The great evolution of communication technologies and potential availability of network access mediums and service providers have led to the appearance of heterogeneous network concept. This paradigm refers to the seamless and ubiquitous interoperability between multi-coverage protocols with different access techniques. A heterogeneous vehicular network (HetVNet) is a heterogeneous network where a vehicle is a smart node equipped with various communication technologies such as Dedicated Short Range Communication (DSRC) and cellular network (3G/4G). The purpose of HetVNet is ensuring a wide area coverage to all vehicles in a large scale network, thus achieving the Always Best Connected (ABC) paradigm where the best continuous connectivity is offered to clients. In addition, HetVNet enables the acquisition and processing of a large amount of data from wide geographical areas via smart vehicles to offer various categories of services to drivers and passengers. There are many challenges in HetVNet and security is one of them since, on one hand, vehicles exchange vital data (about congestions, accidents, hazards, road-works, etc.) and on the other hand they form a specific network with particular characteristics (frequent fragmentation, dynamic topology, no centralized authority, etc.). Intrusion detection systems (IDS) act as a second wall of defense when cryptography is broken and already proved their effectiveness against both external and internal intruders. Therefore, in this research work we propose and implement an intrusion detection and prediction scheme able to detect and especially predict the future misbehavior of a malicious vehicle. The attack prediction technique proposed in this paper is based on a game theory to prevent the occurrence of malicious vehicles. Moreover, the proposed detection scheme detects the most dangerous attacks that target a HetVNet such as false alerts and Sybil attacks. This detection uses a rules-based technique to model a normal behavior of a vehicle. Simulations performed using NS-3 show that our scheme exhibits a high accuracy prediction, faster attack detection, and a low communication overhead compared to current detection frameworks.