A hybrid deep learning and residual connection-based architecture for intrusion detection in autonomous vehicles

The emergence of Autonomous and Connected Autonomous Vehicles (CAVs) has transformed the automotive landscape drastically over the past few years by offering enhanced features in the vehicles for drivers’ safety and convenience. These developments have introduced various features in AVs i.e., lane-keeping, cruise control, etc. These features are mainly powered by the Electronic Control Units (ECUs) that communicate using the Controller Area Network (CAN) bus protocol. The components in the AVs communicate with each other by sending and receiving messages via the CAN bus. However, despite increased connectivity, these vehicles have become vulnerable to cyber attacks, as malicious actors can exploit the CAN protocol to manipulate vehicle behavior, which can not only threaten the safety of the passengers but public as well. Hence, several Intrusion Detection Systems (IDS) have been proposed, however, these systems struggle with computational complexity, limited effectiveness against sophisticated attack types, and a lack of interpretability and transparency of detection mechanisms. To address challenges in the existing systems, this paper presents a novel hybrid Deep Learning (DL)-based IDS using DL components such as Convolutional layer and Long Short-Term Memory (LSTM) layers to capture complex patterns in the CAN messages. The proposed IDS uses a residual connection to enhance gradient flow and training stability. The system is evaluated on four common attack types, namely RPM Spoofing, Gear Spoofing, Fuzzy, and Denial of Service (DoS), achieving a detection accuracy of 99.99%. Finally, the outcomes of the proposed IDS are visually interpreted using the Explainable AI (XAI) technique called Local Interpretable Model-agnostic Explanations (LIME) to provide transparency into the model’s decision-making process, thus increasing trust in the system’s deployment in real-world AV environments.