# A hybrid deep learning and residual connection-based architecture for intrusion detection in autonomous vehicles

**Authors:** Hareem Kibriya, Ayesha Siddiqa, Saad Alahmari, Wazir Zada Khan, Saad Nasser Altamimi, Atta ur Rehman Khan, Ayei Ibor, Ayei Ibor, Ayei Ibor

PMC · DOI: 10.1371/journal.pone.0338079 · PLOS One · 2026-03-19

## TL;DR

This paper introduces a new intrusion detection system for autonomous vehicles using deep learning and residual connections to improve security and transparency.

## Contribution

A novel hybrid deep learning-based intrusion detection system with residual connections and explainable AI for autonomous vehicles.

## Key findings

- The proposed system achieves 99.99% detection accuracy on four common attack types.
- Residual connections improve training stability and gradient flow in the model.
- Explainable AI techniques like LIME are used to increase transparency in detection decisions.

## Abstract

The emergence of Autonomous and Connected Autonomous Vehicles (CAVs) has transformed the automotive landscape drastically over the past few years by offering enhanced features in the vehicles for drivers’ safety and convenience. These developments have introduced various features in AVs i.e., lane-keeping, cruise control, etc. These features are mainly powered by the Electronic Control Units (ECUs) that communicate using the Controller Area Network (CAN) bus protocol. The components in the AVs communicate with each other by sending and receiving messages via the CAN bus. However, despite increased connectivity, these vehicles have become vulnerable to cyber attacks, as malicious actors can exploit the CAN protocol to manipulate vehicle behavior, which can not only threaten the safety of the passengers but public as well. Hence, several Intrusion Detection Systems (IDS) have been proposed, however, these systems struggle with computational complexity, limited effectiveness against sophisticated attack types, and a lack of interpretability and transparency of detection mechanisms. To address challenges in the existing systems, this paper presents a novel hybrid Deep Learning (DL)-based IDS using DL components such as Convolutional layer and Long Short-Term Memory (LSTM) layers to capture complex patterns in the CAN messages. The proposed IDS uses a residual connection to enhance gradient flow and training stability. The system is evaluated on four common attack types, namely RPM Spoofing, Gear Spoofing, Fuzzy, and Denial of Service (DoS), achieving a detection accuracy of 99.99%. Finally, the outcomes of the proposed IDS are visually interpreted using the Explainable AI (XAI) technique called Local Interpretable Model-agnostic Explanations (LIME) to provide transparency into the model’s decision-making process, thus increasing trust in the system’s deployment in real-world AV environments.

## Full-text entities

- **Diseases:** AVs (MESH:D001342), ID (MESH:C537985), CAN (MESH:D007174), LIME (MESH:D004195), IDS (MESH:C537310), road traffic injuries (MESH:D014947), AV Attack (MESH:D054537), Fuzzy attacks (MESH:D009203), accidents (MESH:D000081084), death (MESH:D003643), DL (MESH:D007859), DoS (MESH:D019575)
- **Chemicals:** CAN (-)
- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC13001930/full.md

## Figures

9 figures with captions in the complete paper: https://tomesphere.com/paper/PMC13001930/full.md

## References

28 references — full list in the complete paper: https://tomesphere.com/paper/PMC13001930/full.md

---
Source: https://tomesphere.com/paper/PMC13001930