Submit

Login Login

Register Register

Home/ Journals/ CMC/ Vol.87, No.3, 2026/ 10.32604/cmc.2026.077582

Table of Content

Open Access iconOpen Access

ARTICLE

Lightweight and Explainable Anomaly Detection in CAN Bus Traffic via Non-Negative Matrix Factorization

Anandkumar Balasubramaniam, Seung Yeob Nam*

Department of Information and Communication Engineering, Yeungnam University, Gyeongsan, Republic of Korea

* Corresponding Author: Seung Yeob Nam. Email: email

(This article belongs to the Special Issue: Advances in Machine Learning and Artificial Intelligence for Intrusion Detection Systems)

Computers, Materials & Continua 2026, 87(3), 50 https://doi.org/10.32604/cmc.2026.077582

Received 12 December 2025; Accepted 02 February 2026; Issue published 09 April 2026

Abstract

The increasing connectivity of modern vehicles exposes the in-vehicle controller area network (CAN) bus to various cyberattacks, including denial-of-service, fuzzy injection, and spoofing attacks. Existing machine learning and deep learning intrusion detection systems (IDS) often rely on labeled data, struggle with class imbalance, lack interpretability, and fail to generalize well across different datasets. This paper proposes a lightweight and interpretable IDS framework based on non-negative matrix factorization (NMF) to address these limitations. Our contributions include: (i) evaluating NMF as both a standalone unsupervised detector and an interpretable feature extractor (NMF-W) for classical, unsupervised, and deep sequence models; (ii) providing comprehensive benchmarking on the car-hacking dataset (CHD), demonstrating improved robustness in mixed-attack and cross-attack scenarios, with class imbalance addressed through oversampling and class weighting; (iii) offering a component-level interpretability analysis that links NMF factors to meaningful CAN traffic patterns; and (iv) validating cross-dataset transferability on the offset-ratio and time interval-based intrusion detection system (OTIDS) dataset. Additional ablation and efficiency studies confirm the practical feasibility of deploying NMF-based IDS on embedded automotive controllers. Overall, this work presents a balanced IDS solution that combines detection accuracy, computational efficiency, and explainability, thereby advancing the security of in-vehicle networks.

Keywords

Anomaly detection; CAN bus; explainable AI; intrusion detection system (IDS); non-negative matrix factorization (NMF)

Supplementary Material

Supplementary Material File

Cite This Article

APA Style
Balasubramaniam, A., Nam, S.Y. (2026). Lightweight and Explainable Anomaly Detection in CAN Bus Traffic via Non-Negative Matrix Factorization. Computers, Materials & Continua, 87(3), 50. https://doi.org/10.32604/cmc.2026.077582
Vancouver Style
Balasubramaniam A, Nam SY. Lightweight and Explainable Anomaly Detection in CAN Bus Traffic via Non-Negative Matrix Factorization. Comput Mater Contin. 2026;87(3):50. https://doi.org/10.32604/cmc.2026.077582
IEEE Style
A. Balasubramaniam and S. Y. Nam, “Lightweight and Explainable Anomaly Detection in CAN Bus Traffic via Non-Negative Matrix Factorization,” Comput. Mater. Contin., vol. 87, no. 3, pp. 50, 2026. https://doi.org/10.32604/cmc.2026.077582
BibTex EndNote RIS



cc Copyright © 2026 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

  • 806

    View

  • 465

    Download

  • 0

    Like

Related articles

Copyright© 2026 Tech Science Press
© 1997-2026 TSP (Henderson, USA) unless otherwise stated

Share Link