Detecting and mitigating adversarial machine learning attacks in autonomous vehicles within the internet of vehicles

Safaei, Mahmood; Soleymani, Ahmad; Asadi, Shahla; Safaei, Mitra; Goudarzi, Shidrokh

Detecting and mitigating adversarial machine learning attacks in autonomous vehicles within the internet of vehicles

Lists

Safaei, Mahmood, Soleymani, Ahmad, Asadi, Shahla, Safaei, Mitra and Goudarzi, Shidrokh ORCID: https://orcid.org/0000-0003-0383-3553 (2026) Detecting and mitigating adversarial machine learning attacks in autonomous vehicles within the internet of vehicles. IEEE Transactions on Intelligent Transportation Systems. pp. 1-13. ISSN 1524-9050

[thumbnail of Detecting_and_Mitigating_Adversarial_Machine_Learning_Attacks_in_Autonomous_Vehicles_Within_the_Internet_of_Vehicles.pdf]

Preview

PDF
Detecting_and_Mitigating_Adversarial_Machine_Learning_Attacks_in_Autonomous_Vehicles_Within_the_Internet_of_Vehicles.pdf - Accepted Version
Download (3MB) | Preview

Official URL: https://ieeexplore.ieee.org/document/11367397

Abstract

Adversarial Machine Learning (AML), particularly model poisoning, presents a critical threat to Autonomous Vehi cles (AVs) in the Internet of Vehicles (IoV) environment. To address this challenge, we propose a framework that integrates Federated Learning (FL) with a Deep Learning-based Intrusion Detection and Behavior Monitoring (DL-based IBM) system, a vehicle scoring mechanism, Digital Twin (DT), and Generative AI (Gen-AI) to enhance security in IoV environments. Each AV employs a DL-based IBM as its local model, which is trained on vehicle-local operational data and contributes to a global model through FL aggregation. A vehicle scoring system is responsible for identifying and flagging compromised AVs (Zombies) exhibiting suspicious behavior. When the DT detects that the Zombie’s model has been manipulated through poisoning attacks, the DT updates the compromised model with the correct global model to restore normal operation. Furthermore, DT leverages Gen-AI to simulate and learn from novel attack scenarios that AVs have not previously encountered, ensuring that the framework adapts to evolving threats. The simulation results demonstrate significant improvements in resilience and detection accuracy, with F1 scores reaching 99% for known attacks and exceeding 87% for new unseen threats. This integrated approach ensures robust and adaptive protection for AVs, maintaining high trust and performance in the dynamic and adversarial IoV network.

Item Type:	Article
Identifier:	10.1109/TITS.2026.3652712
Keywords:	Autonomous vehicle, adversarial machine learning, digital twin, federated learning, Gen-AI, deep learning.
Date Deposited:	20 Mar 2026
URI:	https://repository.uwl.ac.uk/id/eprint/14768
Sustainable Development Goals:	Goal 9: Industry, Innovation, and Infrastructure