Comprehensive Host-Based Malicious BehaviourDetection in VANETs

Given the safety-critical nature of Vehicular Ad Hoc Networks (VANETs), ensuring real-time security requires both prompt detection of attacks and accurate identification of the malicious nodes involved. In this context, we introduce ADVENT (Attack/Anomaly Detection in VANETs), a comprehensive system that addresses both tasks simultaneously, bridging a critical gap in prior work, which often treats these components in isolation. Through its use of Federated Learning (FL), ADVENT also addresses privacy concerns for data coming from each node, a requirement that is often overlooked in prior work. No prior work contains all of these elements together. A key strength of ADVENT lies in its lightweight feature engineering module, which reduces computational complexity to \((\mathcal{O}(n))\) using a single operation strategy, unlike the multi-step and resource-intensive approaches commonly found in related systems. In addition, the federated design of ADVENT minimizes communication overhead and protects sensitive data, improving its applicability in real-world VANET environments.