Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Detection of cyberattacks in in-vehicle networks using a hierarchical federated learning framework

Althunayyan, Muzun 2025. Detection of cyberattacks in in-vehicle networks using a hierarchical federated learning framework. PhD Thesis, Cardiff University.
Item availability restricted.

[thumbnail of Muzun Althunayyan, PhD Thesis]
Preview
 PDF (Muzun Althunayyan, PhD Thesis) - Accepted Post-Print Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Download (28MB) | Preview
[thumbnail of Cardiff University Electronic Publication Form] PDF (Cardiff University Electronic Publication Form)
Restricted to Repository staff only
Download (304kB)

Abstract

Connected and Autonomous Vehicles (CAVs) are expected to become the backbone of future transportation systems. However, the primary protocol for in-vehicle communication, the Controller Area Network (CAN) bus, was not designed with security in mind. As CAVs become increasingly interconnected, this lack of built-in security exposes them to a range of cyberattacks, posing significant risks, including the potential loss of human life. Machine Learning (ML)-based Intrusion Detection Systems (IDSs) have proven effective in identifying cyberattacks on in-vehicle networks. However, existing studies often overlook three critical requirements for in-vehicle IDSs: robustness, resource constraints, and the deployment environment. The overarching aim of this thesis is to improve the security of in-vehicle networks by first analysing CAN bus data to assess the feasibility and effectiveness of feature selection techniques for building a robust IDS. Based on these findings, we propose a novel, multi-stage IDS designed to detect and classify known attacks while also identifying previously unseen attacks. Although the proposed IDS leverages Deep Learning (DL) algorithms, it remains lightweight with a low memory footprint. Most existing approaches rely on centralised training for deployment, which involves transmitting raw data to a central server, raising significant privacy concerns. Federated Learning (FL) addresses these issues by enabling local model training and transmitting model updates instead of raw data. To further enhance IDS robustness, preserve data privacy, and overcome the single point of failure in standard FL, the proposed IDS is deployed within a simulated Hierarchical Federated Learning (H-FL) framework. This framework incorporates multiple edge servers and a central aggregator, enabling collaborative learning from diverse data sources and improving the detection of unknown attacks beyond the coverage of any single server.

Item Type: Thesis (PhD)
Date Type: Completion
Status: Unpublished
Schools: Schools > Computer Science & Informatics
Subjects: Q Science > QA Mathematics > QA76 Computer software
Date of First Compliant Deposit: 27 February 2026
Date of Acceptance: 26 February 2026
Last Modified: 27 Feb 2026 14:54
URI: https://orca.cardiff.ac.uk/id/eprint/185347

Actions (repository staff only)

Edit Item Edit Item
Download Statistics

Downloads

Downloads per month over past year

View more statistics

CORE (COnnecting REpositories)


Maintained by Cardiff University IT