DroneGuard: An Explainable and Efficient Machine Learning Framework for Intrusion Detection in Drone Networks
Vivian Ukamaka Ihekoronye, Simeon Okechukwu Ajakwe, Jae‐Min Lee, Dong‐Seong Kim
Abstract
Vulnerabilities in drone networks stem from the reliance on GPS and wireless communication technologies, combined with the lack of robust security mechanisms. This study proposes DroneGuard, a comprehensive cybersecurity framework leveraging supervised machine learning (ML) and explainable artificial intelligence (XAI) to detect intrusions and provide insights into the decision-making process of the security model. We explored various feature selection techniques to design a lightweight model suitable for the resource constraints of drones. Additionally, the synthetic minority oversampling technique (SMOTE) is employed to balance target class distribution and mitigate performance degradation, while randomized search cross-validation (RSCV) aids in selecting optimal hyperparameters for model training. Simulation experiments were conducted using a real-time GPS dataset for autonomous vehicles and a cybersecurity dataset containing variants of Denial of Service (DoS) attacks to evaluate the models’ performance. Comparison with four ML models using essential evaluation metrics validated the robust performance of the decision tree model, which detected spoofed GPS signals and DoS attacks with high accuracy, low-computational complexity, and minimal false alarm rates. Furthermore, the Shapley additive explanation (SHAP) provides intuitive visual explanations of important features contributing to the detection and classification of both GPS spoofing and DoS attacks. Therefore, DroneGuard offers effective and interpretable security solutions for enhanced drone application and adoption.