TY - JOUR
T1 - Statistical Detection of Adversarial examples in Blockchain-based Federated Forest In-vehicle Network Intrusion Detection Systems
AU - Aliyu, Ibrahim
AU - Van Engelenburg, Selinde
AU - Mu'azu, Muhammed Bashir
AU - Kim, Jinsul
AU - Lim, Chang Gyoon
PY - 2022
Y1 - 2022
N2 - The internet-of-Vehicle (IoV) can facilitate seamless connectivity between connected vehicles (CV), autonomous vehicles (AV), and other IoV entities. Intrusion Detection Systems (IDSs) for IoV networks can rely on machine learning (ML) to protect the in-vehicle network from cyber-attacks. Blockchain-based Federated Forests (BFFs) could be used to train ML models based on data from IoV entities while protecting the confidentiality of the data and reducing the risks of tampering with the data. However, ML models are still vulnerable to evasion, poisoning and exploratory attacks by adversarial examples. The BFF-IDS offers partial defence against poisoning but has no measure for evasion attacks, the most common attack/threat faced by ML models. Besides, the impact of adversarial examples transferability in CAN IDS has largely remained untested. This paper investigates the impact of various possible adversarial examples on the BFF-IDS. We also investigated the statistical adversarial detector's effectiveness and resilience in detecting the attacks and subsequent countermeasures by augmenting the model with detected samples. Our investigation results established that BFF-IDS is very vulnerable to adversarial examples attacks. The statistical adversarial detector and the subsequent BFF-IDS augmentation (BFF-IDS(AUG)) provide an effective mechanism against the adversarial examples. Consequently, integrating the statistical adversarial detector and the subsequent BFF-IDS augmentation with the detected adversarial samples provides a sustainable security framework against adversarial examples and other unknown attacks.
AB - The internet-of-Vehicle (IoV) can facilitate seamless connectivity between connected vehicles (CV), autonomous vehicles (AV), and other IoV entities. Intrusion Detection Systems (IDSs) for IoV networks can rely on machine learning (ML) to protect the in-vehicle network from cyber-attacks. Blockchain-based Federated Forests (BFFs) could be used to train ML models based on data from IoV entities while protecting the confidentiality of the data and reducing the risks of tampering with the data. However, ML models are still vulnerable to evasion, poisoning and exploratory attacks by adversarial examples. The BFF-IDS offers partial defence against poisoning but has no measure for evasion attacks, the most common attack/threat faced by ML models. Besides, the impact of adversarial examples transferability in CAN IDS has largely remained untested. This paper investigates the impact of various possible adversarial examples on the BFF-IDS. We also investigated the statistical adversarial detector's effectiveness and resilience in detecting the attacks and subsequent countermeasures by augmenting the model with detected samples. Our investigation results established that BFF-IDS is very vulnerable to adversarial examples attacks. The statistical adversarial detector and the subsequent BFF-IDS augmentation (BFF-IDS(AUG)) provide an effective mechanism against the adversarial examples. Consequently, integrating the statistical adversarial detector and the subsequent BFF-IDS augmentation with the detected adversarial samples provides a sustainable security framework against adversarial examples and other unknown attacks.
KW - Adversarial examples
KW - Artificial Intelligent (AI)
KW - Blockchain
KW - Controller Area Network (CAN)
KW - Federated Learning
KW - Intrusion detection system (IDS)
UR - http://www.scopus.com/inward/record.url?scp=85139859889&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2022.3212412
DO - 10.1109/ACCESS.2022.3212412
M3 - Article
AN - SCOPUS:85139859889
SN - 2169-3536
VL - 10
SP - 109366
EP - 109384
JO - IEEE Access
JF - IEEE Access
ER -