当前位置:
X-MOL 学术
›
Veh. Commun.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Detection of zero-day attacks via sample augmentation for the Internet of Vehicles
Vehicular Communications ( IF 5.8 ) Pub Date : 2025-01-21 , DOI: 10.1016/j.vehcom.2025.100887
Bingfeng Xu, Jincheng Zhao, Bo Wang, Gaofeng He
Vehicular Communications ( IF 5.8 ) Pub Date : 2025-01-21 , DOI: 10.1016/j.vehcom.2025.100887
Bingfeng Xu, Jincheng Zhao, Bo Wang, Gaofeng He
Detecting zero-day attacks is a critical challenge in the Internet of Vehicles (IoV). Due to the limited availability of labeled attack data, anomaly-based methods are predominantly employed. However, the variability in the driving environment and behavioral patterns of vehicles introduces significant fluctuations in normal behavior, which in turn leads to high false positive rates when using these methods. In this work, we propose a novel detection method for zero-day attacks in IoV through sample augmentation. We first analyze the similarities between known and zero-day attacks in IoV. Based on the analysis, a Few-shot Learning Conditional Generative Adversarial Network (FLCGAN) model with multiple generators and discriminators is developed. Within this framework, an attack sample augmentation algorithm is designed to enhance input data by expanding the known attack dataset, thereby reducing false positives. To address the data imbalance caused by the limited number of input attack samples, an ensemble focal loss function is incorporated into the generator to ensure diversity and dispersion of the generated samples. Additionally, a collaborative focal loss function is introduced into the discriminator to improve the classification of difficult-to-classify data. A theoretical analysis is also conducted on the coverage of samples generated by the model. Extensive experiments conducted on the IoV simulation tool Framework For Misbehavior Detection (F2MD) demonstrate that the proposed method surpasses existing approaches in both detection effect and detection delay for zero-day attacks.
中文翻译:
通过车联网样本增强检测零日攻击
检测零日攻击是车联网 (IoV) 面临的一项重大挑战。由于标记的攻击数据的可用性有限,因此主要采用基于异常的方法。然而,车辆驾驶环境和行为模式的可变性会导致正常行为的显着波动,这反过来又会导致使用这些方法时的高假阳性率。在这项工作中,我们提出了一种通过样本增强对车联网零日攻击进行检测的新方法。我们首先分析了 IoV 中已知攻击和零日攻击之间的相似性。基于分析,开发了具有多个生成器和判别器的少数样本学习条件生成对抗网络 (FLCGAN) 模型。在此框架中,设计了一种攻击样本增强算法,通过扩展已知的攻击数据集来增强输入数据,从而减少误报。为了解决输入攻击样本数量有限导致的数据不平衡问题,该发生器中加入了集成焦点损失函数,以确保生成样本的多样性和分散性。此外,在判别器中引入了协作焦点损失函数,以改进难以分类的数据的分类。还对模型生成的样本覆盖率进行了理论分析。在车联网仿真工具错误行为检测框架 (F2MD) 上进行的广泛实验表明,所提方法在零日攻击的检测效果和检测延迟方面都优于现有方法。
更新日期:2025-01-21
中文翻译:
![](https://scdn.x-mol.com/jcss/images/paperTranslation.png)
通过车联网样本增强检测零日攻击
检测零日攻击是车联网 (IoV) 面临的一项重大挑战。由于标记的攻击数据的可用性有限,因此主要采用基于异常的方法。然而,车辆驾驶环境和行为模式的可变性会导致正常行为的显着波动,这反过来又会导致使用这些方法时的高假阳性率。在这项工作中,我们提出了一种通过样本增强对车联网零日攻击进行检测的新方法。我们首先分析了 IoV 中已知攻击和零日攻击之间的相似性。基于分析,开发了具有多个生成器和判别器的少数样本学习条件生成对抗网络 (FLCGAN) 模型。在此框架中,设计了一种攻击样本增强算法,通过扩展已知的攻击数据集来增强输入数据,从而减少误报。为了解决输入攻击样本数量有限导致的数据不平衡问题,该发生器中加入了集成焦点损失函数,以确保生成样本的多样性和分散性。此外,在判别器中引入了协作焦点损失函数,以改进难以分类的数据的分类。还对模型生成的样本覆盖率进行了理论分析。在车联网仿真工具错误行为检测框架 (F2MD) 上进行的广泛实验表明,所提方法在零日攻击的检测效果和检测延迟方面都优于现有方法。