Anomaly detection is a vibrant research direction in controller area networks,which provides the fundamental real-time data transmission underpinning in-vehicle data interaction for the internet of vehicles.However,ex...Anomaly detection is a vibrant research direction in controller area networks,which provides the fundamental real-time data transmission underpinning in-vehicle data interaction for the internet of vehicles.However,existing unsupervised learning methods suffer from insufficient temporal and spatial constraints on shallow features,resulting in fragmented feature representations that compromise model stability and accuracy.To improve the extraction of valuable features,this paper investigates the influence of clustering constraints on shallow feature convergence paths at the model level and further proposes an end-to-end intrusion detection system based on efficient deep embedded subspace clustering(EDESC-IDS).Following the standard learning approach,continuous messages are encoded into two-dimensional data frames via a frame builder,which are then input into an extended convolutional autoencoder for extracting shallow features from high-dimensional data.On this basis,the dual constraints of these output features and the embedding clustering module facilitate end-to-end training of the EDESC-IDS in various attack scenarios.Extensive experimental results show that such a system exhibits significant detection performance on four types of attack datasets,including DoS,Gear,Fuzzy,and RPM,with precision,recall,and F1 scores consistently above 97.79%,while maintaining a false negative rate(FNR)and an error rate(ER)below 2.22%.展开更多
基金supported by the National Natural Science Foundation of China(Grant No.62172292).
文摘Anomaly detection is a vibrant research direction in controller area networks,which provides the fundamental real-time data transmission underpinning in-vehicle data interaction for the internet of vehicles.However,existing unsupervised learning methods suffer from insufficient temporal and spatial constraints on shallow features,resulting in fragmented feature representations that compromise model stability and accuracy.To improve the extraction of valuable features,this paper investigates the influence of clustering constraints on shallow feature convergence paths at the model level and further proposes an end-to-end intrusion detection system based on efficient deep embedded subspace clustering(EDESC-IDS).Following the standard learning approach,continuous messages are encoded into two-dimensional data frames via a frame builder,which are then input into an extended convolutional autoencoder for extracting shallow features from high-dimensional data.On this basis,the dual constraints of these output features and the embedding clustering module facilitate end-to-end training of the EDESC-IDS in various attack scenarios.Extensive experimental results show that such a system exhibits significant detection performance on four types of attack datasets,including DoS,Gear,Fuzzy,and RPM,with precision,recall,and F1 scores consistently above 97.79%,while maintaining a false negative rate(FNR)and an error rate(ER)below 2.22%.
