TY - JOUR
T1 - Context-Aware Intrusion Detection in Vehicular Communication Networks: Enhanced Attack Modeling and Dataset
AU - Khan, Muhammad Danish
AU - Ta, Vinh-Thong
AU - Rafiq, Husnain
AU - Nnamoko, Nonso
N1 - Publisher Copyright:
© 2025 The Author(s). Published with license by Taylor & Francis Group, LLC.
PY - 2025/9/19
Y1 - 2025/9/19
N2 - Vehicular Communication Networks (VCNs) are essential for autonomous vehicles and Intelligent Transportation Systems but face challenges in security vulnerabilities and data sparsity. Traditional attack models inadequately represent VCN dynamics, weakening threat detection, while existing datasets lack real-world mobility and spatiotemporal details. This study addresses these gaps by developing a comprehensive attack simulation framework, enhancing critical network attacks i.e. position spoofing, Sybil, and wormhole through realistic mobility patterns, positional dynamics, and temporal interactions. The resulting dataset contains legitimate and malicious instances: Spoofing (45,975 legitimate, 589 malicious), Wormhole (52,237 legitimate, 5,219 malicious), and Sybil (14,829 legitimate, 1,753 malicious). It includes essential vehicular-specific features such as mobility dynamics, inter-vehicle distances, and end-to-end communication patterns. For validation, machine learning algorithms, including Random Forest, K-Nearest Neighbors, and Logistic Regression were employed. Detection performance was evaluated using accuracy, precision, recall, and two F1-score variants (standard and macro). Results indicate high detection efficacy, with Random Forest achieving accuracy between 93.6% and 99.8% and F1-macro scores from 88.5% to 97.7%. Compared to previous studies lacking spatiotemporal considerations, our dataset’s enhanced realism demonstrates significant potential in advancing data-driven anomaly detection and real world threat mitigation in dynamic vehicular environments.
AB - Vehicular Communication Networks (VCNs) are essential for autonomous vehicles and Intelligent Transportation Systems but face challenges in security vulnerabilities and data sparsity. Traditional attack models inadequately represent VCN dynamics, weakening threat detection, while existing datasets lack real-world mobility and spatiotemporal details. This study addresses these gaps by developing a comprehensive attack simulation framework, enhancing critical network attacks i.e. position spoofing, Sybil, and wormhole through realistic mobility patterns, positional dynamics, and temporal interactions. The resulting dataset contains legitimate and malicious instances: Spoofing (45,975 legitimate, 589 malicious), Wormhole (52,237 legitimate, 5,219 malicious), and Sybil (14,829 legitimate, 1,753 malicious). It includes essential vehicular-specific features such as mobility dynamics, inter-vehicle distances, and end-to-end communication patterns. For validation, machine learning algorithms, including Random Forest, K-Nearest Neighbors, and Logistic Regression were employed. Detection performance was evaluated using accuracy, precision, recall, and two F1-score variants (standard and macro). Results indicate high detection efficacy, with Random Forest achieving accuracy between 93.6% and 99.8% and F1-macro scores from 88.5% to 97.7%. Compared to previous studies lacking spatiotemporal considerations, our dataset’s enhanced realism demonstrates significant potential in advancing data-driven anomaly detection and real world threat mitigation in dynamic vehicular environments.
UR - https://doi.org/10.1080/08839514.2025.2538453
U2 - 10.1080/08839514.2025.2538453
DO - 10.1080/08839514.2025.2538453
M3 - Article (journal)
SN - 0883-9514
VL - 39
SP - 1
EP - 27
JO - Applied Artificial Intelligence
JF - Applied Artificial Intelligence
IS - 1
M1 - e2538453
ER -
