Open Access

ARTICLE

Developing Transparent IDS for VANETs Using LIME and SHAP: An Empirical Study

Fayaz Hassan^1,*, Jianguo Yu¹, Zafi Sherhan Syed², Arif Hussain Magsi³, Nadeem Ahmed⁴

1 Beijing Key Laboratory of Work Safety Intelligent Monitoring, School of Electronic Engineering, Beijing University of Post and Telecommunication, Beijing, 100876, China
2 Department of Telecommunication Engineering, Mehran University of Engineering and Technology, Jamshoro, 76062, Pakistan
3 State Key Laboratory of Networking and Switching Technology, Beijing University of Post and Telecommunication, Beijing, 100876, China
4 School of Electronic Science, Beijing University of Post and Telecommunication, Beijing, 100876, China

* Corresponding Author: Fayaz Hassan. Email:

(This article belongs to the Special Issue: Cybersecurity Solutions for Wireless Sensor Networks in IoT Environments )

Computers, Materials & Continua 2023, 77(3), 3185-3208. https://doi.org/10.32604/cmc.2023.044650

Received 04 August 2023; Accepted 30 October 2023; Issue published 26 December 2023

Abstract

Vehicular Ad-hoc Networks (VANETs) are mobile ad-hoc networks that use vehicles as nodes to create a wireless network. Whereas VANETs offer many advantages over traditional transportation networks, ensuring security in VANETs remains a significant challenge due to the potential for malicious attacks. This study addresses the critical issue of security in VANETs by introducing an intelligent Intrusion Detection System (IDS) that merges Machine Learning (ML)–based attack detection with Explainable AI (XAI) explanations. This study ML pipeline involves utilizing correlation-based feature selection followed by a Random Forest (RF) classifier that achieves a classification accuracy of 100% for the binary classification task of identifying normal and malicious traffic. An innovative aspect of this study is the incorporation of XAI methodologies, specifically the Local Interpretable Model-agnostic Explanations (LIME) and SHapley Additive exPlanations (SHAP). In addition, this research also considered key features identified by mutual information-based feature selection for the task at hand. The major findings from this study reveal that the XAI-based intrusion detection methods offer distinct insights into feature importance. Key features identified by mutual information, LIME, and SHAP predominantly relate to Transmission Control Protocol (TCP), Hypertext Transfer Protocol (HTTP), Domain Name System (DNS), and Message Queuing Telemetry Transport (MQTT) protocols, highlighting their significance in distinguishing normal and malicious network activity. This XAI approach equips cybersecurity experts with a robust means of identifying and understanding VANET malicious activities, forming a foundation for more effective security countermeasures.

---

Keywords

---