Search Results (130)

The Controller Area Network (CAN) facilitates efficient communication among vehicle components. While it ensures fast and reliable data transmission, its lightweight design makes it susceptible to data manipulation in the absence of security layers. To address these vulnerabilities, machine learning (ML)-based intrusion detection systems (IDS) have been developed and shown to be effective in identifying anomalous CAN traffic. However, these models often function as black boxes, offering limited transparency into their decision-making processes, which hinders trust in safety-critical environments. To overcome these limitations, this paper proposes a novel method that combines Local Interpretable Model-agnostic Explanations (LIME) with a vision-language model (VLM) to generate detailed textual interpretations of an ML-based CAN IDS. This integration mitigates the challenges of visual-only explanations in traditional XAI and enhances the intuitiveness of IDS outputs. By leveraging the multimodal reasoning capabilities of VLMs, the proposed method bridges the gap between visual and textual interpretability. The method supports both global and local explanations by analyzing feature importance with LIME and translating results into human-readable narratives via VLM. Experiments using a publicly available CAN intrusion detection dataset demonstrate that the proposed method provides coherent, text-based explanations, thereby improving interpretability and end-user trust. Full article

With the rapid evolution toward autonomous vehicles, securing in-vehicle communications is more critical than ever. The widely used Controller Area Network (CAN) protocol lacks built-in security, leaving vehicles vulnerable to cyberattacks. Although machine learning-based Intrusion Detection Systems (IDSs) can achieve high detection accuracy, their heavy computational and power demands often limit real-world deployment. In this paper, we present an optimised IDS based on a Binarised Neural Network (BNN) that employs network pruning to eliminate redundant parameters, achieving up to a 91.07% reduction with only a 0.1% accuracy loss. The proposed approach incorporates a two-stage Coarse-to-Fine (C2F) framework, efficiently filtering normal traffic in the initial stage to minimise unnecessary processing. To assess its practical feasibility, we implement and compare the pruned IDS across CPU, GPU, and FPGA platforms. The experimental results indicate that, with the same model structure, the FPGA-based solution outperforms GPU and CPU implementations by up to 3.7× and 2.4× in speed, while achieving up to 7.4× and 3.8× greater energy efficiency, respectively. Among cutting-edge BNN-based IDSs, our ultra-lightweight FPGA-based C2F approach achieves the fastest average inference speed, showing a 3.3× to 12× improvement, while also outperforming them in accuracy and average F1 score, highlighting its potential for low-power, high-performance vehicle security. Full article

The transportation of wind turbine blades in remote wind farm areas poses significant safety risks to both personnel and infrastructure. These risks arise from collision hazards, complex terrain, and the difficulty of real-time monitoring under adverse environmental conditions. To address these challenges, this study proposes an intelligent safety monitoring framework that combines machine vision with edge–cloud collaboration. The framework employs an optimized YOLOv7-Tiny model. It is enhanced with convolutional block attention modules (CBAMs) for feature refinement, CARAFE upsampling for better contextual detail, and bidirectional feature pyramid networks (BiFPNs) for multi-scale object detection. The system was validated at the Lingbi Wind Farm in China. It achieved over 95% precision in detecting safety violations, such as unauthorized vehicle intrusions and personnel proximity violations within 2 m, while operating at 48 frames per second. The edge–cloud architecture reduces latency by 30% compared to centralized systems. It enables alert generation within 150 milliseconds. Dynamic risk heatmaps derived from real-time data help reduce collision probability by 42% in high-risk zones. Enhanced spatial resolution further minimizes false alarms in mountainous areas with poor signal conditions. Overall, these improvements reduce operational downtime by 25% and lower maintenance costs by 18% through proactive hazard mitigation. The proposed framework provides a scalable and energy-efficient solution for safety enhancement in renewable energy logistics. It balances computational performance with flexible deployment and addresses key gaps in intelligent monitoring for large-scale wind energy projects. This work offers valuable insights for sustainable infrastructure management. Full article

The dependency of Unmanned Aerial Vehicles (UAVs), also known as drones, on off-board data, such as control and position data, makes them highly susceptible to serious safety and security threats, including data interceptions, Global Positioning System (GPS) jamming, and spoofing attacks. This indeed necessitates the existence of an Intrusion Detection System (IDS) in place to detect potential security threats/intrusions promptly. Recently, machine-learning-based IDSs have gained popularity due to their high performance in detecting known as well as novel cyber-attacks. However, the time and computation efficiencies of ML-based IDSs still present a challenge in the UAV domain. Therefore, this paper proposes a hybrid Recursive Feature Elimination (RFE) technique based on feature importance ranking along with a Spearman Correlation Analysis (SCA). This technique is built on ensemble learning approaches, namely, bagging, boosting, stacking, and voting classifiers, to efficiently detect GPS spoofing attacks. Two benchmark datasets are employed: the GPS spoofing dataset and the UAV location GPS spoofing dataset. The results show that our proposed ensemble models achieved a notable balance between efficacy and efficiency, showing that the bagging classifier achieved the highest accuracy rate of 99.50%. At the same time, the Decision Tree (DT) and the bagging classifiers achieved the lowest processing time of 0.003 s and 0.029 s, respectively, using the GPS spoofing dataset. For the UAV location GPS spoofing dataset, the bagging classifier emerged as the top performer, achieving 99.16% accuracy and 0.002 s processing time compared to other well-known ML models. In addition, the experimental results show that our proposed methodology (RFE) outperformed other well-known ML models built on conventional feature selection techniques for detecting GPS spoofing attacks, such as mutual information gain, correlation matrices, and the chi-square test. Full article

The Internet of Vehicles (IoV) presents complex cybersecurity challenges, particularly against Denial-of-Service (DoS) and spoofing attacks targeting the Controller Area Network (CAN) bus. This study leverages the CICIoV2024 dataset, comprising six distinct classes of benign traffic and various types of attacks, to evaluate advanced machine learning techniques for instrusion detection systems (IDS). The models XGBoost, Random Forest, AdaBoost, Extra Trees, Logistic Regression, and Deep Neural Network were tested under realistic, imbalanced data conditions, ensuring that the evaluation reflects real-world scenarios where benign traffic dominates. Using hyperparameter optimization with Optuna, we achieved significant improvements in detection accuracy and robustness. Ensemble methods such as XGBoost and Random Forest consistently demonstrated superior performance, achieving perfect accuracy and macro-average F1-scores, even when detecting minority attack classes, in contrast to previous results for the CICIoV2024 dataset. The integration of optimized hyperparameter tuning and a broader methodological scope culminated in an IDS framework capable of addressing diverse attack scenarios with exceptional precision. Full article

Introduction: Ensuring vehicular cybersecurity is a critical challenge due to the increasing connectivity of modern vehicles, and traditional centralised learning approaches for intrusion detection pose significant privacy risks, as they require sensitive data to be shared from multiple vehicles to a central server. Objective: The aim of this study is therefore to develop an in-vehicle intrusion detection system (IVIDS) that integrates federated learning (FL) with neural networks, enabling decentralised and privacy-preserving detection of cyberattacks in vehicular networks. The proposed system extends previous research by detecting a broader range of attacks (eight types) and exploring different deep learning architectures. Methods: This study employs an extended version of the publicly available VeReMi dataset to train and evaluate multiple neural network architectures, including Multilayer Perceptrons (MLPs), Gated Recurrent Units (GRUs), and Long Short-Term Memory (LSTM) networks. Federated learning is utilised to enable collaborative model training across multiple vehicles without sharing raw data. Various data preprocessing techniques and differential privacy mechanisms are also explored. Results and Conclusions: The experimental results demonstrate that LSTM networks outperform both MLP and GRU architectures in classifying vehicular cyberattacks. The best LSTM model, trained with two previous message lags and standard normalisation, achieved a classification accuracy of 96.75% in detecting eight types of attacks, surpassing previous studies, and demonstrating the potential of applying neural networks designed to work with time series data. Full article

With the increasing demand for efficient deep learning models in resource-constrained environments, Binary Neural Networks (BNNs) have emerged as a promising solution due to their ability to significantly reduce computational complexity while maintaining accuracy. Their integration into embedded and edge computing systems is essential for enabling real-time AI applications in areas such as autonomous systems, industrial automation, and intelligent security. Deploying BNN on FPGA using RISC-V, rather than directly deploying the model on FPGA, sacrifices detection speed but, in general, reduces power consumption and on-chip resource usage. The AI-extended RISC-V core is capable of handling tasks beyond BNN inference, providing greater flexibility. This work utilises the lightweight Zero-Riscy core to deploy a BNN on FPGA. Three custom instructions are proposed for convolution, pooling, and fully connected layers, integrating XNOR, POPCOUNT, and threshold operations. This reduces the number of instructions required per task, thereby decreasing the frequency of interactions between Zero-Riscy and the instruction memory. The proposed solution is evaluated on two case studies: MNIST dataset classification and an intrusion detection system (IDS) for in-vehicle networks. The results show that for MNIST inference, the hardware resources required are only 9% of those used by state-of-the-art solutions, though with a slight reduction in speed. For IDS-based inference, power consumption is reduced to just 13% of the original, while resource usage is only 20% of the original. Although some speed is sacrificed, the system still meets real-time monitoring requirements. Full article

Electric vehicle (EV) charging systems are now integral to smart grids, increasing the need for robust and scalable cyberattack detection. This study presents an online intrusion detection system that leverages an Adaptive Random Forest classifier with Adaptive Windowing drift detection to identify real-time and evolving threats in EV charging infrastructures. The system is evaluated using real-world network traffic from the CICEVSE2024 dataset, ensuring practical applicability. For binary intrusion detection, the model achieves 0.9913 accuracy, 0.9999 precision, 0.9914 recall, and an F1-score of 0.9956, demonstrating highly accurate threat detection. It effectively manages concept drift, maintaining an average accuracy of 0.99 during drift events. In multiclass detection, the system attains 0.9840 accuracy, precision, and recall, with an F1-score of 0.9831 and an average drift event accuracy of 0.96. The system is computationally efficient, processing each instance in just 0.0037 s, making it well-suited for real-time deployment. These results confirm that online machine learning methods can effectively secure EV charging infrastructures. The source code is publicly available on GitHub, ensuring reproducibility and fostering further research. This study provides a scalable and efficient cybersecurity solution for protecting EV charging networks from evolving threats. Full article

Increasing adoption of electric vehicles (EVs) and the expansion of EV charging infrastructure present opportunities for enhancing sustainable transportation within smart cities. However, the interconnected nature of EV charging stations (EVCSs) exposes this infrastructure to various cyber threats, including false data injection, man-in-the-middle attacks, malware intrusions, and denial of service attacks. Financial attacks, such as false billing and theft of credit card information, also pose significant risks to EV users. In this work, we propose a Hyperledger Fabric-based blockchain network for EVCSs to mitigate these risks. The proposed blockchain network utilizes smart contracts to manage key processes such as authentication, charging session management, and payment verification in a secure and decentralized manner. By detecting and mitigating malicious data tampering or unauthorized access, the blockchain system enhances the resilience of EVCS networks. A comparative analysis of pre- and post-implementation of the proposed blockchain network demonstrates how it thwarts current cyberattacks in the EVCS infrastructure. Our analyses include performance metrics using the benchmark Hyperledger Caliper test, which shows the proposed solution’s low latency for real-time operations and scalability to accommodate the growth of EV infrastructure. Deployment of this blockchain-enhanced security mechanism will increase user trust and reliability in EVCS systems. Full article

This paper presents an Application-Specific Integrated Circuit (ASIC) implementation and Field-Programmable Gate Array (FPGA) verification of a Convolutional Neural Network (CNN)-based Intrusion Detection System (IDS) designed to enhance the security of an in-vehicle Controller Area Network (CAN) BUS and detect malicious messages. The CNN model employs a lightweight architecture with a single convolution layer using a 2 × 2 kernel and integrates a filter algorithm optimized for Fuzzy and Spoofing attacks to improve the performance. The IDS is implemented on an Electronic Control Unit platform powered by an ARM Cortex-M3 core and uses SRAM to store the parameters utilized by the CNN model and filter algorithm, targeting ASIC implementation with TSMC 180 nm technology. Functional verification was conducted by configuring a simplified CAN bus environment using the Xilinx Nexys Video FPGA and PEAK-System PCAN-USB, which was validated in real-time against DoS, Spoofing, and Fuzzy attack scenarios. The proposed lightweight CNN-based IDS achieved a fast detection speed of 0.0233 ms and an average accuracy of 99.6879%, thereby demonstrating its potential to enhance the security of in-vehicle CAN BUS. Full article

Intrusion detection systems face significant challenges, including the inability to detect unknown threats and imbalances between normal and anomalous traffic. To address these limitations, we propose a semi-supervised intrusion detection algorithm based on GAN with a Transformer backbone for network security in IoT devices. To address the issue of imbalanced normal and anomalous traffic due to the diversity of network behavior and the difficulty that supervised algorithms experience in detecting unknown intrusions, we use only normal traffic as training data. By integrating the self-attention mechanism of Transformers, we leverage their ability to capture long-range dependencies in sequential data, enhancing the core capability of the GAN. The experimental results show that our algorithm achieves an F1-score of 95.2% and a false omission rate (FOR) of 10.7% on the CIC-IDS2017 dataset. On the Kitsune dataset, it attains an F1-score of 83.2% and a FOR of 15.8%. In real-world applications, when the algorithm was deployed on actual vehicle devices, it maintained strong performance with a FOR of 13%, further validating the practical applicability and value of the algorithm. Full article

The rapid integration of connected technologies in modern vehicles has introduced significant cybersecurity challenges, particularly in securing critical systems against advanced threats such as IP spoofing and rule manipulation. This study investigates the application of CHERI (Capability Hardware Enhanced RISC Instructions) to enhance the security of Intrusion Detection Systems (IDSs) in automotive networks. By leveraging CHERI’s fine-grained memory protection and capability-based access control, the IDS ensures the robust protection of rule configurations against unauthorized access and manipulation. Experimental results demonstrate a 100% detection rate for spoofed IP packets and unauthorized rule modification attempts. The CHERI-enabled IDS framework achieves latency well within the acceptable limits defined by automotive standards for real-time applications, ensuring it remains suitable for safety-critical operations. The implementation on the ARM Morello board highlights CHERI’s practical applicability and low-latency performance in real-world automotive scenarios. This research underscores the potential of hardware-enforced memory safety in mitigating complex cyber threats and provides a scalable solution for securing increasingly connected and autonomous vehicles. Future work will focus on optimizing CHERI for resource-constrained environments and expanding its applications to broader automotive security use cases. Full article

The evolution of Electrical and Electronic (E/E) architectures in the automotive industry has been a significant factor in the transformation of vehicles from traditional mechanical systems to sophisticated, software-defined machines. With increasing vehicle connectivity and the growing threats from cyberattacks that could compromise safety and violate user privacy, the incorporation of cybersecurity into the automotive development process is becoming imperative. As vehicles evolve into sophisticated interconnected systems, understanding their vulnerabilities becomes essential to improve cybersecurity. This paper also discusses the role of evolving standards and regulations, such as ISO 26262 and ISO/SAE 21434, in ensuring both the safety and cybersecurity of modern vehicles. This paper offers a comprehensive review of the current challenges in automotive cybersecurity, with a focus on the vulnerabilities of the Controller Area Network (CAN) protocol. Additionally, we explore state-of-the-art countermeasures, focusing on Intrusion Detection Systems (IDSs), which are increasingly leveraging artificial intelligence and machine learning techniques to detect anomalies and prevent attacks in real time. Through an analysis of publicly available CAN datasets, we evaluate the effectiveness of IDS frameworks in mitigating these threats. Full article

Discretely monitoring traffic systems and tracking payloads on vehicle targets can be challenging when traversal occurs off main roads where overhead traffic cameras are not present. This work proposes a portable roadside vehicle detection system as part of a solution for tracking traffic along any path. Training semantic segmentation networks to automatically detect specific types of vehicles while ignoring others will allow the user to track payloads present only on certain vehicles of interest, such as train cars or semi-trucks. Different vision sensors offer varying advantages for detecting targets in changing environments and weather conditions. To analyze the benefits of both, corresponding LiDAR and camera data were collected at multiple roadside sites and then trained on separate semantic segmentation networks for object detection. A custom CNN architecture was built to handle highly asymmetric LiDAR data, and a network inspired by DeepLabV3+ was used for camera data. The performance of both networks was evaluated, and showed comparable accuracy. Inferences run on embedded platforms showed real-time execution matching the performance on the training hardware for edge deployments anywhere. Both camera and LiDAR semantic segmentation networks were successful in identifying vehicles of interest from the proposed viewpoint. These highly accurate vehicle detection networks can pair with a tracking mechanism to establish a non-intrusive roadside detection system. Full article

Recent improvements in self-driving and connected cars promise to enhance traffic safety by reducing risks and accidents. However, security concerns limit their acceptance. These vehicles, interconnected with infrastructure and other cars, are vulnerable to cyberattacks, which could lead to severe costs, including physical injury or death. In this article, we propose a framework for an intrusion detection system to protect internal vehicle communications from potential attacks and ensure secure sent/transferred data. In the proposed system, real auto-network datasets with Spoofing, DoS, and Fuzzy attacks are used. To accurately distinguish between benign and malicious messages, this study employed seven distinct supervised machine-learning algorithms for data classification. The selected algorithms encompassed Decision Trees, Random Forests, Naive Bayes, Logistic Regression, XG Boost, LightGBM, and Multi-layer Perceptrons. The proposed detection system performed well on large real-car hacking datasets. We achieved high accuracy in identifying diverse electronic intrusions across the complex internal networks of connected and autonomous vehicles. Random Forest and LightGBM outperformed the other algorithms examined. Random Forest outperformed the other algorithms in the merged dataset trial, with 99.9% accuracy and the lowest computing cost. The LightGBM algorithm, on the other hand, performed admirably in the domain of binary classification, obtaining the same remarkable 99.9% accuracy with no computing overhead. Full article