Transformer Model with Multi-Type Classification Decisions for Intrusion Attack Detection of Track Traffic and Vehicle

Security vulnerabilities, illustrated by the menace of track traffic or vehicle hacking, present a substantial risk to the Controller Area Network (CAN) bus, enabling unauthorized remote access and intrusion. Nevertheless, existing vehicle intrusion detection models encounter challenges in capturing temporal aspects, compromising the preservation of temporal attributes in the data. Addressing this predicament, we propose a novel Vehicle Intrusion Detection System (PTIDS) model based on Principal Component Analysis (PCA) and Transformer architecture, equipped with multi-type classification decisions. This model utilizes the PCA algorithm to preprocess the data and employs a multi-head self-attention mechanism to simulate the continuous input of the real-world environment in vehicle or track traffic data. Experimental results demonstrate that the PTIDS model outperforms traditional neural networks regarding accuracy, precision, recall, and F1-score for vehicle intrusion detection, confirming the importance of temporal variables in intrusion detection. However, owing to the high accuracy and low discrimination of the PTIDS model on the Car Hacking dataset, we migrated the model to the M-CAN and B-CAN intrusion datasets and conducted ablation experiments. The results reveal that the model achieved an accuracy of 90.14% on the M-CAN dataset, surpassing other models by 54.5%, demonstrating robust generalization ability.