Design of intrusion detection systems for vehicular networks
With the explosive growth of traffic on road and the rapid evolution of autonomous vehicles, the vulnerability of Vehicular Ad Hoc Networks (VANETs) has become a critical issue as the networks handle the crucial information directly related to human safety. As one of the most commonly-use approaches...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Doctor of Philosophy |
| Language: | English |
| Published: |
Nanyang Technological University
2021
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/146089 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-146089 |
|---|---|
| record_format |
dspace |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Electrical and electronic engineering Engineering::Computer science and engineering::Computing methodologies::Pattern recognition |
| spellingShingle |
Engineering::Electrical and electronic engineering Engineering::Computer science and engineering::Computing methodologies::Pattern recognition Liang, Junwei Design of intrusion detection systems for vehicular networks |
| description |
With the explosive growth of traffic on road and the rapid evolution of autonomous vehicles, the vulnerability of Vehicular Ad Hoc Networks (VANETs) has become a critical issue as the networks handle the crucial information directly related to human safety. As one of the most commonly-use approaches to prevent network threats, Intrusion Detection Systems (IDSs) are capable of detecting both insider and external attacks with high accuracy. However, when implementing IDSs in VANETs, several compatibility problems have to be solved. A tradeoff between the accuracy and efficiency has to be further considered, due to the highly dynamic nature of VANETs. In this dissertation, a many-objective optimization algorithm (FS-MOEA) is firstly proposed to select the optimal feature subset for IDSs in VANETs, in which Adaptive Non-dominant Sorting Genetic Algorithm-III (A-NSGA-III) severs as the feature selection algorithm. In addition, two improvements, i.e., Bias and Weighted (B&W) niche-preservation and Information Gain (IG)-Analytic Hierarchy Process (AHP) prioritizing, are further proposed in FS-MOEA. B&W niche-preservation is presented to counterbalance the bias among the different classes of AWID dataset, where rare classes are assigned with higher priorities during niching selection process. For IG-AHP prioritizing, average IG is used as the dominant factor to guide the decision analysis of AHP, in order to search the optimal feature subset from the non-dominant feature subsets in the Pareto Front of FS-MOEA. Simulation experiments prove the usefulness and effectiveness of the proposed FS-MOEA, as it can achieve better performance than other feature selection algorithms in terms of accuracy and efficiency. Furthermore, the imbalanced problem can be alleviated via using B&W niche-preservation in FS-MOEA. Additionally, a Filter Model based on the Hidden Markov Model (FM-HMM) is proposed to dissipate the overhead and detection time of IDSs in VANETs. The proposed FM-HMM is well compatible with almost all kinds of IDSs, which means it can improve the performance of general IDSs. To quickly filter the messages from vehicles, the state of each vehicle in VANETs is modeled as a Hidden Markov Model (HMM). With the premise of maintaining the detection performance, three modules (i.e., filter, schedule and update modules) are provided in FM-HMM to mitigate the overhead and the time for detection using the corresponding HMMs. Simulation results demonstrate that the proposed filter model can reduce the congestion of network messages (e.g., broadcast storms). In addition, the performance of the IDS with FM-HMM is still remarkable even when rogue vehicles are 40% of the total. Furthermore, an Efficient and Collaborative Framework with a Markov-based Reputation Scheme, called ECF-MRS, is proposed to make IDSs perfectly adaptive to VANETs. The collaborative mechanism among the IDSs of vehicles is achieved by using Non-dominant Sorting Genetic Algorithm-III (NSGA-III)-Collaboration to merge their merits to generate a more superior IDS. For the efficient mechanism, Non-Linear Programming (NLP)-Optimization is designed to reduce the execution time of IDSs in VANETs. Moreover, in order to consolidate the collaboration of IDSs in VANETs, a Reputation Scheme based on the Hidden Generalized Mixture Transition Distribution (HgMTD) model, namely RS-HgMTD, is further proposed for each individual vehicle to evaluate the creditworthiness of neighbors according to their previous states in a time period. Simulation experiments prove the useful- ness and effectiveness of the IDS with ECF-MRS, as it has higher detection rate as well as lower overhead and detection time compared with other existing IDSs. The last significant issue we deal with is to propose a novel framework to realize life-time learning for IDSs, which is based on the Distributed Ledger Technology (e.g., blockchain) to build up a co-maintained database so as to persistently train and test IDSs. As far as we known, we are the first to adopt the blockchain technology for the lifetime learning of IDSs. In the framework, a proposed blockchain-based database (bc-DB) is multilaterally maintained by the security institutes using the Data Coins (DCoins) as the incentives. Moreover, a Life-time Learning IDS (LL-IDS) is further designed as the supplement of the bc-DB. For the LL-IDS, the Growing Hierarchical Self-Organizing Map with probabilistic relabeling (GHSOM-pr) is employed as the classifier, which can adjust itself to adapt the changeable bc-DB. Security analysis shows that the proposed framework is secure, while simulation experiments prove that the LL-IDS can achieve superior performance with the self-improved and co-maintained bc-DB. |
| author2 |
Ma Maode |
| author_facet |
Ma Maode Liang, Junwei |
| format |
Thesis-Doctor of Philosophy |
| author |
Liang, Junwei |
| author_sort |
Liang, Junwei |
| title |
Design of intrusion detection systems for vehicular networks |
| title_short |
Design of intrusion detection systems for vehicular networks |
| title_full |
Design of intrusion detection systems for vehicular networks |
| title_fullStr |
Design of intrusion detection systems for vehicular networks |
| title_full_unstemmed |
Design of intrusion detection systems for vehicular networks |
| title_sort |
design of intrusion detection systems for vehicular networks |
| publisher |
Nanyang Technological University |
| publishDate |
2021 |
| url |
https://hdl.handle.net/10356/146089 |
| _version_ |
1772829101385580544 |
| spelling |
sg-ntu-dr.10356-1460892023-07-04T17:03:12Z Design of intrusion detection systems for vehicular networks Liang, Junwei Ma Maode School of Electrical and Electronic Engineering Research Communication 1 EMDMa@ntu.edu.sg Engineering::Electrical and electronic engineering Engineering::Computer science and engineering::Computing methodologies::Pattern recognition With the explosive growth of traffic on road and the rapid evolution of autonomous vehicles, the vulnerability of Vehicular Ad Hoc Networks (VANETs) has become a critical issue as the networks handle the crucial information directly related to human safety. As one of the most commonly-use approaches to prevent network threats, Intrusion Detection Systems (IDSs) are capable of detecting both insider and external attacks with high accuracy. However, when implementing IDSs in VANETs, several compatibility problems have to be solved. A tradeoff between the accuracy and efficiency has to be further considered, due to the highly dynamic nature of VANETs. In this dissertation, a many-objective optimization algorithm (FS-MOEA) is firstly proposed to select the optimal feature subset for IDSs in VANETs, in which Adaptive Non-dominant Sorting Genetic Algorithm-III (A-NSGA-III) severs as the feature selection algorithm. In addition, two improvements, i.e., Bias and Weighted (B&W) niche-preservation and Information Gain (IG)-Analytic Hierarchy Process (AHP) prioritizing, are further proposed in FS-MOEA. B&W niche-preservation is presented to counterbalance the bias among the different classes of AWID dataset, where rare classes are assigned with higher priorities during niching selection process. For IG-AHP prioritizing, average IG is used as the dominant factor to guide the decision analysis of AHP, in order to search the optimal feature subset from the non-dominant feature subsets in the Pareto Front of FS-MOEA. Simulation experiments prove the usefulness and effectiveness of the proposed FS-MOEA, as it can achieve better performance than other feature selection algorithms in terms of accuracy and efficiency. Furthermore, the imbalanced problem can be alleviated via using B&W niche-preservation in FS-MOEA. Additionally, a Filter Model based on the Hidden Markov Model (FM-HMM) is proposed to dissipate the overhead and detection time of IDSs in VANETs. The proposed FM-HMM is well compatible with almost all kinds of IDSs, which means it can improve the performance of general IDSs. To quickly filter the messages from vehicles, the state of each vehicle in VANETs is modeled as a Hidden Markov Model (HMM). With the premise of maintaining the detection performance, three modules (i.e., filter, schedule and update modules) are provided in FM-HMM to mitigate the overhead and the time for detection using the corresponding HMMs. Simulation results demonstrate that the proposed filter model can reduce the congestion of network messages (e.g., broadcast storms). In addition, the performance of the IDS with FM-HMM is still remarkable even when rogue vehicles are 40% of the total. Furthermore, an Efficient and Collaborative Framework with a Markov-based Reputation Scheme, called ECF-MRS, is proposed to make IDSs perfectly adaptive to VANETs. The collaborative mechanism among the IDSs of vehicles is achieved by using Non-dominant Sorting Genetic Algorithm-III (NSGA-III)-Collaboration to merge their merits to generate a more superior IDS. For the efficient mechanism, Non-Linear Programming (NLP)-Optimization is designed to reduce the execution time of IDSs in VANETs. Moreover, in order to consolidate the collaboration of IDSs in VANETs, a Reputation Scheme based on the Hidden Generalized Mixture Transition Distribution (HgMTD) model, namely RS-HgMTD, is further proposed for each individual vehicle to evaluate the creditworthiness of neighbors according to their previous states in a time period. Simulation experiments prove the useful- ness and effectiveness of the IDS with ECF-MRS, as it has higher detection rate as well as lower overhead and detection time compared with other existing IDSs. The last significant issue we deal with is to propose a novel framework to realize life-time learning for IDSs, which is based on the Distributed Ledger Technology (e.g., blockchain) to build up a co-maintained database so as to persistently train and test IDSs. As far as we known, we are the first to adopt the blockchain technology for the lifetime learning of IDSs. In the framework, a proposed blockchain-based database (bc-DB) is multilaterally maintained by the security institutes using the Data Coins (DCoins) as the incentives. Moreover, a Life-time Learning IDS (LL-IDS) is further designed as the supplement of the bc-DB. For the LL-IDS, the Growing Hierarchical Self-Organizing Map with probabilistic relabeling (GHSOM-pr) is employed as the classifier, which can adjust itself to adapt the changeable bc-DB. Security analysis shows that the proposed framework is secure, while simulation experiments prove that the LL-IDS can achieve superior performance with the self-improved and co-maintained bc-DB. Doctor of Philosophy 2021-01-26T07:17:55Z 2021-01-26T07:17:55Z 2020 Thesis-Doctor of Philosophy Liang, J. (2020). Design of intrusion detection systems for vehicular networks. Doctoral thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/146089 10.32657/10356/146089 en This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0). application/pdf Nanyang Technological University |