Feature selection for anomaly detection in vehicular ad hoc networks

An emerging trend to improve automotive safety is the development of Vehicle-to-Vehicle (V2V) safety applications. These applications use information gathered from the vehicle's sensors and from surrounding vehicles to detect and prevent imminent crashes. Vehicles have been equipped with external communication interfaces to make these applications possible, but this also exposes them to security threats. If an attacker is able to feed safety applications with incorrect data, they might actually cause accidents rather than prevent them. In this paper, we investigate the application of white-box anomaly detection to detect such attacks. A key step in applying such an approach is the selection of the “right” behavioral features, i.e. features that allow the detection of attacks and provide an understanding of the raised alerts. By finding meaningful features and building accurate models of normal behavior, this work makes a first step towards the design of effective anomaly detection engines for V2V communication.