (CAN) bus has been implemented in most modern Vehicles. Various attacks can be launched against the CAN bus protocol because it is designed without security mechanisms. It is essential to develop a highly accurate intrusion detection system (IDS) for CAN bus attacks. We design an effective ensemble learning-based IDS scheme for detecting and classifying DoS, fuzzing, replay, and spoofing attacks. These are common CAN bus attacks that can threaten the safety of a vehicle’s driver, passengers, and pedestrians. For this purpose, we utilize supervised machine learning in combination with ensemble methods. We first perform data balancing and feature selection. We build and fine-tune random forest, Xtreme gradient boosting, and decision tree supervised learning models. We then combine these models with voting, stacking, and bagging ensemble methods. The results obtained demonstrate the effectiveness of the proposed scheme when trained on real-life CAN traffic datasets to detect and classify these four attacks. The stacking method achieved the highest performance in terms of accuracy, precision, recall, F1-score, and area-under-the-curve receiver operator characteristic (ROC-AUC). The stacking method outperformed other recently proposed methods with an F1-score, precision, recall, and accuracy of 0.993, 0.993, 0.993, and 0.986, respectively. |
| format | Article |
| id | doaj-art-c838ee33936e4e689d3af9c2a33f1d64 |
| institution | Kabale University |
| issn | 2076-3417 |
| language | English |
| publishDate | 2025-06-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj-art-c838ee33936e4e689d3af9c2a33f1d642025-08-20T03:32:27ZengMDPI AGApplied Sciences2076-34172025-06-011512686910.3390/app15126869An Intelligent Ensemble-Based Detection of In-Vehicle Network IntrusionEasa Alalwany0Imad Mahgoub1Bader Alsharif2Abdullah Alfahaid3Department of Computer Science, College of Computer Science and Engineering, Taibah University, Yanbu 46421, Saudi ArabiaDepartment of Electrical Engineering and Computer Science, Florida Atlantic University, 777 Glades Road, Boca Raton, FL 33431, USADepartment of Electrical Engineering and Computer Science, Florida Atlantic University, 777 Glades Road, Boca Raton, FL 33431, USADepartment of Computer Science, College of Computer Science and Engineering, Taibah University, Yanbu 46421, Saudi ArabiaThe Controller Area Network (CAN) bus has been implemented in most modern Vehicles. Various attacks can be launched against the CAN bus protocol because it is designed without security mechanisms. It is essential to develop a highly accurate intrusion detection system (IDS) for CAN bus attacks. We design an effective ensemble learning-based IDS scheme for detecting and classifying DoS, fuzzing, replay, and spoofing attacks. These are common CAN bus attacks that can threaten the safety of a vehicle’s driver, passengers, and pedestrians. For this purpose, we utilize supervised machine learning in combination with ensemble methods. We first perform data balancing and feature selection. We build and fine-tune random forest, Xtreme gradient boosting, and decision tree supervised learning models. We then combine these models with voting, stacking, and bagging ensemble methods. The results obtained demonstrate the effectiveness of the proposed scheme when trained on real-life CAN traffic datasets to detect and classify these four attacks. The stacking method achieved the highest performance in terms of accuracy, precision, recall, F1-score, and area-under-the-curve receiver operator characteristic (ROC-AUC). The stacking method outperformed other recently proposed methods with an F1-score, precision, recall, and accuracy of 0.993, 0.993, 0.993, and 0.986, respectively.https://www.mdpi.com/2076-3417/15/12/6869machine learningintelligent transportation systemsintelligent vehiclesintrusion detection systemensemble learning |
| spellingShingle | Easa Alalwany Imad Mahgoub Bader Alsharif Abdullah Alfahaid An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion Applied Sciences machine learning intelligent transportation systems intelligent vehicles intrusion detection system ensemble learning |
| title | An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion |
| title_full | An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion |
| title_fullStr | An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion |
| title_full_unstemmed | An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion |
| title_short | An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion |
| title_sort | intelligent ensemble based detection of in vehicle network intrusion |
| topic | machine learning intelligent transportation systems intelligent vehicles intrusion detection system ensemble learning |
| url | https://www.mdpi.com/2076-3417/15/12/6869 |
| work_keys_str_mv | AT easaalalwany anintelligentensemblebaseddetectionofinvehiclenetworkintrusion AT imadmahgoub anintelligentensemblebaseddetectionofinvehiclenetworkintrusion AT baderalsharif anintelligentensemblebaseddetectionofinvehiclenetworkintrusion AT abdullahalfahaid anintelligentensemblebaseddetectionofinvehiclenetworkintrusion AT easaalalwany intelligentensemblebaseddetectionofinvehiclenetworkintrusion AT imadmahgoub intelligentensemblebaseddetectionofinvehiclenetworkintrusion AT baderalsharif intelligentensemblebaseddetectionofinvehiclenetworkintrusion AT abdullahalfahaid intelligentensemblebaseddetectionofinvehiclenetworkintrusion |