Entropy-based genetic feature engineering and multi-classifier fusion for anomaly detection in vehicle controller area networks

Abstract

Technological advances in mobile computing, wireless communications, and remote sensing have provided the foundation for expanding and improving intelligent transportation systems (ITS), making modern vehicles susceptible to cyberattacks due to their evolved functionality and connectivity. In-vehicle networks, such as controller area networks (CAN), are highly vulnerable to attacks due to the lack of security architecture. Considering the temporal and spatial aspects of attacks and the need to develop lightweight models, this study develops a flexible and lightweight anomaly detection model for CAN bus with normal and sensitive duty cycles. To achieve optimal performance and consider spatio-temporal information, the feature space is optimized by extracting new features based on a two-parameter genetic algorithm (2P-GA) and Shannon entropy. Next, a synergistic combination of different supervised machine learning classifiers based on the ordered weighted averaging (OWA) operators is leveraged to optimize the results and achieve better performance. Also, to show the effectiveness of the proposed method in the present study, a comprehensive and unique comparative analysis with previous works and state-of-the-art models is presented. The results show that the proposed framework achieves the highest performance in terms of accuracy and F1-score and the lowest computational cost compared with previous works.