AI-Driven Intrusion Detection and Cyber-Attack Forecasting in Smart Cars

Resumo

Smart vehicles function as cyber–physical systems in which numerous Electronic Control Units (ECUs) exchange time-critical messages over in-vehicle networks such as CAN, CAN-FD, and Automotive Ethernet. Although these networks support advanced driving and safety functions, their limited native security exposes vehicles to spoofing, replay, flooding, and coordinated cyberattacks that can propagate across subsystems. Most existing intrusion detection systems focus on isolated anomaly detection and provide limited insight into how attacks evolve and spread through the vehicle network.

This paper presents a unified cyber-defense framework that integrates deep learning–based intrusion detection with graph-theoretic attack propagation analysis and optimization-driven defensive placement. Temporal deviations in ECU communication are detected using an LSTM-based forecasting model, while structural anomalies are captured through autoencoder reconstruction error and interpretable ARIMA residuals. The in-vehicle network is modeled as a directed weighted graph to analyze adversarial flow and identify minimal-effort attack paths. An integer programming formulation determines optimal IDS placement under hardware constraints, and a Genetic Algorithm optimizes detection parameters to balance accuracy, latency, and resource usage. Evaluation on a benchmark CAN-bus dataset demonstrates high detection performance with low latency while providing interpretable insights into attack propagation, supporting practical deployment in smart vehicles.