Metaheuristic optimized complex-valued dilated recurrent neural network for attack detection in internet of vehicular communications

Automated model of attack detection in Internet of Vehicles: system view and dataset description

The IoV marks a transformative blend of vehicle networks, the IoT and the broader Internet, paving the way for smart communication among diverse networks and vehicles (Ullah et al., 2022). This fusion aims to enhance the driving experience by offering a plethora of services to drivers and passengers alike. At the heart of this ecosystem are vehicles equipped with on-board units (OBUs), leveraging data from various integrated sensors, like radar, GPS and cameras to aid in decision-making processes. These sensors can identify potential collision threats with bicycles or pedestrians and issue warnings to promote safer driving practices. IoV is underpinned by various forms of networking, each playing a unique role within this interconnected architecture. Vehicle-to-Vehicle (V2V) communication enables cars to wirelessly exchange information, keeping each other informed about their positions and movements. This mutual exchange aims to diminish accident rates by alerting drivers or autonomous vehicles of potential hazards, urging preemptive measures. Vehicle-to-Infrastructure (V2I) communication, on the other hand, establishes a two-way link between vehicles and the surrounding infrastructure. This connection provides drivers access to essential road information through Vehicular Edge Computing (VEC) infrastructure like road-side units (RSUs) and base stations (BSs), enhancing the driving experience tailored to their journey. Furthermore, the VEC network assists OBUs by offloading computational tasks from the vehicles, particularly valuable when vehicle resources are constrained. This infrastructure processes the tasks and relays the insights back to the vehicles, aiding in decision-making and operational efficiency. Infrastructure-to-Infrastructure (I2I) communication facilitates the exchange of data and computational tasks between infrastructure elements such as BSs, RSUs, Fog servers, and Cloud servers, working in concert to optimize the overall performance of the IoV ecosystem. In essence, the IoV ecosystem utilizes these communication networks to foster a more interconnected, safe, and efficient transportation landscape. IoV aspires to revolutionize traffic management, navigation and road safety through enabling intelligent interactions between vehicles and their surrounding infrastructure. Figure 1 shows the structural view of IoV’s system model.

In the proposed framework, the initial stage involves the collection of relevant data. In this instance, five datasets are employed to gather the information depicted in Table 2.

Consequently, relevant data associated with the model presented as $R{T}_x$, where $x=1,2,\cdots ,X$, the word $X$ encompassing all the information collected through the dataset.

The integration of the IoT with vehicular networks has given rise to the IoV, a cutting-edge concept aimed at enhancing vehicular communication systems. IoV strives to achieve intelligent traffic management, enhance road safety and improve driving experiences. Attack detection methods play a crucial role in safeguarding the IoV ecosystem against potential cyber threats by continuously monitoring network traffic and vehicle behavior. These models facilitate real-time observation of IoV networks, enabling the swift detection and mitigation of potential threats, which is instrumental in preventing the escalation of security incidents. Effective attack detection models are vital in protecting manufacturers and suppliers from legal and financial repercussions by ensuring compliance with emerging automotive cybersecurity regulations and standards. However, the extensive data monitoring required for efficient attack detection may raise privacy concerns among users, potentially impacting their acceptance of connected vehicle technologies. Moreover, no detection model is infallible and may generate false positives, wrongly identifying harmless activity as malicious and false negatives, failing to recognize actual attacks. These inaccuracies can compromise the models’ effectiveness and efficiency. By implementing the recommended model to minimize these errors, the system’s overall efficiency can be significantly improved and also enhancing the security and reliability of the IoV ecosystem.

Figure 2 shows the brief structural view of deep learning based attack detection in IoV network. This research focuses on the development of a cutting-edge, deep learning-based model for detecting attacks within vehicular networks. By accurately identifying and mitigating potential cyber threats and attacks, this model seeks to safeguard the complex and increasingly vulnerable landscape of vehicular networks. A key component of our approach involves the implementation of the EEHLO method. This method is employed to optimally select the most relevant features from the vast amounts of collected data. This critical step is designed to boost the model’s efficiency and accuracy by homing in on the data that provides the most significant insights into potential security breaches. In response to the unique challenges presented by the IoV networks, propose the design and development of a CV-DRNN. The adoption of complex-valued neurons in the CV-DRNN model is poised to offer unparalleled performance advantages in capturing the subtle and complex patterns characteristic of cyber-attacks within these networks. To validate the efficacy and superiority of our proposed CV-DRNN model, conduct an exhaustive evaluation employing a comprehensive suite of metrics. This thorough assessment will not only benchmark the CV-DRNN model’s attack detection capabilities against those of conventional models but will also highlight its potential contributions to enhancing IoV network security.

Adaptive concept of EEHLO

The EEHLO technique utilizes the HLBO algorithm to fine-tune parameters, achieving superior optimization outcomes. HLBO excels at striking a balance between exploration, which involves venturing into new areas of the solution landscape and exploitation, which focuses on enhancing solutions within known territories. The hybrid aspect encourages exploration, while the structured hierarchy facilitates exploitation. This versatility allows HLBO to adapt effectively across diverse challenges by incorporating a variety of optimization approaches. Nonetheless, the complexity inherent in HLBO’s hybrid design might make it more challenging to implement and understand compared to simpler optimization methods. The performance of HLBO is influenced by its features, including the optimization techniques it integrates, necessitating precise calibration that demands expertise and may be time-consuming. To mitigate this limitation, the proposed method aims to reduce errors through strategic application.

Novelty: In the proposed EEHLO approach, after completing rounds of exploration and exploitation, it is advantageous to revisit the exploitation phase once more. This additional exploitation phase allows for further refinement of solutions within familiar regions of the solution space. By doing so, EEHLO can capitalize on the insights gained during exploration and employ them to fine-tune and optimize solutions even more effectively. The computational framework of the recommended EEHLO is outlined as follows:

In population-based methods, each individual in the population acts as a seeker within the problem-solving domain, representing a potential solution. The collective capability of the group to propose enhancements is augmented through the algorithmic processes and the exchange of information among its members. However, the method’s exploration of the global solution space can be hindered by the population update mechanism if it depends too heavily on certain members. This situation can lead the algorithm to prematurely converge on a local optimum, thereby obstructing its ability to discover the most optimal solution within the entirety of the search space.

Like other population-based approaches, the HLBO (Dehghani & Trojovsky, 2022) population can be accurately represented by a matrix, in line with Eq. (1).

(1) $$H={\left[\begin{array}{c}{h}_1\\ ⋮\\ h_a\\ ⋮\\ h_m\end{array}\right]}_{M\times n}={\left[\begin{array}{ccccc}{h}_{1a}& \cdots & h_{1b}& \cdots & h_{1n}\\ ⋮& \ddots & ⋮& ⋰& ⋮\\ h_{a1}& \cdots & h_{ab}& \cdots & h_{1n}\\ ⋮& ⋰& ⋮& \ddots & ⋮\dots \\ h_{M1}& \cdots & h_{Mb}& \cdots & h_{Mn}\end{array}\right]}_{M\times n}.$$

In this context, the term $h$ refers to the dimensions of the HLBO community, where $H$ represents the total number of variables involved in the problem, $h_a$ is the collective group of solutions, $h_{ab}$ is the rival solution’ indicates the competing alternative.

Given the constraints outlined in Eq. (2), the starting point for each member of the population is randomly assigned $h$, taking into account the various limitations.

(2) $$h_{a,b}=t{y}_b+S.({\phi }_b-{\delta }_b),b=1,2,...n.$$

Here, the term $S$ specifies the dimensions of the HLBO, where $.n$ signifies the amount of problem. Given the constraints outlined in Eq. (2), the initial position of every population is randomly determined.

The population $h$ denoted by Eq. (3), forms the basis for assessing the objective function of the problem relative to each candidate solution.

(3) $$L={\left[\begin{array}{c}{L}_1\\ ⋮\\ L_a\\ ⋮\\ L_M\end{array}\right]}_{M\times 1}={\left[\begin{array}{c}L(h_1)\\ ⋮\\ L(h_a)\\ ⋮\\ L(h_M)\end{array}\right]}_{M\times 1}.$$

The variable $L$ represents the objective function; the term $L_a$ is a measure of the performance of the $a_{th}$ solution of candidate in achieving the goal.

Exploration phase: To determine the extent to which each aforementioned component contributes to shaping the hybrid leader, it’s necessary to evaluate how effectively these contributions support the operation of the goal. To assess the effectiveness of each member in the sample in offering a potential response, use Eq. (4).

(4) $$T_a={\displaystyle \frac{L_a-L_w}{\sum (L_a-L_w)}a\in (1,2,.....N).}$$

Once the participation rates have been determined, the hybrid leader for each member of the sample is generated according to Eq. (5).

(5) $$W{E}_a=Q{W}_a.H_a+H{V}_b.H_b+W{E}_a.H_f.$$

The corresponding component will move to the new position if the value of the objective function exceeds that of its previous state; otherwise, it will stay in its original position. This requirement for an update is modeled by Eq. (6).

(6) $$H_{a,b}=\{\begin{array}{ll}{c}_a^{new,p1}& L_1^{new,p1}<L_i\\ c_a& else\end{array}.$$

Here, the phrase $c_a^{new,p1}$ pertains to the new position and function $L_1^{new,p1}$ is the population in the $a_{th}$ iteration, as determined by the objectives established by the hybrid leader.

Exploitation phase (two times): In the HLBO framework, individuals within the algorithm’s ecosystem have the ability to conduct targeted searches in their immediate vicinity for superior solutions, a process known as exploitation. This is facilitated by assigning each member of the population a neighborhood space where they can engage in local search activities to identify positions that yield higher objective function values.

The local search process, aimed at enhancing the algorithm’s exploitation capabilities, is modeled using Eq. (7). Should the position identified through this process result in an improved objective function value, as indicated by Eq. (8), it is deemed suitable.

(7) $$c_a^{new,p1}=c_{a,b}+(1-2s)P.\left(1-{\displaystyle \frac{1}{J}}\right)$$

(8) $$H_{a,b}=\{\begin{array}{ll}{c}_a^{new,p2}& L_1^{new,p2}<L_i\\ c_a& else\end{array}.$$

Here, the phrase $c_a^{new,p2}$ pertains to the new position and function $L_1^{new,p2}$ is the population in the $a_{th}$ iteration, as determined by the objectives established by the hybrid leader. Figure 3 shows the flowchart for suggested EEHLO approach.

EEHLO-based optimal features

In the context of the IoV, the phase that involves gathered data $R{T}_x$ as input significantly focuses on enhancing the performance of attack detection systems through optimal feature selection. Optimal feature selection is critical in boosting the efficacy of attack detection systems within the IoV. It is essential to identify and select features that are most indicative of malicious activities. This entails analyzing the data to effectively identify characteristics that are key to distinguishing between regular operations and potential security threats. Without optimal feature selection for attack detection in IoV, several challenges can negatively impact the detection models’ performance and efficiency. For instance, a model incorporating excessive features might overly fit the training data, mistaking random fluctuations for significant patterns. This phenomenon, known as overfitting, hinders the model’s capability to generalize its findings to new, unseen data, thereby diminishing its performance on novel inputs. To address these challenges, optimizing specific parameters such as the number of features extracted from raw data using the recommended EEHLO approach can improve the model’s relief score. The objective function of the proposed model can be formulated as depicted in Eq. (9).

(9) $$U{Y}_1=\underset{\left\{Fea\right\}}{\arg max}\left(Rf\right).$$

The parameter $Fea$ represents the optimally selected features following the earlier computation, with its range spanning from one to the whole number of features extracted from the raw data. This parameter $Rf$ value serves as a measure for evaluating the relief score. The mathematical expression for the relief score is presented in Eq. (10).

Relief score: This metric assesses the significance of each feature in distinguishing between categories within a dataset. It gauges a feature’s effectiveness in differentiating instances of a specific class from instances of other classes.

(10) $$\sum Rf=t_i-(l_i-E{R}_i)+(l_i-Y{U}_i).$$

The term $E{R}_i$ denoted the same class and $Y{U}_i$ specifies the various classes.

Attack detection in IoV using complex valued-assisted neural network Dilated RNN

The DRNN (Li et al., 2020) architecture operates within a recurrent framework, similar to how an expanded CNN functions. This model provides a straightforward yet effective solution, tackling multiple challenges simultaneously. It stands out for its incorporation of multi-resolution dilated recurrent connections that implement skipping, characterized by a multi-layered cell-independent structure. The key contributions of this research include:

Introducing an innovative dilated recurrent skip connection feature, addresses gradient issues and enhances the model’s ability to capture long-term temporal dependencies. This new design simplifies the model compared to traditional recurrent mechanisms and significantly boosts computational efficiency.

The construction of a DRNN incorporates various layers of dilated recurrent units with hierarchical expansions, enabling the model to train temporal relationships across different scales and depths more effectively. The introduction of a novel metric, the mean recurrent length, designed to assess the detection capability. This metric facilitates the comparison of efficiency between the enhanced models and previously developed recurrent skip connections. Additionally, the research validates the effectiveness of utilizing an exponentially increasing dilation rate across the network, proving it to be an optimal approach for the proposed architecture.

A depiction of a cell $a$ at a specific layer and time point $b$ is provided $Q_b^a$. The dilated skip connection formulation details are provided in Eq. (11).

(11) $$Q_b^a=E(A_b^a,Q_{b-c}^a).$$

This can be likened to the conventional skip connection, as demonstrated by the equation presented in Eq. (12).

(12) $$Q_b^a=E(A_b^a,Q_{b-c}^a,Q_{b-c(y)}^a).$$

The skip duration or layer dilation is denoted by $a$; the input at layer l at that time $a$ is represented by $Q_{b-c}^a$. The DRNN architecture incorporates dilated recurrent layers, as outlined in Eq. (13), to encapsulate complex data dependencies.

(13) $$Q_b^a=A_b^{a(p-1)},b=1,...B.$$

In this scenario, represents the initial dilation rate $A_b^{a(p-1)}$. The final layer incorporates a 1-by-1 convolution layer to compensate for the longer connections that are not captured. Figure 4 shows the architecture view of DRNN followed by the illustration of complex valued dynamic recurrent neural network as proposed in Figure 5.

Suggestive detection model as CV-DRNN

The CV-DRNN represents a cutting-edge approach in neural network design, particularly aimed at boosting cyber-attack detection within the IoV domain. The optimal selected feature $Fea$ is the input to CV-DRNN; this model evolves from the foundational concepts of DRNNs but innovates by incorporating complex numbers into its computations. Traditional DRNNs have been at the forefront of efforts to safeguard this ecosystem by analyzing the extensive data streams from vehicle sensors and communication systems. Despite their capabilities, conventional DRNNs often grapple with the intricate and dynamic nature of IoV data. This data complexity, characterized by its variability over time and across different vehicular systems, poses significant challenges in accurately modeling and predicting cyber-attack patterns. In response to these limitations, an innovative approach leveraging CV-DRNNs has been proposed. The CV-DRNN approach is designed to improve the detection and prediction of cyber threats within the IoV network.

Simulation setup

Python is a comprehensive environment for numerical computing, played a pivotal role in developing and to assess a proposed attack detection scheme within IoV networks. Additionally, the number of population, chromosomal length and the maximum iteration of the recommended model was 10,5,50. The efficacy of this attack detection approach was benchmarked against other renowned methods, with the findings detailed in subsequent sections. The comparison of results encompassed with both classical optimization techniques, such as the Dingo Optimizer (DO) (Bairwa, Joshi & Singh, 2021), Eurasian Oystercatcher Optimizer (EOO) (Idan, 2023), Tomtit Flock Metaheuristic Optimization Algorithm (TFMOA) (Panteleev & Kolessa, 2022) and HLBO (Dehghani & Trojovsky, 2022), and more contemporary approaches like Random Forest Network (RAN) (Chang, Li & Yang, 2017), LSTM (Ergen & Kozat, 2020), 1DCNN (Wang et al., 2020), recurrent neural network (RNN) (Ullah & Mahmoud, 2022).

Performance evaluation

The implemented attack detection in IoV network uses various metrics and it is given below

Accuracy: $Aa={\displaystyle \frac{kk+yy}{kk+yy+ss+ll}}$

Specificity: $SPE={\displaystyle \frac{kk}{kk+ss}}$

Positive Likelihood Ratio (PLHR): $PLHR={\displaystyle \frac{kk}{ll}}$

Bookmaker Informedness (BM): $BM=kk+yy-1$

Fowlkes–Mallows index (FM): $FM=\sqrt{kk\ast yy}$

Here, the “true positive and true negative” variables are noted as $kk\mathrm{a}\mathrm{n}\mathrm{d}yy$. The “false negative and false positive” variables are noted as $ss\mathrm{a}\mathrm{n}\mathrm{d}ll$.

Performance analysis on suggested model over different dataset

Figures 6–10 illustrate the performance of the proposed CV-DRNN-based attack detection in IoV networks using datasets 1 (Sharafaldin, Lashkari & Ghorbani, 2018), 2 (Tavallaee et al., 2009), 3 (Stolfo et al., 1999), 4 (Kang et al., 2021), and 5 (Moustafa & Slay, 2019), in comparison with classical classifiers. These figures demonstrate that the suggested network significantly surpasses standard classification methods. Accuracy analysis of the CV-DRNN-based classifier on dataset one revealed notable improvements over classical classifiers. At an epoch value of 400, the CV-DRNN model achieved superior performance, surpassing the RAN by 11.23%, the 1DCNN by 12.3%, the LSTM by 12.3%, and the RNN by 12.8%. This evidence confirms that the CV-DRNN model excels over conventional methods in attack detection for dataset 1. According to the findings, the CV-DRNN model markedly outperformed traditional models in efficiency rate, thus, underscoring the substantial performance advantage of the recommended CV-DRNN-based attack detection in IoV networks over traditional models.

Evaluation of real and complex valued neural network compared over classical classifier in dataset 1 to 5

Table 3 provides a thorough statistical analysis of multiple optimization algorithms which favoured in obtaining the convergence of the methods across multiple datasets 1, 2, 3, 4 and 5. This analysis is crucial in demonstrating the effectiveness of the EEHLO optimization model in feature selection. Notably, the results outlined reveal that CV-DRNNs outperform several established neural network architectures specifically, RAN, 1DCNN, LSTM and RNN. The superior accuracy metrics surpassing other models by 44%, 88.1%, 34.5% and 78%, respectively, this emphasize the significant enhancements these complex-valued models offer in handling data complexities, potentially transforming approaches in fields requiring precise predictive capabilities and data analysis. This comparative study not only highlights the advanced accuracy of CV-DRNNs but also marks a pivotal advancement in neural network research, promoting further exploration and adoption of complex-valued architectures in broader applications.

Figure 11 shows the reciever operating characteristics for all the five datasets taken up to consideration and Figure 12 shows the convergence of the optimization of EEHLO.