City Research Online

Abstract

The increasing adoption of autonomous and intelligent vehicles within ground transportation systems faces new security challenges. This shift from human-controlled operations opens up a broader attack surface for malicious players. As the interconnected Internet of Things (IoT) become ubiquitous in vehicles, they continuously generate and exchange a large amount of data. This tendency creates vulnerabilities that attackers can exploit using sophisticated techniques, such as Advanced Persistent Threats (APT). Detecting APTs in IoT-enabled vehicular environments is crucial. These APTs demand advanced detection mechanisms. The critical need for vehicular data privacy restricts traditional centralized Machine Learning (ML) approaches. Furthermore, the absence of publicly available APT datasets in the vehicular domain complicates model development and validation, creating a significant gap in cybersecurity capabilities for this evolving vehicular domain. This research proposes a novel Federated Deep Neural Network (FDNN) framework with a privacy-preserving technique to address these concerns. This study presents the key challenges in the APT detection phase and outlines the novel contributions to the body of knowledge. The research questions guiding the investigation are addressed and discussed. The features of the UNSW-NB15, Edge-IIoTset, and CSE-CIC-IDS2018 datasets are aligned with different stages of APT attacks. Using these datasets, the developed framework is analyzed and evaluated. For the mentioned datasets, the framework without privacy-preserving technique shows high APT detection accuracies of 97.32%, 96.81% and 98.06%, respectively. However, with the privacy-preserving technique, the framework shows 95.62%, 96.11% and 95.63% accuracies, respectively. All results with other evaluation metrics, such as Precision, False positive rate, F1 score etc., are tabulated. The developed framework is subjected to “Shapley Additive explanations (SHAP),” analysis to filter the considerably influential features in APT detection. This research establishes the efficacy of a novel framework for detecting APTs in distributed vehicular environments. The framework achieves superior performance by minimizing the number of data and reducing the number of features, which is demonstrated through rigorous experimentation on multiple benchmark datasets. The potential of the developed framework to detect the APTs in the cross-domain is discussed in future works.

Publication Type:	Article
Additional Information:	© 2025 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
Publisher Keywords:	Advanced persistent threats, cyber security, ground transport, Internet of Things (IoT), privacy preserving, XAI and V2X
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science T Technology > T Technology (General)
Departments:	School of Science & Technology School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

Export

Downloads