Collaborative based Vehicular Ad-hoc Network Intrusion Detection System using Optimized Support Vector Machine

—The Vehicular Ad hoc Network (VANET) can be used to provide secured information to the user vehicles. However, these days the immunity of safeguarding the information from vulnerabilities and threats are of great challenge. Therefore, it is necessary to provide a secured solution for the improvement of security with the deployment of advanced technology. In context with this, a blockchain based VANET structure for secured communication incorporated with the enhancement of confidentiality, scalability, and privacy is planned. The k-means clustering model forms cluster formation. The cluster head selection is carried out with Tabu Search-based Particle Swarm Optimization (TS-PSO) algorithm. The proposed approach aims to mitigate the delay with the enhancement of throughput and energy efficiency. Meanwhile, the deployed blockchain will enhance reliability and security. Moreover, the novel War Strategy Optimization (WSO) based Support Vector Machine (SVM) model (Optimized SVM) can be used for the trust-based collaborative intrusion detection in the VANET. Our work targets to detect the intrusion and non-intrusion classes. Meanwhile, our proposed work can be used for the prevention of repetitive detection processes and therein it enhances the security by rewarding the vehicles. An experimental analysis is carried out to ensure its usage in detecting the malicious node from the resource constraint vehicles and also used to achieve better security, energy utilization and end-to-end delay.


INTRODUCTION
The emerging trend of vehicular technology leads to the addition of smart equipment in vehicles and advancement of the intelligent transportation system and self-driving vehicles. The communication among vehicles and the roadside unit (RSU) can be accomplished with the VANET which alerts the drivers about the traffic, emergency alerts, and safety messages [1,2]. The increase in mobility of vehicles, intricate topology, and diverse communication are the major possibilities of the VANET system to have been attacked by intruders. The main purpose of the intruders is to break the smart communication between the vehicles and RSUs. This might lead to damage in the VANET system and overcoming this intrusion detection system is the best choice [3].
The performance of the IDS relies on its deployed location in the cluster head, vehicles, and RSU and the conventional IDS contains three various architectures including distributed centralized and hybrid IDS [4]. Most probably the detection of various attacks by the traditional approaches is limited and it is necessary to design a precise approach to detect all types of abnormalities in the system. The centralized approach of software-defined networking (SDN) provides better flexibility and security throughout the network; however, a system bottleneck occurs due to failure in the single point. The issues in the SDN such as reliability and scalability are visibly moved by the distributed networks [5,6]. Moreover, the communication and computation overhead of the SDN controllers are also tackled by the distributed SDN via VANET. It also possesses some demerits and it is necessary to overcome them [7].
The securities of the vehicles are the most challenging ones since most of the vehicles are designed without considering the security system. However, they can perform communication without any delay but still increases the attacks [8]. This can be dealt with the conventional approaches such as encryption and neglecting the irrelevant nodes. Recently the vehicles are linked in the VANET and thus detect the attacks. So to secure the communication between the vehicles and RSUs a Blockchain-based collaborative intrusion detection approach is introduced for the VANETs. Different kinds of swarm-based optimization models such as particle swarm optimization, fish swarm optimization, Cuckoo Search algorithm, Glowworm Swarm Optimization (GSO), Genetic Algorithms (GA) etc. contains more searchability, less cost, less time execution and it is easy to solve the optimization problems. Tabu search creates a metaheuristics search technique that could really evaluate the optimum solution in addition to local optimization problems. The critical feature of Tabu Search is the use of adaptable storage to produce a much more adaptable behavior. PSO is the motion, which is controlled by two factors: information from particle to particle and iteration to iteration. The intrusion detection can be achieved with the SVM-based WSO approach. Prior to this the cluster head and cluster formulation are done with the Tabu Search-based Particle Swarm Optimization (TS-PSO) algorithm. This approach collaboratively trains the samples and achieves better detection.
The major contribution of this study is summarized as follows:  The Tabu Search-based Particle Swarm Optimization (TS-PSO) algorithm selects the optimal cluster heads.
 The blockchain-based security performs VANET security. Both intrusion and non-intrusion are detected via the novel War Strategy Optimization (WSO) based Support Vector Machine (SVM) model.

A. Problem Statement
Most vehicles are created without taking into account the security system, it is one of the most difficult areas to secure. They can communicate instantly, which makes attacks more common. Traditional methods, like encryption and ignoring unnecessary nodes, can be used to handle this. Recently, vehicles have been connected to the VANET, allowing them to detect threats.
Therefore, the existing studies created a Blockchain based collaborative intrusion detection approach for the VANETs to secure the connection between the cars and RSUs. The searchability, cost, and execution time of various swarm-based optimization models, such as fish swarm optimization, particle swarm optimization, glowworm swarm optimization, Cuckoo Search algorithm, genetic algorithms, and others, are higher. Tabu search develops a metaheuristics search method that can effectively access both the ideal solution and local optimization issues. The use of adaptable storage to create a significantly more adaptive behavior is a key component of Tabu Search. The SVM-based WSO technique can be used to detect intrusions.

II. LITERATURE REVIEW
A hybrid machine learning model was suggested by Bangui et al. [9] for the detection of intrusion in VANET. The Random Forest (RF) models were used to improve the accuracy of IDS. Compared to other methods, this RF model considerably improves the accuracy of detection based on the CICIDS2017 dataset. The detection accuracy is increased and the computational time is decreased but it failed to describe any security concept.
A hybrid data-driven model was introduced by Bangui et al. [10] for VANET intrusion detection. The explosive development in computing power deals to improve the IDS performance. The possible novel intruders were detected with the help of the post-detection stage. The corsets-based clustering and data classification were combined via a hybrid data-driven model. The computational overhead was less but the execution time was higher and had more complicated process.
In VANET, Zaidi et al. [11] suggested Host-based intrusion detection (H-ID). The statistical and graphical techniques represent the collection of extensive data. The rogue nodes were easily detected with the usage of different traffic conditions. According to the cooperative information, the application layer IDS were observed and evaluated with respect to the state-of-art results. Due to increased vehicular data, the computational complexity was also higher.
Based on ToN-IoT dataset, the machine learning (ML) techniques were suggested by Gad et al. [12] to detect the VANET intrusion. The ML techniques are the combination of Naive Bayes (NB), Support Vector Machine (SVM), XGBoost, Logistic Regression (LR), and k-Nearest Neighbor (kNN) and Decision Tree (DT). Both multi-class and binary classification issues were easily solved by using this ToN-IoT dataset. The class balancing was performed with the usage of the Synthetic minority oversampling technique. The higher feature dimensionality increases the overall complexity.
The deep learning (DL) model was suggested by Aboelfottoh et al. [13] for intrusion detection in ACVs and VANETs. More accurate and smarter IDS were made via deep learning thereby providing an efficient intrusion detection model but it failed to satisfy the security process. Based on the time series classification approach, the LSTM model was introduced by Yu et al. [14] for the VANETs intrusion detection system. The classification model of LSTM was used to enhance the false emergency message detection accuracy. For both collusion attack and normal scenarios, the time series feature vectors train and the traffic incident classifier were designed to identify traffic parameter patterns with higher computational difficulties.
The context of an intrusion detection system in VANET was designed by Gonçalves et al. [15]. Based on the geographic region, the publicly available VANET datasets were evaluated. The far more popular security policy was used to employ conventional instruments which can aid in the prevention of threats. In vehicular ad hoc networks, Alsarhan et al. [16] suggested an SVM-based intrusion detection system. This model outperformed classification accuracy with a better intrusion detection model and higher execution time than the existing methods such as PSO, ACO and GA. The distributed ensemble learning model was introduced by Ghaleb et al. [17] for misbehavior-aware on-demand collaborative IDS. The remote and locally trained classifiers were encompassed with the weighted random forest-based classifiers. Compared to the previous CIDS model, this distributed ensemble learning approach delineated 97% F1 score performances but the computational cost was higher and it needed more security during intrusion detection.

III. PROPOSED METHODOLOGY
The VANET are critical enablers of eventual collaborative transportation systems. Vehicles on VANETs exchange actual information regarding its location, congestion, and traffic conditions. Nevertheless, VANETs are vulnerable to threats that can result in existing circumstances. IDS depending on automotive collaboration to detect attackers in VANET were the most frequently proposed privacy model. The schematic diagram of the proposed intrusion detection model is shown in Fig. 1. The proposed methodology includes four stages namely cluster formation, cluster head selection, VANET security and Collaborative intrusion detection. Each of these stages is delineated in the following section. www.ijacsa.thesai.org

A. Cluster Formation
The stable vehicle cluster formations are the major step of this study. In this study, the K-means clustering algorithm was used to perform cluster formation. The edges were represented by using the distances between vehicles and the graph vertex act as each vehicle [18]. Based on roadside units (RSU) transmission region, the cluster formation of each vehicle was calculated. In the d-dimensional real vector, the observation set 14]. Within cluster square sum (WCSS) is minimized via the m observation partition into K-sets During cluster formation, the points mean S j in is Xj.

B. Cluster Head Selection
The space solution apart from local optimality was analyzed via Tabu Search (TS) to represent the search process. The component of TS is an adaptive memory, which is more efficient. In a similar period, the respective optima were not attained with multiple objectives. In a rapid manner, the TS had hard combinatorial optimization problems and which led to select the solution design [19]. The particle swarm optimization (PSO) model contains several advantages in case of a direction to initial converging towards local optima, less population diversity, resolving optimization and greater convergence [20]. Tabu Search is a powerful stochastic efficient algorithm that, in theory, might aggregate monotonically to a global optimum, but it required a lot of time to reach the close-to-global minimum. The algorithm can maintain population variety by incorporating TS into PSO as a local development phase, which prevented it from leading to an incorrect local optimal solution.
In this study, Tabu Search based Particle Swarm Optimization (TS-PSO) algorithm was used for the selection of cluster heads in VANET. While compared to the PSO algorithm, the TS takes less computational time with the average energy consumption during CH selection [21]. The tradeoff between both PSO and TS can be neglected by combining the TS-PSO algorithm.
The following steps explain the TS-PSO model for cluster head selection.
 Initialize the base station location and energy nodes.
 The TS-PSO algorithm with a maximum number of iterations is initialized.
 The base station corresponding to the node's distances is calculated via the cluster formation.
 Determine the local best position of the PSO algorithm.
 Tabu memory entries to zero. The initialization of the PSO solution with the Tabu list calculates the global best solution.
 In the Taby memory, create the entry and routes are swapped.
 Evaluate the fitness function of the next position and note the fitness value in the Tabu list.
 The most effective solution from the Tabu list is eliminated.
 Tabu Search based Particle Swarm Optimization (TS-PSO) algorithm is used to optimally select the cluster heads in VANET.

C. VANET Security based on Blockchain Model
The blockchain is made up of a collection of blocks that are linked together. A block is a decentralized network ledger that is connected simultaneously [22]. The actions inside the block are irreversible and unchangeable. Each block inside the blockchain is connected by the subsequent block's hash. Any changes to a single block will have an impact on the rest network. Furthermore, the information loaded into blocks are entirely open. The data transfer from one vehicle to another is the major security issue in VANET. No necessary data is detected by the vehicles before sharing in the VANET task manager. Consequently, there was a probability for updated data to be uploaded into the Vehicular network [23]. This blockchain security model that successfully maintains the security across the system, to overcome these issues. Blockchain is the distributed immutable ledger that can be used to record transactions and asset tracking.
If the vehicle user transfers through one RSU zone to the next, that following RSU requires the vehicle users to be really authorized. This one will substantially add significant cost and reduce the VANET system's performance. The assets might include tangible and intangible. The values in the blockchain can be tracked virtually by the authenticated user thus mitigating the risk and cost. With the distributed data sharing and storage capacity, it can also avoid the hazards of an attack and outage at a single location [24]. Furthermore, the integrity

D. Intrusion Detection
This section describes the war strategy optimization (WSO) based support vector machine (SVM) for collaborative intrusion detection in VANET.

1) Support Vector Machine (SVM):
The machine learning approach SVM [25] was used for intrusion detection in our proposed approach. This proposed approach is based on the WSO-SVM-based collaborative to detect the attacks and normal traffics. The data were represented in n-dimensional space and detection of intrusion was conducted by detecting the hyper-plane first and classifying the malicious node as intrusion and others as normal. The workflow of the proposed SVM is shown in Fig. 2.
To spate, the various points from the input the SVM utilizes the free parameters which rely on the separation margin as depicted in Fig. 3 [26]. However, there occur over fitting issues which can be rectified by the introduction of the WSO algorithm. The main reasons for utilizing the SVM are speed and scalability and also reduced complexity.

2) War Strategy Optimization (WSO)
a) This WSO is based on the war strategy followed by the ancient kings based on the mission objectives, struggles, threats, and prospects. War is a continuous process in which the armed soldiers simply get together and fight the enemies.
The numerical expression followed by the strategy that the troops follow the king or commander on the war field. To avert falling prey to local troops the soldiers follow the combined movement tactics along with the king and the commanders.

 Attack Strategy
The war strategies have two models in which the former follows the updated locations of the soldiers with respect to the locations of the king. The soldier with high attack and fitness abilities are considered king. At first, all the soldiers possess the same rank and position and update the ranking location based on the finishing of war strategy. At end of the war the soldier, commander, and king all pretend to be close to each other and can be formulated as, The current location of the soldiers is Ai and the updated locations are depicted as A i (t+1) the location of the commander is D and L is the location of the king with the weight of Vi.

 Up-gradation of rank and weight
The location of the soldiers can be updated with the location of the attack force. If the new location of the fitness (Fn) is lower than the current location (Fc) then the soldier will remain in the previous location [27].
Then the rank of the soldier is updated as shown below, The estimation of weights based on the rank can be performed as, The latter strategy was based on the up-gradation of locations of the king, commander, and a random soldier. The ranking and weight-up gradation follow the same strategy.
 Weak Soldiers replacement/relocation The detection of the worst soldiers is performed for each iteration and replaced with a random soldier as shown below, The next approach is to reposition the weak soldier to the median of the whole army as shown below, (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 14, No. 3, 2023 242 | P a g e www.ijacsa.thesai.org

3) Enhancement of WSO-based SVM for intrusion detection.
 This proposed approach maintained the balance between exploitation and exploration.
 Each soldier (solution) maintained a unique weight with respect to the rank.
 After finishing the fitness step the weight of the soldiers got updated.
 At the starting stage of iteration the weights changed in large amount and decreases towards the end and this will result in a global optimum value.
 The stated approach simply increases the convergence speed and leads to less computation complexity.

4) Optimized SVM-based collaborative intrusion detection:
The machine learning approach SVM provides efficient intrusion detection, and swift implementation, and is simple in nature. However, it possessed some shortcomings like over fitting issues and higher complexities [28]. These were tackled by the WSO algorithm which increased the convergence speed and searchability and increased the detection speed and accuracy. Thus the merging of WSO and SVM is performed in this proposed collaborative intrusion detection approach. The position parameters of SVM are updated by the fitness function of the proposed WSO algorithm. The schematic structure of the proposed WSO-SVM-based collaborative intrusion detection in VANET is illustrated in Fig. 4.

IV. RESULT AND DISCUSSION
This section discusses the experimental investigation of a proposed framework based on collaborative intrusion detection in VANET. The GTX1050 GPU at 16GB RAM and Intel Core i5-8300H CPU with Tensorflow 1.15 on a GPU-based computer based on NS-2 implement the experimental results [29]. Table I explains the parametric description based on the proposed framework.
In this study, the KDD99 dataset was used for experimental investigation [30]. There were five million records involved in the KDD99 dataset and 41 features described these records.

A. Performance Measures
The performance metrics such as accuracy (A), precision (P) and recall (R) are used to validate the effectiveness of proposed framework [30], [31]. The following equations explain all these performance measures for intrusion detection performance efficiency.
Where, the number of correctly predicted intrusion and the number of correctly predicted non-intrusion classes are true positive (T P ) and true negative (T N ). Moreover, a number of incorrectly predicted intrusion and the number of incorrectly predicted non-intrusion classes are true positive (F P ) and true negative (F N ).

B. Evaluation based on Performance
The analysis of accuracy is plotted in Fig. 5. A different number of nodes such as 10, 20, 30, 40 and 50 are used for the analysis of accuracy. The methods like RF, HDDM, H-ID, and ML are proposed. However, these proposed method offers superior accuracy than previous methods like RF, HDDM, H-ID, and ML in terms of all nodes. www.ijacsa.thesai.org The graphical representation of energy consumption results is plotted in Fig. 6. The methods including RF, HDDM, H-ID, and ML with proposed methods are taken as the state-of-art methods. There are 50 nodes which were taken for this investigation. The proposed method consumed less energy while comparing to the existing methods such as RF, HDDM, H-ID, and ML.   The performance evaluation of this proposed technique based on security was analyzed and compared with state-of-art work such as RF, HDDM, H-ID, and ML and reported in Table  II. Since this proposed work utilized a collaborative blockchain-based WSO-SVM technique, it effectively secured the VANET system and avoided the vehicles from attacking. The security of the proposed approach is 95.89% and the other approaches RF, HDDM, H-ID, and ML provide security of 91.9%, 89.06%, 90.56%, and 93.23% respectively. The evaluation based on the performance metrics was estimated and compared with state-of-art works such as RF, HDDM, H-ID, and ML, as stated in Table III. From the table III, it is clear that due to the inclusion of WSO along with the SVM classifier our approach provided better accuracy, precision, and recall of about 96.48%, 95.89%, and 96.56% respectively. Meanwhile, the other existing approaches show lacking strategies for above-stated metrics than this proposed approach.

V. CONCLUSION
This article introduced a collaborative-based vehicular ad hoc network intrusion detection system using an optimized support vector machine. The cluster formation has been performed via k-means clustering. The Tabu Search-based Particle Swarm Optimization (TS-PSO) algorithm has been used to select the cluster heads for the formulated cluster. The suggested strategy helped to reduce the delay in the transmission of data by improving throughput and energy efficiency. The security of the proposed VANET system has been accomplished with the utilization of blockchain and enhanced its reliability. Additionally, the trust-based collaboration intrusion detection on the VANET can be performed using the optimized SVM model. The KDD99 dataset has been utilized and simulated with NS-2 software to analyze the performance of the proposed work. The proposed method offers minimum energy consumption as well as an end-to-end delay compared to the existing methods such as RF, HDDM, H-ID, and ML with the consideration of 50 nodes. The proposed strategy has a security level of 95.89%, while the www.ijacsa.thesai.org other approaches-RF, HDDM, H-ID, and ML-offer security levels of 91.9%, 89.06%, 90.56%, and 93.23% correspondingly.
This study has few challenges in which the efficiency and accuracy of the intrusion detection framework can be enhanced via granularity and in-depth monitoring. The usage of different protocols and data diversity of the modern VANET networks induces a high level of complexity when identifying the intrusions in future.