Intrusion detection system for cyberattacks in the Internet of Vehicles environment

Korium, Mohamed Selim; Saber, Mohamed; Beattie, Alexander; Narayanan, Arun; Sahoo, Subham; Nardelli, Pedro H. J. · 2023 · OpenAlex-citations

DOI: 10.1016/j.adhoc.2023.103330

archive: archived pipeline: cataloged verified

Get this paper ↗ (DOI — opens at the source; we link to it, we don't host it)

Summary

This paper addresses the critical need for robust intrusion detection systems (IDS) in the Internet of Vehicles (IoV) environment, where connected vehicles are vulnerable to cyberattacks such as Denial-of-Service (DoS), Distributed DoS (DDoS), brute force, and sniffing. The authors identify significant limitations in prior research, including reliance on outdated datasets (e.g., KDD-CUP99), failure to handle highly imbalanced data, lack of analysis regarding model overfitting via learning curves, and insufficient consideration of execution time. To overcome these issues, the study proposes a novel machine learning framework designed to detect abnormal network traffic with high accuracy and low latency, ensuring real-time protection for vehicular communications. The methodology employs a comprehensive pipeline using three contemporary datasets: CIC-IDS-2017, CSE-CIC-IDS-2018, and CIC-DDoS-2019, evaluated both individually and as a merged dataset. The process begins with data preprocessing, including the removal of outliers and missing values, followed by Z-score normalization to preserve data distribution. Feature selection is performed using a regression model to reduce complexity and execution time by eliminating redundant predictors. To address class imbalance, the authors apply Synthetic Minority Oversampling Technique (SMOTE) and SMOTE-ENN. Four machine learning algorithms—Random Forest, Extreme Gradient Boosting (XGBoost), Categorical Boosting (CatBoost), and Light Gradient Boosting Machine (LightGBM)—are trained and optimized using hyperparameter tuning via Tree-structured Parzen Estimator. The study explicitly monitors learning curves to prevent overfitting and evaluates performance based on accuracy, precision, recall, and execution time. The results demonstrate that the proposed framework achieves superior performance compared to existing methods. When applied to the merged dataset containing all three intrusion sources, the system attained an accuracy exceeding 99.8%. Crucially, the model maintained high efficiency, with a total running time of 46.9 seconds and a detection time of just 0.24 seconds. The analysis confirmed that the optimized models generalized well across different attack types and datasets, avoiding the overfitting issues common in previous studies that relied on oversampling without validation. The regression-based feature selection effectively reduced computational load without sacrificing detection capability. The significance of this work lies in its provision of a scalable, high-performance IDS tailored for the IoV environment. By integrating multiple up-to-date datasets and rigorously addressing data imbalance and overfitting, the study offers a more reliable security mechanism for connected vehicles. The findings highlight the importance of considering execution time and generalization in cybersecurity models, providing a benchmark for future research in vehicular network security. The proposed framework outperforms prior literature in both accuracy and speed, offering a practical solution for mitigating the physical and safety risks associated with IoV cyberattacks.

Provenance

The full processing record for this entry. Every stage of this paper's journey through the pipeline is logged — what ran, with which tool and model, how many attempts it took, and when it last completed.

StageOutcomeToolModelPromptAttemptsCompleted
discover success OpenAlex-citations 1 2026-06-20
archive success openalex 5 2026-06-26
extract success cached 2 2026-06-26
clean success clean 1 2026-06-20
chunk success chunk 1 2026-06-20
embed success embed Qwen/Qwen3-Embedding-8B 1 2026-06-20
promote success 1 2026-06-20
summarize success llm qwen3.6-27b-prismaquant summ-v5 1 2026-06-26
tag success vector_similarity 6 2026-06-20
verify success 1 2026-06-26

Summary generated by qwen3.6-27b-prismaquant on 2026-06-26; verification: verified.

Topics

Ranked by relevance to this paper. Hover a topic for its definition.