Unveiling intrusions: explainable SVM approaches for addressing encrypted Wi-Fi traffic in UAV networks
Künye
Bayrak, S. Unveiling intrusions: explainable SVM approaches for addressing encrypted Wi-Fi traffic in UAV networks. Knowl Inf Syst 66, 6675–6695 (2024). https://doi.org/10.1007/s10115-024-02181-9.Özet
Unmanned aerial vehicles (UAVs), also known as drones, have become instrumental in
various domains, including agriculture, geographic information systems, media, logistics,
security, and defense. These UAVs often rely on wireless communication networks for data
transmission, making them vulnerable to cyberattacks. To address these challenges, it is necessary to detect potential threats by analyzing the encrypted Wi-Fi traffic data generated by
UAVs. This study aimed to develop a linear SVM model that is enhanced with explainable
artificial intelligence (XAI) techniques and fine-tuned using Bayesian optimization for intrusion detection systems (IDSs); the model is specifically designed to identify malware threats
targeting UAVs. This research utilized encrypted Wi-Fi traffic data derived from three different UAV networks, namely, Parrot Bebop 1, DBPower UDI, and DJI Spark, while considering
unidirectional and bidirectional communication flow modes. SVM-based intrusion detection
models have been modeled on these datasets, identified their key features using the local
interpretable model-agnostic explanations (LIME) technique, and conducted a cost analysis
of the proposed modeling approach. The incorporation of the LIME method enabled to highlight the features that are highly indicative of cyberattacks and provided valuable insights
into the importance of each feature in the context of intrusion detection. In conclusion, this
interpretable IDS model, fine-tuned with Bayesian optimization, demonstrated its superiority
over the state-of-the-art methods, proving its efficacy in detecting and mitigating threats to
UAVs while offering a cost-effective solution
WoS Q Kategorisi
Q2Q3