Detection and mitigation of distributed denial of service attacks in vehicular ad hoc network using a spatiotemporal deep learning and reinforcement learning approach
Naramalli Jayakrishna, N. Narayanan Prasanth
Abstract
• The DDoS detection model uses Spatio-temporal LSTM Networks with attention mechanisms, Graph Convolutional Networks (GCNs), and the GhostNet model to understand the dependencies and detect anomalous communication. • Crayfish Ant Colony Optimization (CFACO) is applied to perform feature selection. • Reinforcement Learning-based Adaptive Rate Limiting (RL-ARL) is suggested for rate controlling depending on the DDoS attack level. • The proposed model achieved an accuracy of 99.14 %, specificity of 99.06 %, and a precision of 99.17 % for the 80 % of the training data split. The increasing adoption of Vehicular Ad Hoc Networks (VANETs) in Intelligent Transportation Systems (ITS) has led to heightened concerns regarding cybersecurity threats, particularly Distributed Denial of Service (DDoS) attacks. These attacks can severely disrupt network communication, compromise vehicular safety, and degrade transportation efficiency. To address this challenge, this paper proposes an advanced spatiotemporal deep learning framework for real-time DDoS attack detection and mitigation in VANETs. The proposed Graph Convolutional Long Short-Term Memory (GC-LSTM)-GhostNet model leverages spatial and temporal traffic analysis to identify malicious activities. Data preprocessing techniques, including outlier removal and Symbolic Aggregate Approximation (SAX), enhance data quality for robust feature extraction. Feature selection is optimized using the Crayfish Ant Colony Optimization (CFACO) algorithm, ensuring the most relevant attributes are utilized for detection. The detection module integrates Spatio-temporal LSTM Networks with attention mechanisms, Graph Convolutional Networks (GCNs), and GhostNet to improve accuracy and adaptability in recognizing anomalous traffic patterns. Additionally, Reinforcement Learning-based Adaptive Rate Limiting (RL-ARL) dynamically adjusts rate controls based on the severity of detected DDoS attacks, effectively mitigating their impact. To further enhance network security, an integrated dual trapdoor function ensures tamper-proof authentication and encryption, safeguarding communication integrity. Experimental results demonstrate that the proposed framework significantly outperforms existing models, achieving 99.14 % accuracy, 99.06 % specificity, and 99.17 % precision in real-time DDoS detection and mitigation. These findings highlight the effectiveness of the proposed approach in strengthening the resilience of VANETs against cyber threats, making a substantial contribution to secure vehicular communication.