Enhancing Cyber Security in Autonomous Vehicles: A Hybrid XG Boost-Deep Learning Approach for Intrusion Detection in the CAN Bus

Self-driving automobiles, also recognized as autonomous vehicles, have made significant strides in the automotive sector, operating by utilizing cutting-edge sensors, cameras, and algorithms. Their potential to enhance transportation efficiency, mobility alternatives, and safety has garnered global popularity [1, 2]. These vehicles offer compelling advantages, such as reducing traffic accidents caused by human error through advanced sensors and algorithms, optimizing routes, lowering traffic congestion, and improving mobility options for individuals such as disabled or elderly who cannot drive. Though, challenges remain to be addressed, with cyber security being a major concern [3]. Communication networks and software systems have a heavy dependence on sophisticated self-driving vehicles that are susceptible to cyber-attacks that could jeopardize their security and functionality. Additionally, establishing comprehensive regulatory frameworks to address liability, privacy and ethical issues is crucial to ensure autonomous cars' safe and responsible deployment [4].

The rise in connection and automation in autonomous vehicles has made cyber security a prominent issue. Malicious actors could exploit communication network flaws to target these vehicles, raising serious concerns. Understanding and addressing the unique cyber security challenges associated with autonomous vehicles is imperative, including detecting and categorizing various cyber-security risks and weaknesses, such as vehicle-to-everything network attacks and attacks on in-vehicle networks [5]. Effective defense tactics and safety standards must be developed to safeguard autonomous vehicles and mitigate potential cyber threats [6, 7]. Innovations in cyber security for autonomous vehicles, such as software-defined networks, artificial intelligence, and block chain, offer promising solutions. By prioritizing cyber security, we can ensure autonomous vehicles are reliable, maintain public trust and safe in this transformative technology [8, 9].

The complex In-Vehicle Network (IVN) utilized by autonomous vehicles facilitates communication among various components, with the Controller Area Network (CAN) network being a critical element [10]. The CAN network enables data transmission between ECUs and electronic control units within the vehicle, but it is not immune to security issues and potential attacks [11, 12]. Exploiting these vulnerabilities, malicious actors could gain unauthorized access and alter the functionality of vehicle's, affecting serious risks to the vehicle's occupants and road safety [13].

The CAN network may become the target of a flood attack, where the invader overwhelms the system by flooding the network with a large number of messages, leading to a DoS stand for denial-of-service scenario that disrupts the vehicle's operation. Another form of an attack is replaying, wherein the invader intercepts and resends previously intercepted CAN communications to manipulate the vehicle's behavior. Spoofing attacks involve a hacker posing as a trustworthy ECU and then sending malicious commands or fake sensor data, causing the vehicle to act dangerously or misperceive its surroundings [14, 15].

To address these cyber security challenges, effective protection tactics are essential. Intrusion Detection Systems (IDS) can monitor the CAN network detecting any unusual or suspicious activity. Encryption and authentication mechanisms can secure communication between ECUs, preventing unauthorized access. Anomaly detection algorithms can identify deviations from typical network behavior offering rapid defense against potential attacks [16]. The International Organization for Standardization (ISO) has proposed a CAN security framework, providing standards and best practices for protecting the CAN network in autonomous cars [17].

Autonomous vehicle manufacturers and stakeholders can enhance the general safety and dependability of autonomous vehicles by understanding the vulnerabilities of the IVN, particularly the CAN network and implementing robust security measures. Building public trust and confidence in the widespread deployment of autonomous vehicles depends on the integrity and resiliency of the IVN [18, 19].

The hybrid XGBoost-deep learning approach has shown superior performance compared to conventional algorithms, including Bi-LSTM, CNN-LSTM, XGBoost, multilayer perceptron and other machine learning models, for enhancing the cyber security of self-driving vehicles [20, 21]. It provides a various attack types in a real-world dataset [22]. The multilayer perceptron and other machine learning models are utilized for enhancing the cyber security of self-driving vehicles [23-26].

Figure 1 represents attack scenarios on the CAN network in a vehicle. The CAN network comprises interconnected nodes that use a protocol based on messaging to facilitate communication allowing all devices to receive and process messages. To protect against malicious attacks, an Intrusion Detection System (IDS) is incorporated into the vehicle's architecture.

1.png

Figure 1. Intrusion detection architecture of a vehicle

The hybrid model effectively combines the strengths of gradient boosting and deep learning architectures resulting in a more accurate and reliable intrusion detection system [27, 28]. For autonomous vehicles, the XGBoost model has proven to be more accurate and dependable at detecting intrusions and its combination of a deep learning's will provide the ability to handle intricate linkages and unobserved events in the input data [29].

IDS various machine learning algorithm [30]. The feature engineering makes it highly effective [31]. The hybrid model's success is attributed to its ability to improve the accuracy and scope of intrusion detection by combining the capabilities of XGBoost's ensemble learning and deep learning's representation learning [32]. While deep learning excels at extracting complex patterns from unstructured or raw data, XGBoost is more adept at handling structured features [33, 34]. The hybrid model's precision is critical for accurate intrusion detection in autonomous vehicles, enabling a prompt response and effective mitigation of potential cyber risks by precisely identifying and categorizing hostile activities within the in-vehicle network [35]. Moreover, the XGBoost-deep learning model benefits from the ensemble learning capabilities of XGBoost and the deep representation learning of deep neural networks, enhancing accuracy and resilience [36]. It introduced an XGBoost-DNN model for IDS in network security. The model combines the XGBoost algorithm for feature selection and a DNN stand for deep neural network for classification. It outperforms other shallow ML algorithms by using various performances metric such as F1 Score recall, precision and accuracy by considering the NSL-KDD dataset [37]. The XGBoost-deep learning approach is the best strategy for enhancing cyber security in autonomous vehicles, offering higher and more reliable accuracy compared to conventional algorithms [38, 39]. The model's capacity to efficiently evaluate and categorize complex patterns and relationships contributes to the overall security and dependability of autonomous vehicle systems. Ongoing research efforts will continue to strengthen the hybrid model ensuring the ongoing defense of autonomous vehicles against potential cyber risks [40].

As self-driving cars advanced quickly, many businesses encountered problems safeguarding the CAV system from intrusions, which directed to several problems on the street. Although some research has examined security measures for systems, there is still a need for a high-performance algorithm. On actual CAV datasets, we applied deep learning-XGBoost techniques in this study.

3.1 Dataset

The dataset CAV analyzed-piled from real CAN traffic data that included benign packets as well as flooding, replaying and spoofing attacks. The dataset is formed by constructing an OBD-II port for CAN communication out of a real CAV and in transferring messages injecting different types of attacking messages. The OCTANE stand for Open Car Testbed and Network Experiments for CAN packet generator was employed. The injection of intrusion for every three to five seconds for CAV traffic analysis taken for about 30 to 40 minutes, the characteristic of the data set is as mentioned in Table 1.

Table 1. Dataset characteristics

3.2 Data pre-processing

The dataset comprises eleven features, including data from 0 to 8 bytes, an arbitration ID structure in hexadecimal, DLC, data and timestamp in seconds. For simpler numerical representation, we transformed the hexadecimal Arbitration ID values into integers. We also changed the string data in columns "data 0" through "data 8" into numerical values, replacing non-convertible values with NaN. We normalized the numerical features using Min-Max scaling to achieve consistency in feature scaling. We used the Simple Imputer to handle any missing values in the dataset, which substituted NaNs with the mean of each relevant column.

The formula for Min-Max scaling is

$y_n=\frac{z-z_{\min }}{z_{\max }-z_{\min }}\left(\mathrm{New}_{\max _z}-\mathrm{New}_{\min _z}\right)+\mathrm{New}_{\min }$                      (1)

where, $z_{\text {min }}=$ data minimum value, $z_{\text {max }}=$ data maximum value, $N e w_{\max _z}=$ the maximum value (1), $N e w_{\min _z}=$ the minimum value (0).

3.3 Proposed system – DeepXG

In this study, we used DeepXG model which is made up of two parts: an XGBoost model and a model of deep learning. The XGBoost model is trained on the dataset so that to extract features and produce significant features. The XGBoost algorithm was used, with parameters such as the objective (multi-SoftMax), maximum depth, and learning rate defined. The XGBoost model was successful in collecting complex patterns and correlations in the data. The XGBoost (Extreme Gradient Boosting) model helps learn nonlinear relationships and interactions between the raw input features. The deep neural network then leverages these learned representations to detect anomalies and intrusions. This allows the model to take advantage of both XGBoost's feature learning and the ability of deep networks to learn complex patterns. The three important aspects of XGBoost are objective function regularization for generalization, over fitting prevention by column subsampling and shrinkage then additive training by gradient tree boosting. This boosting algorithm is used to improve performance by combining the outputs of weak learners. It utilizes regression trees, classification, and integrates them using the gradient boosting method. XGBoost is a collaborative learning method based on decision trees and gradient boosting. It is widely used for both regression and classification tasks due to its high performance and scalability.

3.3.1 Feature selection

It is a critical task in information categorization. It offers several benefits, including reducing computational complexity, improving data understanding and generalization, enhancing the algorithm's learning performance and removing redundant information. To accomplish this, we adopt the powerful XGBoost technique, tree boosting by a scalable machine-learning model that has received widespread recognition in various machine-learning challenges and data mining. By utilizing the technique of XGBoost, we apply the feature importance score to select the most relevant features. Essentially, the model of XGBoost comprises a group of decision trees working in synergy to produce robust results.

$\widehat{y_{l J}}=\sum_{k=1}^K f_k\left(x_i\right)$                         (2)

where, $\widehat{y_{lJ}}$ is the expected score or likelihood of sample i fitting to class j in the multi-class classification problem, K decision trees number (boosting rounds) in the XGBoost model and $f_k\left(x_i\right)$ represents the prediction made by the kth decision tree for the i-th sample x_i.

We train the model by optimizing the loss function. The multi-classification loss function is

$\operatorname{Loss}_{\text {multi }}(y, \hat{y})=\sum_{i=1}^n\left[\sum_{j=1}^m y_{i j} \log \left(1+\exp \left(-\widehat{y_{lJ}}\right)\right)+\sum_{k=1}^K \Omega\left(f_k\right)\right]$                                （3）

where, y true labels of the data represented, ŷ represents the predicted scores or probabilities from the XGBoost model, dataset samples, m classes number(groups) in the multi-class classification problem, $y_{i j}$ indicator variable which is used to represent the value $\Omega\left(f_k\right)$ is the regularization term for the k-th decision tree, when sample i does not belongs to class j, and otherwise 1.

The regularization term formula is

$\Omega(f)=\gamma T+\frac{1}{2} \lambda \sum_{j=1}^T w_j^2$                                （4）

where, f represents an individual decision tree (boosting round) in the ensemble, T represents the number of leaves in the decision tree f. Each leaf node in the tree represents a specific prediction value, γ is the L1 regularization term or the L1 regularization parameter. It controls the L1 regularization penalty applied to the leaves of the tree. Higher values of γ increase the strength of regularization, leading to a simpler tree structure with fewer leaves, λ is the L2 regularization term or the "L2 regularization parameter." It controls the L2 regularization penalty applied to the weights of the leaves in the tree. Higher values of λ increase the regularization strength, encouraging smaller weights and smoother predictions, W_jrepresents the weight associated with the jth leaf in the tree f. These weights are learned during the training process and determine the influence of each leaf to the final prediction.

The objective of the model is to be minimized during the training process. It represents the overall cost or loss of the model, which is a combination of the specific loss function and the regularization term. The objective is:

$O b j=$ Loss $+\Omega$                               （5）

XGBoost utilizes the mean and variance to perform optimizes the objective function and gradient descents. The expression for the objective function during each step of the optimization process is as follows:

Objective function $=\frac{1}{2} \sum_{i=1}^n\left(y_i-\widehat{y_l}\right)^2+\Omega(f)$                               （6）

3.3.2 XGBoost working

XGBoost constructs decision trees for a present number of iterations (n) until they reach their maximum depth. Every node in the decision tree represents a single dataset characteristic. To construct the decision tree, XGBoost uses the training data to determine the appropriate splitting point for each node. It gives weights to the two new leaves that resulted after the split. After building the decision trees, XGBoost computes the feature relevance score for every characteristic in the dataset. The importance of feature score indicates how important each feature is in producing correct predictions. The feature significance score is calculated by counting the number of times, each feature is utilized to partition the training data. In the CAN bus network, XGBoost is used as an individual model of classification for intrusion detection. Experiments with varying thresholds for picking features based on their relevance score are used to test the accuracy of the XGBoost model. The experiment begins with all 11 features available and gradually picks subsets of features based on their relevance value. The execution of the XGBoost model is tested for each group of characteristics, and the accuracy is recorded for comparison. The model's performance may fluctuate as the number of specified features lowers. There is a trade-off between the number of features and the test set accuracy. The elite group of features is identified by performing tradeoff between the test set accuracy and number of features then sent to the deep learning model.

3.3.3 Deep learning model classification

A DL model constructed with TensorFlow is used for categorization. In TensorFlow, the DL model is built as a Sequential model, which allows us to stack layers one after the other. The input layer is the model's initial layer, and it receives the features retrieved by the XGBoost model as input. The number of input nodes in this layer is governed by the number of XGBoost model features extracted. The deep learning model has hidden layers and a set number of nodes. In hidden layers, the Rectified Linear Unit (ReLU) activation function is utilized, which imparts nonlinearity to the model and aids in capturing complicated patterns in the input.

ReLU Activation Function:

$f(x)=\max (0, x)$                              （7）

If the input value is negative, it returns zero otherwise the function returns it. The ReLU function introduces nonlinearity and aids in training by answering the vanishing gradient problem. The number of nodes in the deep learning model's output layer equals the number of classes (types of incursions) in the dataset. Softmax activation function is utilized in the output layer because the problem involves a multi-class classification. For each class, the Softmax function is utilized to turn raw predictions into probability values. It accepts an array of logits (raw predictions) and generates a probability distribution for all classes.

The Softmax function is defined as follows for class j in the output layer:

$\operatorname{soft} \max (z)_j=\frac{e^{z_j}}{\sum_{k=1}^K e^{z_k}}$                              （8）

Here, Z_j is the logit value (raw prediction) for class j and K is the total number of classes.

Then, during training, the Adam optimizer is employed to efficiently minimize the loss function. It combines the advantages of the AdaGrad and RMSProp optimizers to give adjustable learning rates for every parameter. To measure the learning rate for each parameter, the Adam optimizer retains a running average of the second moments of the gradients.

The Adam update rule requires that the model's parameters be updated throughout the training stage to minimize the loss function and improve the model's performance. The update rule adjusts the learning rate for each parameter independently based on the historical gradients, allowing it to change the learning rate for each parameter adaptively during training based on the observed gradients. Here are their formulas.

$m_t=\beta_1 m_{t-1}+\left(1-\beta_1\right) g_t$                              （9）

$v_t=\beta_2 v_{t-1}+\left(1-\beta_2\right) g_t^2 2$                              （10）

$\theta_{t+1}=\theta_t-\frac{\eta}{\sqrt{v_t}+\epsilon} m_t$                              （11）

where, m_t, v_t- First and second-moment estimates, g_t- Gradient at time t, θ_t- Model parameters at time t, η- Learning rate, β₁, β₂- Exponential decay rates, ϵ- Small constant for stability.

So by combining both the XGBoost and deep learning we built a DeepXG model which classifies and detects the types of attacks with an accuracy of 99.90 and algorithm of the DeepXG model is given below.

3.3.4 Algorithm

• Step 1: Data cleaning is applied to the input data.
• Step 2: Convert all columns with categorical values to numerical values.
• Step 3: Normalize the dataset using Min-Max scaling and encode the labels.
• Step 4: Divide the dataset into testing and training data.
• Step 5: Train the XGBoost model.
• Step 6: Extract features from the XGBoost model.
• Step 7: Define the deep learning model using TensorFlow, compile and train the deep learning model.
• Step 8: Evaluate the model of deep learning on the test data.

Cyber-attacks in our study are classified based on specific characteristics such as unusual message patterns, timing anomalies, and payload inconsistencies. Each attack type was defined with clear operational criteria, and data were labeled accordingly. For instance, spoofing attacks were identified by their deviation from expected message identifiers, while flooding attacks were detected by their high message frequency. This detailed operationalization ensures the validity and reliability of our attack detection methods as shown in Figure 2.

2.png

Figure 2. Representation of DeepXG model working

Performance Evaluation Metrics: For the safety and dependability of self-driving systems, it is imperative to evaluate the performance of intrusion detection systems (IDS) in autonomous vehicles. In this part, we outline the evaluation measures that were utilized to measure the execution of our suggested IDS approach in comparison to three cutting-edge algorithms.

(AUC-ROC) Area under the Receiver Operating Characteristic Curve, F1 Score, Specificity, Recall, Precision and Accuracy are some of the evaluation criteria used in our study. Each statistic provides unique insights into the IDS's performance and helps identify its advantages and disadvantages in terms of detecting intrusions.

• Accuracy: The section of correctly classified instances (TP and TN) out of the total number of instances.
• Precision: The section of TP among the instances expected as positive (measures the system's ability to avoid false positives).
• Recall (True Positive Rate or Sensitivity): The section of TP correctly recognised by the system out of all positive instances actually.
• F1 Score: The harmonic mean of recall and precision, provide a steady evaluation of the system's execution.
• True Negative Rate (Specificity): The proportion of TN correctly identified by the system out of all negative instances actually.
• AUC-ROC stands for Area Under the Receiver Operating Characteristic Curve: A graphical representation of the classifier's performance, especially useful for imbalanced datasets.

Accuracy $=\frac{(\mathrm{TP}+\mathrm{TN})}{\mathrm{T}}$

Precision $=\frac{T P}{T P+F P}$

$R=\frac{T P}{T P+F N}$

F1 Score $=\frac{2 \times P \times R}{P+R}$

$\begin{aligned} \text { AUC-ROC } & =\int_{-\infty}^{\infty} \text { Sensitivity }(\mathrm{R}) \times\text { Specificity } d \text { False Positive Rate }\end{aligned}$

where, P = precision, R = Recall, TP = True Positive, FP = False Positive, TN = True Negative, FN = False Negative, T = Total Number of Samples.

We addressed the essential issue of autonomous vehicles regarding cyber security in this study by creating DeepXG, a hybrid XGBoost-deep learning technique for intrusion detection in the CAN system. To achieve extraordinary accuracy in intrusion detection, we combine the capability of XGBoost's feature extraction with deep learning's representation learning capabilities. DeepXG displayed amazing performance in classifying network intrusions through rigorous tests and evaluation utilizing the real-time CAN traffic dataset, obtaining an accuracy of 99.90%. The XGBoost feature relevance score enabled us to identify critical features and reduce computational complexity, making our model efficient and scalable. Our DeepXG algorithm beats multiple existing intrusion detection methods, making it an important influence to the field of cyber security in autonomous vehicle. DeepXG can improve the reliability and safety of autonomous vehicles on the street by successfully identifying and blocking cyber breaches in the CAN bus. Looking ahead, we feel DeepXG has a lot of potential for additional research and real-world application in autonomous car systems. We intend to integrate DeepXG into vehicle cyber security frameworks as technology progresses, thereby helping to the mainstream deployment of safe and secure autonomous vehicles.