Araçların İnternetinde DDoS Tespiti için Optimize Edilmiş Topluluk Öğrenmesi

Öz

Dağıtılmış Hizmet Reddi (DDoS) saldırıları, hizmet kullanılabilirliğini ve bütünlüğünü etkileyerek ağ güvenliği için önemli bir tehdit oluşturmaya devam etmektedir. Anomali tespiti, imza tabanlı yöntemler ve makine öğrenimi (ML) yaklaşımları da dahil olmak üzere geleneksel savunmalar, yüksek yanlış pozitif oranları, düşük ölçeklenebilirlik ve yeni saldırı modellerine sınırlı genelleme gibi zorluklarla karşı karşıyadır. Anomali tespiti genellikle aşırı yanlış pozitif sonuçlar üretirken, imza tabanlı yöntemler yeni saldırıları tespit etmekte başarısız olur. Geleneksel ML teknikleri, gelişen ağ trafiğinin karmaşıklığını yakalamakta zorlanır ve bu da gerçek dünya senaryolarındaki etkinliklerini azaltır. Bu sınırlamaları gidermek için bu çalışma, Gradient Boosting, AdaBoost ve Naive Bayes'i optimize edilmiş sınıflandırıcı ağırlıkları ve yumuşak oylama mekanizmasıyla birleştiren bir topluluk saldırı tespiti modeli önermektedir. Araçların İnterneti (IoV) senaryolarına göre uyarlanmış CICIoV2024 veri setini kullanan topluluk, sırasıyla doğruluk, geri çağırma ve kesinlik açısından 0,96, 0,96, 0,98 ve 0,97'lik F1 puanı değerleriyle bireysel modellerden daha iyi sonuçlar elde ediyor. Bu sonuçlar, modelin dinamik IoV ortamlarında DDoS saldırılarını tespit etmedeki güvenilirliğini ve verimliliğini vurgulayarak, mevcut yöntemlerin temel zayıflıklarını ortadan kaldırıyor.

Anahtar Kelimeler

• DDoS saldırısı
• Toplu öğrenme
• Yumuşak oylama
• Araçların interneti
• Saldırı tespiti
• Sınıflandırıcı optimizasyonu
• CICIoV2024

Optimized Ensemble Learning for DDoS Detection in Internet of Vehicles

Öz

Distributed Denial of Service (DDoS) attacks remain a significant threat to network security, affecting service availability and integrity. Traditional defenses, including anomaly detection, signature-based methods, and machine learning (ML) approaches, face challenges such as high false-positive rates, poor scalability, and limited generalization to new attack patterns. Anomaly detection often generates excessive false positives, while signature-based methods fail to detect novel attacks. Conventional ML techniques struggle to capture the complexity of evolving network traffic, reducing their effectiveness in real-world scenarios. To address these limitations, this study proposes an ensemble intrusion detection model combining Gradient Boosting, AdaBoost, and Naive Bayes with optimized classifier weights and a soft voting mechanism. Using the CICIoV2024 dataset, tailored for Internet of Vehicles (IoV) scenarios, the ensemble outper forms individual models with F1-score values of 0.96, 0.96, 0.98, and 0.97 for accuracy, recall, and precision, respectively. These results highlight the model’s reliability and efficiency in detecting DDoS attacks in dynamic IoV environments, overcoming key weaknesses of existing methods.

Anahtar Kelimeler

• DDoS attack
• Ensemble learning
• Soft voting
• Internet of vehicles
• Intrusion detection
• Classifier optimization
• CICIoV2024

Kaynakça

1. Radware: DDoS attacks history (2017). https://www.radware.com/security/ddos-knowledge-center/ddos-chronicles/ddos-attacks-history/ Accessed 26 Dec 2024.
2. Mirkovic, J. ve Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Computer Communication Review, 34(2), 39-53. https://doi.org/10.1145/997150.997156
3. Xie, L., Yuan, B., Yang, H., Hu, Z., Jiang, L., Zhang, L., Cheng, X. (2024). MRFM: A timely detection method for DDoS attacks in IoT with multidimen- sional reconstruction and function mapping. Computer Standards and Interfaces, 89, 103829. https://doi.org/10.1016/j.csi.2023.103829
4. Shukla, P., Krishna, C. R., & Patil, N. V. (2024).SDDA-IoT: Storm-based distributed detection approach for IoT network traffic-based DDoS attacks.Cluster Computing, 27(5), 6397–6424. https://doi.org/10.1007/s10586-024-04297-7
5. Kuhlgatz, D. Data network for the car: The Controller Area Network CAN. Available from: https://www.bosch.com/stories/the-controller-area-network/.
6. Rajapaksha, S., et al., Ai-based intrusion detection systems for in-vehicle networks: A survey. ACM Computing Surveys, 2023. 55(11): p. 1-40. https://doi.org/10.1145/3570954
7. Avatefipour, O., et al., An intelligent secured framework for cyberattack detection in electric vehicles’ CAN bus using machine learning. Ieee Access, 2019. 7: p. 127580-127592. https://doi.org/10.1109/ACCESS.2019.2937576
8. Marchetti, M. and D. Stabili. Anomaly detection of CAN bus messages through analysis of ID sequences. In 2017 IEEE Intelligent Vehicles Symposium (IV). 2017. IEEE. https://doi.org/10.1109/IVS.2017.7995934

9. Korium, M. S., Saber, M., Beattie, A., Narayanan, A., Sahoo, S., Nardelli, P. H. (2024). Intrusion detection system for cyberattacks in the Internet of Vehicles environment. Ad Hoc Networks, 153, 103330. https://doi.org/10.1016/j.adhoc.2023.103330
10. Manjula, H.T., Mangla, N. (2023). An Approach to on-stream DDoS Blitz Detection Using Machine Learning. Materials Today: Proceedings, 80,3492-3499. https://doi.org/10.1016/j.matpr.2021.07.280
11. Kumari, K., Mrunalini, M. (2022). Detecting Denial of Service Attacks Using Machine Learning Algorithms. Journal of Big Data, 9(56). https://doi.org/10.1186/s40537-022-00616-0
12. Li, Y., Lu, Y. (2019). LSTM-BA: DDoS Detection Approach Combining LSTM and Bayes. In 2019 Seventh International Conference on Advanced Cloud and Big Data (CBD). IEEE. https://doi.org/10.1109/CBD.2019.00041
13. Sayed, M. I., Sayem, I. M., Saha, S., Haque, A. (2022, May). A Multi-Classifier for DDoS Attacks Using Stacking Ensemble Deep Neural Network. In 2022 International Wireless Communications and Mobile Computing (IWCMC) (pp. 1125-1130). IEEE. https://doi.org/10.1109/IWCMC55113.2022.9824189
14. Alasmary, F., Alraddadi, S., Al-Ahmadi, S., Al-Muhtadi, J. (2022). Shieldrnn: A distributed flow-based ddos detection solution for iot using sequence majority voting. IEEE Access, 10, 88263-88275. https://doi.org/10.1109/ACCESS.2022.3200477
15. Arafah, M., Adnane, A., Hadi, W., Al-Hyasat, G., Al-Habahbeh, M. (2025, April). Advancing IoV Security Through Machine Learning: Design and Evaluation of the CICIoV2024 Benchmark Dataset. In 2025 1st International Conference on Computational Intelligence Approaches and Applications (ICCIAA) (pp. 1-6). IEEE. https://doi.org/10.1109/ICCIAA65327.2025.11013584
16. Alauthman, M., Mashaleh, A., Aslam, N., Aldweesh, A., & Almomani, A. (2025, April). Intrusion Detection in the Internet of Vehicles Using Transformer Models. In 2025 1st International Conference on Computational Intelligence Approaches and Applications (ICCIAA) (pp. 1-6). IEEE. https://doi.org/10.1109/ICCIAA65327.2025.11013054
17. Sahu, M., & Gupta, G. P. (2025, January). Cyber Attack Detection using Stacking Ensemble Model for Internet of Vehicle. In 2025 Fourth International Conference on Power, Control and Computing Technologies (ICPC2T) (pp. 35-39). IEEE. https://doi.org/10.1109/ICPC2T63847.2025.10958735
18. Ullah, S., Khan, M. A., Ahmad, J., Jamal, S. S., e Huma, Z., Hassan, M. T., Buchanan, W. J. (2022). HDL-IDS: a hybrid deep learning architecture for intrusion detection in the Internet of Vehicles. Sensors, 22(4), 1340. https://doi.org/10.3390/s22041340
19. Prakash, J., Murali, L., Manikandan, N., Nagaprasad, N., Ramaswamy, K. (2024). A Vehicular Network-Based Intelligent Transport System for Smart Cities Using Machine Learning Algorithms. Scientific Reports, 14(468). https://doi.org/10.1038/s41598-023-50906-7
20. Gou, W., Zhang, H., Zhang, R. (2023). Multi-Classification and Tree-Based Ensemble Network for the Intrusion Detection System in the Internet of Vehicles. Sensors, 23(8788). https://doi.org/10.3390/s23218788
21. Aksu, D., Aydin, M. A. (2022). MGA-IDS: Optimal feature subset selection for anomaly detection framework on in-vehicle networks-CAN bus based on genetic algorithm and intrusion detection approach. Computers and Security, 118, 102717. https://doi.org/10.1016/j.cose.2022.102717
22. Basavaraj, D., Tayeb, S. (2022). Towards a lightweight intrusion detection frame- work for in-vehicle networks. Journal of Sensor and Actuator Networks, 11(1), 6. https://doi.org/10.3390/jsan11010006
23. Khan, M. H., Javed, A. R., Iqbal, Z., Asim, M., Awad, A. I. (2024). DivaCAN: Detecting in-vehicle intrusion attacks on a controller area network using ensemble learning. Computers and Security, 139, 103712. https://doi.org/10.1016/j.cose.2024.103712
24. Dong, C., Wu, H., Li, Q. (2023). Multiple Observation HMM-based CAN bus Intrusion Detection System for In-Vehicle Network. IEEE Access. https://doi.org/10.1109/ACCESS.2023.3265018
25. Shahriar, M. H., Xiao, Y., Moriano, P., Lou, W., Hou, Y. T. (2023). CAN- Shield: Deep Learning-Based Intrusion Detection Framework for Controller Area Networks at the Signal-Level. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2023.3296705
26. Hossain, M.D., et al. An effective in-vehicle CAN bus intrusion detection sys- tem using CNN deep learning approach. in GLOBECOM 2020-2020 IEEE global communications conference. 2020. IEEE. .https://doi.org/10.1109/GLOBECOM42002.2020.9322395
27. Amato, F., et al., CAN-bus attack detection with deep learning. IEEE Transac- tions on Intelligent Transportation Systems, 2021. 22(8): p. 5081-5090. https://doi.org/10.1109/TITS.2020.3046974
28. Gao, S., et al., Attack Detection for Intelligent Vehicles via CAN-Bus: A Lightweight Image Network Approach. IEEE Transactions on Vehicular Technol- ogy, 2023. https://doi.org/10.1109/TVT.2023.3296705
29. Seo, E., H.M. Song, and H.K. Kim. GIDS: GAN based intrusion detection system for in-vehicle network. In 2018 16th Annual Conference on Privacy, Security and Trust (PST). 2018. IEEE. https://doi.org/10.1109/PST.2018.8514157
30. Song, H.M., J. Woo, and H.K. Kim, In-vehicle network intrusion detection using deep convolutional neural network. Vehicular Communications, 2020. 21:p. 100198. https://doi.org/10.1016/j.vehcom.2019.100198
31. Bari, B.S., K. Yelamarthi, and S. Ghafoor, Intrusion Detection in Vehicle Con- troller Area Network (CAN) Bus Using Machine Learning: A Comparative Performance Study. Sensors, 2023. 23(7): p. 3610. https://doi.org/10.3390/s23073610
32. Alfardus, A. and D.B. Rawat. Intrusion detection system for CAN bus in-vehicle network based on machine learning algorithms. In 2021 IEEE 12th Annual Ubiq- uitous Computing, Electronics Mobile Communication Conference (UEMCON). 2021. IEEE. https://doi.org/10.1109/UEMCON53757.2021.9666745
33. Hossain, M. D., Inoue, H., Ochiai, H., & Fall, D. (2020). LSTM-based intrusion detection system for in-vehicle CAN bus communications. IEEE Access, 8, 185489–185502. https://doi.org/10.1109/ACCESS.2020.3029307
34. Talpur, A., Gurusamy, M. (2021). Machine learning for security in vehicular networks: A comprehensive survey. IEEE Communications Surveys & Tutorials, 24(1), 346-379. https://doi.org/10.1109/COMST.2021.3129079
35. Gruebler, A., McDonald-Maier, K. D., Alheeti, K. M. A. (2015, September). An intrusion detection system against black hole attacks on the communication network of self-driving cars. In 2015 sixth international conference on emerging security technologies (EST) (pp. 86-91). IEEE. https://doi.org/10.1109/EST.2015.10
36. Ali Alheeti, K. M., Gruebler, A., McDonald-Maier, K. (2016). Intelligent intrusion detection of grey hole and rushing attacks in self-driving vehicular networks. Computers, 5(3), 16. https://doi.org/10.3390/computers5030016
37. Gu, P., Khatoun, R., Begriche, Y., Serhrouchni, A. (2017, February). k-Nearest Neighbours classification based Sybil attack detection in Vehicular networks. In 2017 Third International Conference on Mobile and Secure Services (MobiSec- Serv) (pp. 1-6). IEEE. https://doi.org/10.1109/MOBISECSERV.2017.7886565
38. Gu, P., Khatoun, R., Begriche, Y., Serhrouchni, A. (2017, March). Support vector machine (svm) based sybil attack detection in vehicular networks. In 2017 IEEE wireless communications and networking conference (WCNC) (pp. 1-6). IEEE. https://doi.org/10.1109/WCNC.2017.7925783
39. Jagielski, M., Jones, N., Lin, C. W., Nita-Rotaru, C., Shiraishi, S. (2018, June). Threat detection for collaborative adaptive cruise control in connected cars. In Proceedings of the 11th ACM conference on security & privacy in wireless and mobile networks (pp. 184-189). https://doi.org/10.1145/3212480.3212492
40. Yu, Y., Guo, L., Liu, Y., Zheng, J., Zong, Y. U. E. (2018). An efficient SDN-based DDoS attack detection and rapid response platform in vehicular networks. IEEE access, 6, 44570-44579. https://doi.org/10.1109/ACCESS.2018.2854567
41. Khanapuri, E., Chintalapati, T., Sharma, R., Gerdes, R. (2019, May). Learning- based adversarial agent detection and identification in cyber physical systems applied to autonomous vehicular platoon. In 2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS) (pp. 39-45). IEEE. https://doi.org/10.1109/SEsCPS.2019.00014
42. Kamel, J., Haidar, F., Jemaa, I. B., Kaiser, A., Lonc, B., Urien, P. (2019, Octo- ber). A misbehavior authority system for sybil attack detection in c-its. In 2019 IEEE 10th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON) (pp. 1117-1123).IEEE. https://doi.org/10.1109/UEMCON47517.2019.8993045
43. Kumar, S., Singh, K., Kumar, S., Kaiwartya, O., Cao, Y., Zhou, H. (2019). Delim- itated anti jammer scheme for Internet of vehicle: Machine learning based security approach. IEEE Access, 7, 113311-113323. https://doi.org/10.1109/ACCESS.2019.2934632
44. Narayanadoss, A. R., Truong-Huu, T., Mohan, P. M., Gurusamy, M. (2019, April). Crossfire attack detection using deep learning in software defined its networks. In 2019 IEEE 89th Vehicular Technology Conference (VTC2019-Spring) (pp. 1-6). IEEE. https://doi.org/10.1109/VTCSpring.2019.8746594
45. D Angelo, G., Castiglione, A., Palmieri, F. (2020). A cluster-based multidimen- sional approach for detecting attacks on connected vehicles. IEEE Internet of Things Journal, 8(16), 12518-12527. https://doi.org/10.1109/JIOT.2020.3032935
46. Berrar, D. (2019). Bayes’ Theorem and Naive Bayes Classifier.https://doi.org/10.1016/B978-0-12-809633-8.20473-1
47. Murty, M. N., & Devi, V. S. (2011). Bayes classifier. In Pattern Recognition: An Algorithmic Approach (pp.86–102).Springer.https://doi.org/10.1007/978-0-85729-495-1
48. Azmi, S. S., Baliga, S. (2020). An overview of boosting decision tree algorithms utilizing AdaBoost and XGBoost boosting strategies. Int. Res. J. Eng. Technol, 7(5), 6867-6870. (No DOI available)
49. Konstantinov, A. V., Utkin, L. V. (2021). Interpretable machine learning with an ensemble of gradient boosting machines. Knowledge-Based Systems, 222, 106993. https://doi.org/10.1016/j.knosys.2021.106993
50. Li, Q., Wen, Z., He, B. (2020, April). Practical federated gradient boosting deci- sion trees. In Proceedings of the AAAI conference on artificial intelligence (Vol. 34, No. 04, pp. 4642-4649). https://doi.org/10.1609/aaai.v34i04.5895
51. Yoon, J. (2021). Forecasting of real GDP growth using machine learning models: Gradient boosting and random forest approach. Computational Economics, 57(1), 247-265. https://doi.org/10.1007/s10614-020-10054-w
52. Otchere, D. A., Ganat, T. O. A., Ojero, J. O., Tackie-Otoo, B. N., Taki, M. Y. (2022). Application of gradient boosting regression model for the evaluation of feature selection techniques in improving reservoir characterisation predictions. Journal of Petroleum Science and Engineering, 208, 109244. https://doi.org/10.1016/j.petrol.2021.109244
53. Brown, G. (2010). Ensemble Learning. Encyclopedia of machine learning, 312, 15-19. https://doi.org/10.1007/978-0-387-30164-8_252
54. Matloob, F., Ghazal, T. M., Taleb, N., Aftab, S., Ahmad, M., Khan, M. A., ... Soomro, T. R. (2021). Software defect prediction using ensemble learning: A systematic literature review. IEEE Access, 9, 98754-98771. https://doi.org/10.1109/ACCESS.2021.3095559
55. Khoh, W. H., Pang, Y. H., Ooi, S. Y., Wang, L. Y. K., Poh, Q. W. (2023). Predictive churn modeling for sustainable business in the telecommunication industry: optimized weighted ensemble machine learning. Sustainability, 15(11), 8631. https://doi.org/10.3390/su15118631
56. Taha, A. (2021). Intelligent ensemble learning approach for phishing website detection based on weighted soft voting. Mathematics, 9(21), 2799. https://doi.org/10.3390/math9212799
57. Nakata, N., Siina, T. (2023). Ensemble learning of multiple models using deep learning for multiclass classification of ultrasound images of hepatic masses. Bioengineering, 10(1), 69. https://doi.org/10.3390/bioengineering10010069
58. Pirizadeh, M., Alemohammad, N., Manthouri, M., Pirizadeh, M. (2021). A new machine learning ensemble model for class imbalance problem of screening enhanced oil recovery methods. Journal of Petroleum Science and Engineering, 198, 108214. https://doi.org/10.1016/j.petrol.2020.108214
59. Anifowose, F. A., Labadin, J., Abdulraheem, A. (2017). Ensemble machine learn- ing: An untapped modeling paradigm for petroleum reservoir characterization. Journal of Petroleum Science and Engineering, 151, 480-487. https://doi.org/10.1016/j.petrol.2017.01.024
60. Dietterich, T. G. (2000). Ensemble methods in machine learning. International workshop on multiple classifier systems (pp. 1-15). Springer, Berlin, Heidelberg. (No DOI available)
61. Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access, 5, 21954-21961. https://doi.org/10.1109/ACCESS.2017.2762418
62. Agarwal, A., Sharma, P., Alshehri, M., Mohamed, A. A., Alfarraj, O. (2021). Classification model for accuracy and intrusion detection using machine learning approach. PeerJ Computer Science, 7, e437. https://doi.org/10.7717/peerj-cs.437
63. Al-Juboori, S. A. M., Hazzaa, F., Jabbar, Z. S., Salih, S., Gheni, H. M. (2023). Man-in-the-middle and denial of service attacks detection using machine learning algorithms. Bulletin of Electrical Engineering and Informatics, 12(1), 418-426. https://doi.org/10.11591/eei.v12i1.4555
64. Saheed, Y. K., Arowolo, M. O. (2021). Efficient cyber attack detection on the internet of medical things-smart environment based on deep recurrent neural network and machine learning algorithms. IEEE Access, 9, 161546-161554. https://doi.org/10.1109/ACCESS.2021.3128837
65. Usha, G., Narang, M., Kumar, A. (2021). Detection and classification of dis- tributed DoS attacks using machine learning. In Computer Networks and Inventive Communication Technologies: Proceedings of Third ICCNCT 2020 (pp. 985-1000). Springer Singapore. https://doi.org/10.1007/978-981-15-9647-6_78
66. Carlos Pinto Neto, E., Taslimasa, H., Dadkhah, S., Iqbal, S., Xiong, P., Rahman, T., & Ghorbani, A. (2024). Ciciov2024: Advancing Realistic Ids Approaches Against Dos and Spoofing Attack in Iov Can Bus. Internet of Things, 26 101209, 1-20. https://doi.org/10.1016/j.iot.2024.101209
67. Reddy, C. K. K., Reddy, P. A., Reddy, P. S., Shuaib, M., Alam, S., Ahmad, S., & Rajaram, A. (2025). Twined ensemble framework for network security: integrating Random Forest, AdaBoost, and Gradient Boosting for enhanced intrusion detection. Discover Internet of Things, 5(1), 107.
68. Zhao, H., Liu, W., Wang, Y., & Wu, L. (2025). Comparative analysis of algorithmic approaches in ensemble learning: bagging vs. boosting. Scientific Reports, 15(1), 34218.
69. Al Farsi, A., Khan, A., Bait-Suwailam, M. M., & Mughal, M. R. (2024). Comparative Performance Evaluation of Machine Learning Algorithms for Cyber Intrusion Detection.
70. Khan, A. A., Chaudhari, O., & Chandra, R. (2024). A review of ensemble learning and data augmentation models for class imbalanced problems: Combination, implementation and evaluation. Expert Systems with Applications, 244, 122778. https://doi.org/10.1016/j.eswa.2023.122778
71. Aydoğan, Ş. K., Pura, T., Çıplak, Z., & Yıldız, A. (2025). DDoSGedik30K: A Unique Dataset and Advanced Deep Learning Techniques for DDoS Attack Detection. International Journal of New Findings in Engineering, Science and Technology, 3(2), 86-102. https://doi.org/10.61150/ijonfest.2025030201
72. Cil, A. E., Yildiz, K., & Buldu, A. (2021). Detection of DDoS attacks with feed forward based deep neural network model. Expert Systems with Applications, 169, 114520. https://doi.org/10.1016/j.eswa.2020.114520
73. Anli, Y. A., Ciplak, Z., Sakaliuzun, M., Izgu, S. Z., & Yildiz, K. (2024). DDoS detection in electric vehicle charging stations: A deep learning perspective via CICEV2023 dataset. Internet of Things, 28, 101343. https://doi.org/10.1016/j.iot.2024.101343
74. Büyüktanir, B., Çıplak, Z., Çil, A. E., Yakar, Ö., Adoum, M. B., & Yıldız, K. (2025). DDoS_FL: Federated learning architecture approach against DDoS attack. Pamukkale Üniversitesi Mühendislik Bilimleri Dergisi, 31(6), 1004-1018. https://doi.org/10.5505/pajes.2025.40456