An Automated Threat Intelligence Framework for Vehicle Road Cooperation Systems

Vehicle-road cooperation systems (VRCSs) use next-generation Internet technologies, including 5G, edge computing, and artificial intelligence to improve mobility, comfort, and travel efficiency. Internet of Vehicles (IoV) ecosystem serves as the technological backbone for VRCS by enabling seamless communication and data exchange between vehicles, infrastructure, and traffic management centers. This enables real-time, high-speed communication, efficient data processing, and enhanced security, fostering the development of autonomous driving, smart traffic management, and seamless connectivity within the VRCS ecosystem. At the same time, cyber attacks have become more complex, persistent, organized, and weaponized in IoV network. Threat intelligence (TI) has emerged as a prominent security approach to obtain a complete view of the dynamically growing cyber threat environment. On the other hand, modeling TI is a challenging task due to the limited labels available for different cyber threat sources. Second, most of the available designs require a large investment of resources and use handcrafted features, making the entire process error-prone and time-consuming. To tackle these challenges, this article presents TIMIF, a deep-learning-based TI modeling and identification framework for intelligent IoV and is based on three key modules: first, the proposed TIMIF adopts an automated pattern extractor (APE) module to extract hidden patterns from IoV networks. Employing its output, we design a TI-based detection (TIBD) module to detect abnormal behavior and TI-attack type identification (TIATI) module to identify attack types. Extensive experiments are carried out on three different publicly intrusion data sources, namely, HCRL-car hacking, ToN-IoT, and CICIDS-2017 to illustrate the utility of the TIMIF framework over some commonly used baselines and state-of-the-art techniques.