A Scalable Hierarchical Intrusion Detection System for Internet of Vehicles

TL;DR

This paper introduces a scalable hierarchical intrusion detection system for the Internet of Vehicles that distributes detection tasks between edge and cloud nodes, improving response time and resource efficiency.

Contribution

It proposes a hierarchical classification framework with feature selection tailored for IoV, addressing the limitations of centralized IDS systems in resource-constrained environments.

Findings

Effective detection of IoV cyber threats demonstrated on CIC-IoV2024 dataset.

Hierarchical approach reduces processing load on edge nodes.

Improved detection accuracy and response time in IoV networks.

Abstract

Due to its nature of dynamic, mobility, and wireless data transfer, the Internet of Vehicles (IoV) is prone to various cyber threats, ranging from spoofing and Distributed Denial of Services (DDoS) attacks to malware. To safeguard the IoV ecosystem from intrusions, malicious activities, policy violations, intrusion detection systems (IDS) play a critical role by continuously monitoring and analyzing network traffic to identify and mitigate potential threats in real-time. However, most existing research has focused on developing centralized, machine learning-based IDS systems for IoV without accounting for its inherently distributed nature. Due to intensive computing requirements, these centralized systems often rely on the cloud to detect cyber threats, increasing delay of system response. On the other hand, edge nodes typically lack the necessary resources to train and deploy complex machine learning algorithms. To address this issue, this paper proposes an effective hierarchical classification framework tailored for IoV networks. Hierarchical classification allows classifiers to be trained and tested at different levels, enabling edge nodes to detect specific types of attacks independently. With this approach, edge nodes can conduct targeted attack detection while leveraging cloud nodes for comprehensive threat analysis and support. Given the resource constraints of edge nodes, we have employed the Boruta feature selection method to reduce data dimensionality, optimizing processing efficiency. To evaluate our proposed framework, we utilize the latest IoV security dataset CIC-IoV2024, achieving promising results that demonstrate the feasibility and effectiveness of our models in securing IoV networks.