Citation
Amin, Md Al and Ahsan, Mohammad Shafat and Maua, Jannatul and Eva, Arifa Akter and Mridha, M. F. and Hossen, Md. Jakir (2026) Look-Ahead Cyber-Threat Forecasting for Connected and Automated Transport: A Spatio-Temporal Graph Learning Approach. IEEE Open Journal of Intelligent Transportation Systems. p. 1. ISSN 2687-7813|
Text
6.pdf - Published Version Restricted to Repository staff only Download (5MB) |
Abstract
Modern intelligent transportation systems (ITS) increasingly rely on connected electronic control units (ECUs), exposing in-vehicle networks to cyber-attacks such as message injection on the Controller Area Network (CAN) bus. While prior work has focused on post-factum detection, this paper addresses the underexplored task of forecasting cyber-attacks before they occur. We propose a spatio-temporal graph neural network (STGNN) architecture that models CAN traffic as a dynamic graph sequence, where nodes represent active CAN IDs and edges capture statistical co-activation patterns. Each graph snapshot encodes temporal features such as inter-arrival statistics and entropy, and is processed using graph attention layers followed by a multi-head temporal self-attention module. We evaluate the proposed method on two real-world datasets: Car-Hacking and OTIDS, comprising over 6.5 million labeled CAN frames from a Kia Soul under multiple attack scenarios. Experimental results show that STGNN achieves an area under the ROC curve (AUC) of 0.97, F1-score of 0.94, and a Brier score of 0.040 at a 1-second forecasting horizon on Car-Hacking, and maintains strong performance on OTIDS (AUC 0.91, F1 0.87) even though its rule-based labeling may introduce inconsistencies. The model outperforms six baseline methods across all lead times and demonstrates robustness under cross-dataset transfer and architectural variation. These findings confirm the feasibility of accurate, real-time cyberattack forecasting for automotive systems and highlight the utility of spatio-temporal graph learning for predictive cybersecurity in ITS.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | Cybersecurity, CAN bus, intelligent transportation systems, attack forecasting, graph neural networks, spatio-temporal modeling, vehicular networks |
| Subjects: | T Technology > TL Motor vehicles. Aeronautics. Astronautics > TL1-484 Motor vehicles. Cycles |
| Divisions: | Faculty of Engineering and Technology (FET) |
| Depositing User: | Ms Suzilawati Abu Samah |
| Date Deposited: | 03 Mar 2026 03:26 |
| Last Modified: | 03 Mar 2026 03:26 |
| URII: | http://shdl.mmu.edu.my/id/eprint/15435 |
Downloads
Downloads per month over past year
Edit (login required) |
