Search

CN-122028048-A - Internet of vehicles false data injection attack detection method based on federal learning

CN122028048ACN 122028048 ACN122028048 ACN 122028048ACN-122028048-A

Abstract

The invention relates to the technical field of Internet of vehicles safety, in particular to an Internet of vehicles false data injection attack detection method based on federal learning. And then capturing the time sequence dependency relationship by BiLSTM, and designing a lightweight transducer parallel modeling global space relationship. And further dynamically calculating the attention score through the feature fusion weight matrix, realizing the dynamic weighting of the two-branch dimension level, reducing the dimension by combining a differential pooling strategy, and coupling a classifier. The road side units carry out global aggregation based on the weighting strategies of the node reputation and the contribution degree, and distribute the node reputation and the contribution degree to the node vehicles for carrying out new incremental training. The method effectively solves the problem that the traditional centralized learning cannot achieve both privacy protection and lightweight calculation in the detection of the false data injection attack of the Internet of vehicles, and remarkably improves the detection effect of the false data injection attack.

Inventors

  • WANG HUAN
  • LIU QINGZHENG
  • HUANG XIN
  • ZHANG SHENGPENG
  • ZHANG YAOGUO
  • JIANG FEI
  • HU PENG
  • YANG JUNYING
  • HUANG HAIJUN
  • CHEN XINGWEN
  • ZHAO YUNCHENG
  • HUANG JIANHUA
  • WANG ZHE
  • SUN JING
  • LIN CHUAN

Assignees

  • 广西科技大学
  • 广州锦行网络科技有限公司
  • 广西南宁英福泰科信息科技有限公司

Dates

Publication Date
20260512
Application Date
20251225

Claims (8)

  1. 1. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning is characterized by comprising the following steps of: step 1, aligning time window division and sliding sample to original characteristics of a basic safety message of a vehicle containing vehicle space position, speed information and communication signal characteristic data, and aligning an original characteristic matrix Dividing the time sequence branch into sequence samples according to the window length T and the step length S, and carrying out standardization processing on each characteristic to ensure that the input samples of the time sequence branch and the space branch in the subsequent fusion stage are kept in synchronous alignment; step 2, constructing a double-branch feature extraction model at the vehicle terminal side, wherein the double-branch feature extraction model comprises a bidirectional BiLSTM branch for modeling time sequence dependence and a transducer encoder branch subjected to structured pruning, and is used for modeling the spatial relationship between vehicles, and the two output dimensions are respectively as follows Is a feature vector of (1); Step 3, designing a dynamic weight matrix to carry out dimension level attention weighting on the space-time characteristics, compressing the characteristics of the space-time double-branch output characteristics through global average pooling and global maximum pooling, then carrying out splicing and fusion, and outputting attack detection results through a fully-connected classifier; And 4, uploading local model updates to the federation server by each vehicle terminal, carrying out weighted aggregation on the model updates of each node by the federation server based on a dynamic weighted strategy of node credibility to obtain a global model, and periodically transmitting the global model to each vehicle terminal to realize cooperative updating and dynamic adaptation to malicious environments.
  2. 2. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 1, wherein, In the step 1, the time window division is to segment the basic safety information of the vehicle according to a preset time interval, and the sliding sample alignment strategy ensures that the time sequence data and the space data are synchronously aligned when the model is input through a sliding window mechanism; all features were normalized using z-score for each column of features prior to windowing.
  3. 3. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 2, wherein, The BiLSTM network of the bidirectional BiLSTM branch comprises an input layer, a hidden layer and an output layer, wherein each layer adopts a bidirectional long-short-term memory unit structure and is used for capturing forward and backward time sequence dependency relations of vehicle behavior data; BiLSTM th step The calculation process of the layer is as follows: Wherein, the And Respectively represent the first Layer at time step Is associated with the forward and backward hidden states of (c), And For the state of the corresponding memory cell, And For the set of LSTM parameters, Representing the input characteristics of the current layer and derived from the output results of the previous layer BiLSTM; After each layer of network, configuring a batch normalization layer and a Dropout layer, and finally outputting the tensor shape as follows Wherein Is the current first The output of the layer is provided with, For the hidden state dimension of the unidirectional LSTM, outputting the total dimension Comprising forward LSTM Dimensional features and backward LSTM Dimensional characteristics.
  4. 4. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 3, The transducer encoder branch adopts an encoder structure, reduces model parameters through pruning operation, and reserves a key self-attention mechanism for modeling the spatial relationship among vehicles, and comprises the following steps: Attention header pruning, retaining the header with highest score, retaining header number not less than 2, feedforward network middle layer channel pruning, cutting according to channel importance, and setting middle dimension as Not lower than after pruning And the global pruning rate is fixed between 0.3 and 0.7, and the total quantity of the pruned parameters is ensured not to exceed the preset end side preset upper limit.
  5. 5. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 4, In the executing process of step 3, the dynamic weight matrix dynamically adjusts weight distribution according to the importance of the input features, and the dimension level attention weighting mechanism calculates the attention weight for each dimension of the time feature respectively, specifically including: To any branch output Time sequence branching Spatial branching Calculate the dimension level attention Flattened in batch and sequence dimensions into Using a trainable weight matrix Bias vector Calculating an attention score: attention score matrix By Softmax normalization, a probability weight matrix is obtained, and each sample can be known to be in Weight distribution in dimension: Then, the dynamic weighting of the features is realized through Hadamard products, and the weighted feature representation is obtained Remolding the material to the original shape 。
  6. 6. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 5, wherein, In the step 3, the average pooling and the maximum pooling are used for extracting global information and local key information of the space-time double-branch output characteristics, and the characteristic compression and fusion are realized, and the process comprises the following steps: sequential branch output Pooling output by global averaging Spatial branching output Output is pooled by global maximization In the case of a sequence dimension length of 1, the result of the maximum pooling is equal to the tensor itself removed from that dimension; the pooled time features and space features are fused into a unified feature representation through splicing operation: The fused feature vectors are sequentially processed through two layers of fully-connected networks, a batch normalization and Dropout mechanism is introduced after each layer, and classification probability is output through a fully-connected layer activated by Softmax, so that input samples are classified.
  7. 7. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 6, wherein, And step 4, dynamically evaluating the credibility of each vehicle participation node based on the historical credit, the contribution degree, the response time delay, the calculation delay and the communication anomaly degree, and adopting an interval packet cooling and callback mechanism, a anti-brush operation and an adaptive isolation decision.
  8. 8. The method for detecting the false data injection attack of the Internet of vehicles based on federal learning according to claim 7, And step 4, dynamically weighting the client federation according to the reputation level by adopting a piecewise function, wherein the global model aggregation weight is influenced by the reputation of each node, the low reputation or abnormal node weight is reduced, and a cooling window and a reputation fluctuation upper limit are added to prevent malicious operations.

Description

Internet of vehicles false data injection attack detection method based on federal learning Technical Field The invention relates to the technical field of Internet of vehicles safety, in particular to an Internet of vehicles false data injection attack detection method based on federal learning. Background In the wireless communication network, the Internet of vehicles can realize real-time interaction of traffic information based on the cooperative perception of the space-time dynamic behavior of the vehicles and the road side infrastructure, and support is provided for intelligent traffic and automatic driving. However, this distributed highly heterogeneous and interconnected nature exposes the internet of vehicles to multidimensional attack. Under the control of an attacker, a malicious vehicle can send fake data in the basic safety message, and mislead other vehicles to judge the state of a traffic event. For example, false data injection attack attacks and other active fraud behaviors, namely false traffic data packets can be injected to guide vehicles to make false decisions, and the safety and efficiency of the Internet of vehicles are directly jeopardized. Aiming at the problems, the traditional false data injection attack detection method can identify potential attack behaviors by collecting and analyzing communication data streams in the Internet of vehicles. Among them, the machine learning-based method is widely used for its superiority in network traffic classification and anomaly detection, but compared with the conventional machine learning method, the deep learning is considered to have more important prospects in terms of threat discovery by virtue of its more advantageous feature automatic extraction and high-dimensional characterization capability. Existing systems still face two key challenges in detecting false data injection attacks. Firstly, the basic safety message data of the Internet of vehicles has remarkable space-time dynamic characteristics, and comprises multi-mode information such as vehicle position, speed, time stamp, signal strength and the like. The existing attack recognition method is insufficient in modeling and fusion of the space-time characteristics, and is difficult to accurately capture complex attack behavior patterns. Secondly, the traditional attack detection method generally depends on a centralized big data analysis architecture, is easily influenced by the dynamic change of the vehicle networking topology, the rapid increase of data volume and the limitation of network bandwidth, and simultaneously faces sensitive data leakage and single-point fault risks in the data sharing process, so that the reliability and the robustness of the system are further weakened, and the direct contradiction is generated between the method and the data main regulations such as European Union 'general data protection regulations'. Disclosure of Invention The invention aims to provide a federal learning-based false data injection attack detection method for the Internet of vehicles, which aims to improve the accuracy of false data injection attack detection for the Internet of vehicles with remarkable space-time dynamic characteristics. In order to achieve the above purpose, the invention provides a method for detecting false data injection attack of the internet of vehicles based on federal learning, which comprises the following steps: step 1, aligning time window division and sliding sample to original characteristics of a basic safety message of a vehicle containing vehicle space position, speed information and communication signal characteristic data, and aligning an original characteristic matrix Dividing the time sequence branch into sequence samples according to the window length T and the step length S, and carrying out standardization processing on each characteristic to ensure that the input samples of the time sequence branch and the space branch in the subsequent fusion stage are kept in synchronous alignment; step 2, constructing a double-branch feature extraction model at the vehicle terminal side, wherein the double-branch feature extraction model comprises a bidirectional BiLSTM branch for modeling time sequence dependence and a transducer encoder branch subjected to structured pruning, and is used for modeling the spatial relationship between vehicles, and the two output dimensions are respectively as follows Is a feature vector of (1); Step 3, designing a dynamic weight matrix to carry out dimension level attention weighting on the space-time characteristics, compressing the characteristics of the space-time double-branch output characteristics through global average pooling and global maximum pooling, then carrying out splicing and fusion, and outputting attack detection results through a fully-connected classifier; And 4, uploading local model updates to the federation server by each vehicle terminal, carrying out weighted aggregation on the model updates o