A Privacy-Preserving Federated Intrusion Detection Framework for Internet of Vehicles Using CNN-BiGRU with Attention and Adaptive Weighted Aggregation

The growing internet of vehicle ecosystems has created significant cyber security vulnerabilities, particularly with respect to privacy-preserving detection of network intrusions in distributed, resource-limited environments. Traditional centralized intrusion detection systems (IDSs) produce major problems for vehicular CAN-bus networks because traditional solutions are unable to scale; they introduce single points of failure into deployments; and they violate critical privacy requirements through constant traffic transmission of sensitive data to remote servers. Federated Learning (FL) could provide a new way to build systems, yet it is still broken by using standard FL protocols, because they do not accommodate for Non-IID data distributions (non-independent identically distributed) data, as well as clients who behave poorly during the FL process. In this paper, we propose a full-fledged federated Intrusion Detection System (IDS) framework and done so using a benchmark dataset called "CIC-IoV 2024." Additionally, we provide the following three innovations/contributions to FL research: 1) Develop a unique CNN BiGRU-Attention deep learning architecture that captures spatial byte-level correlation and temporal bidirectional dependencies within sequential CAN (Controller Area Network) traffic; 2) Create an adaptive weighted input aggregation (AWI) mechanism to continuously provide trust-based aggregation weights for each client's update (of the client's FL model), determined by their cosine similarity and norm deviation; 3) Build a two-stage adversarial receiver defense pipeline that utilizes dual thresholding (norm and cosine) algorithms to determine whether or not an adversarial update from a client should be included in the final aggregator output. Overall experimental evaluation of the proposed method under realistic non-IID conditions, and in the presence of adversarial clients, achieved 98% accuracy, precision, recall and F1 scores, and ROC-AUC = 0.998. In addition, statistical analysis through 5-fold cross validation with a mean ± standard deviation (97.14% ± 0.29%) and a two-tailed paired t-test (p < 0.05) confirmed the proposed method's robustness and was significantly more effective than using CNN, LSTM, RF, XGBoost, SVM, and FL-CNN baselines.