A novel and efficient framework for in-vehicle security enforcement

Abstract

The Internet of Vehicles (IoV) has garnered significant popularity thanks to rapid technological advancements and the widespread availability of the Internet. IoV encompasses vehicles with multiple electronic control units (ECUs) interconnected via advanced intra-vehicle networks. These networks play a crucial role in managing various vehicle functions, with the Controller Area Network (CAN) being of particular significance. However, the increased adoption of intelligent vehicles has also led to a rise in cyberattacks in the intra-vehicular network. These existing vulnerabilities pose significant security and user safety challenges. Extensive efforts have been dedicated to enhancing intra-vehicular network security. Yet, there are open concerns with limited progress made by academic and industry experts on effectively detecting CAN bus attacks. These concerns are essential to ensure intelligent vehicles’ overall security and safety. It requires collaboration between academia, industry, and the development of innovative solutions to fortify vehicular networks against evolving cyber threats. Current intra-vehicular security systems need more robustness and need to consider intelligent methodologies in their proposed works. To overcome all these limitations, This paper introduces a novel intrusion detection framework for in-vehicle networks based on integrating federated learning with transfer learning, improving the detection capabilities of individual vehicles within the network. Our framework employs a trusted authority for secure communication, a cloud server for model distribution and aggregation, and leverages the CAN bus for data collection and training. It guarantees that vehicles start with standardized baseline models and refine them through transfer learning, resulting in a collective intelligence-based final IDS engine for ongoing improvement. We used the Maximum Mean Discrepancy (MMD) to select data from the source domain similar to the target domain. The selected data is more likely to contain patterns and features useful for detecting intrusions in the target domain, leading to better generalization and detection capabilities.